Skip to main content
CVE-2019-2969 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
6.2
EPSS
0.7%
CVE-2019-12718 MEDIUM This Month

A vulnerability in the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Sf250 24 Firmware Sf250 24P Firmware Sf250 48 Firmware +105
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2019-12705 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Telepresence Video Communication Server
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2019-3014 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Performance Monitor). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2019-2985 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-2952 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Food And Beverage Applications
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-2931 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2019-2929 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2019-2915 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-2889 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-2886 MEDIUM PATCH This Month

Vulnerability in the Oracle Forms product of Oracle Fusion Middleware (component: Services). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Forms
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2019-17663 MEDIUM This Month

D-Link DIR-866L 1.03B04 devices allow XSS via HtmlResponseMessage in the device common gateway interface, leading to common injection. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS D-Link Dir 866L Firmware
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2019-3031 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.9%
CVE-2019-3005 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.6%
CVE-2019-3002 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.6%
CVE-2019-2984 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.6%
CVE-2019-2958 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +8
NVD
CVSS 3.1
5.9
EPSS
2.6%
CVE-2019-2896 MEDIUM PATCH This Month

Vulnerability in the MICROS Relate CRM Software product of Oracle Retail Applications (component: Internal Operations). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle Micros Relate Customer Relationship Management Software
NVD
CVSS 3.1
5.9
EPSS
1.4%
CVE-2019-2884 MEDIUM PATCH This Month

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Segment). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle Retail Customer Management And Segmentation Foundation
NVD
CVSS 3.1
5.9
EPSS
1.4%
CVE-2019-3022 MEDIUM PATCH This Month

Vulnerability in the Oracle Content Manager product of Oracle E-Business Suite (component: Content). Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Content Manager
NVD
CVSS 3.1
5.8
EPSS
1.1%
CVE-2019-2979 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Payments). Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Flexcube Direct Banking
NVD
CVSS 3.1
5.7
EPSS
1.1%
CVE-2019-2956 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS (jackson-databind) component of Oracle Database Server. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
5.7
EPSS
1.1%
CVE-2019-17435 MEDIUM This Month

A Local Privilege Escalation vulnerability exists in the GlobalProtect Agent for Windows 5.0.3 and earlier, and GlobalProtect Agent for Windows 4.1.12 and earlier, in which the auto-update feature. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Privilege Escalation Microsoft Globalprotect
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-2991 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
5.5
EPSS
2.5%
CVE-2019-15270 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Firepower Management Center Firmware
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-12702 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to conduct cross-site scripting attacks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Spa112 Firmware Spa122 Firmware
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-12638 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Identity Services Engine
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-12637 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Identity Services Engine
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-3019 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Digital Experience product of Oracle Financial Services Applications (component: Loan Calculator). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Banking Digital Experience
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-15282 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Identity Services Engine Software
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2019-3027 MEDIUM PATCH This Month

Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Login Help). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Application Object Library
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2019-3012 MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: BI Platform Security). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence
NVD
CVSS 3.1
5.3
EPSS
1.7%
CVE-2019-3001 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise SCM eProcurement product of Oracle PeopleSoft (component: eProcurement). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Scm Eprocurement
NVD
CVSS 3.1
5.3
EPSS
1.5%
CVE-2019-2993 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: C API). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2935 MEDIUM PATCH This Month

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Siebel Ui Framework
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2019-2924 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2923 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2922 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2920 MEDIUM PATCH This Month

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle MySQL Ubuntu Linux
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2888 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: EJB Container). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
5.3
EPSS
5.2%
CVE-2019-2765 MEDIUM PATCH This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Rated medium severity (CVSS 5.3).

Denial Of Service Oracle Solaris
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2019-12703 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SPA122 ATA with Router Devices could allow an unauthenticated, adjacent attacker to conduct cross-site scripting attacks. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Spa122 Firmware
NVD
CVSS 3.1
5.2
EPSS
0.4%
CVE-2019-2939 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
5.0
EPSS
1.1%
CVE-2019-2913 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
5.0
EPSS
1.1%
CVE-2019-3003 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2019-2998 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2019-2997 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2019-2982 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2019-2968 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2019-2963 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy