Skip to main content
CVE-2019-14510 MEDIUM POC This Month

An issue was discovered in Kaseya VSA RMM through 9.5.0.22. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Vsa
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-17176 MEDIUM POC This Month

Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPanel.jsp or HtmlChatFrameSet.jsp (ActionColor, ClientNickNameColor, Email, email, or email_address parameter). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Eservices Chat
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2019-17504 MEDIUM POC This Month

An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dynamic Resource Scheduling
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
2.8%
CVE-2019-17503 MEDIUM POC THREAT This Month

An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Dynamic Resource Scheduling
NVD GitHub Exploit-DB
CVSS 3.1
5.3
EPSS
49.2%
CVE-2019-6333 MEDIUM This Month

A potential security vulnerability has been identified with certain versions of HP Touchpoint Analytics prior to version 4.1.4.2827. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

HP RCE Touchpoint Analytics
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-17497 MEDIUM This Month

Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pdf Xchange Editor
NVD GitHub
CVSS 3.1
6.5
EPSS
6.5%
CVE-2019-17496 MEDIUM PATCH This Month

Craft CMS before 3.3.8 has stored XSS via a name field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Craft Cms
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2019-2187 MEDIUM PATCH This Month

In nfc_ncif_decode_rf_params of nfc_ncif.cc, there is a possible out of bounds read due to an integer underflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2019-2183 MEDIUM PATCH This Month

In generateServicesMap of RegisteredServicesCache.java, there is a possible account protection bypass due to a caching optimization. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2019-2110 MEDIUM PATCH This Month

In ScreenRotationAnimation of ScreenRotationAnimation.java, there is a possible capture of a secure screen due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy