Skip to main content
CVE-2019-10223 MEDIUM POC PATCH This Month

A security issue was discovered in the kube-state-metrics versions v1.7.0 and v1.7.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Kube State Metrics Openshift Container Platform
NVD GitHub
CVSS 3.1
6.5
EPSS
1.8%
CVE-2019-5068 MEDIUM POC PATCH This Month

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Mesa Leap Debian Linux Ubuntu Linux
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2019-8108 MEDIUM PATCH This Month

Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Adobe Magento
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2019-8107 MEDIUM PATCH This Month

An arbitrary file deletion vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Adobe Magento
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2019-8090 MEDIUM PATCH This Month

An arbitrary file deletion vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Adobe Magento
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2019-1877 MEDIUM This Month

A vulnerability in the HTTP API of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to download files attached through chat sessions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Enterprise Chat And Email
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2019-6142 MEDIUM This Month

It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Email Security Security Manager
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2019-1981 MEDIUM This Month

A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Firepower Services Software For Asa Firepower Threat Defense Secure Firewall Management Center
NVD
CVSS 3.1
5.8
EPSS
1.0%
CVE-2019-1978 MEDIUM POC This Month

A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Firepower Services Software For Asa Firepower Threat Defense Secure Firewall Management Center
NVD Exploit-DB
CVSS 3.1
5.8
EPSS
9.4%
CVE-2019-1734 MEDIUM This Month

A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Firepower Extensible Operating System Nx Os
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-8120 MEDIUM PATCH This Month

A stored cross-site scripting (XSS) vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Adobe Magento
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-8117 MEDIUM PATCH This Month

A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Adobe Magento
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-8092 MEDIUM PATCH This Month

A reflected cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Adobe Magento
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-8123 MEDIUM PATCH This Month

An insufficient logging and monitoring vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Adobe Magento
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2019-8118 MEDIUM PATCH This Month

Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 uses weak cryptographic function to store the failed login attempts for customer accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Adobe Magento
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2019-8113 MEDIUM PATCH This Month

Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1 uses cryptographically weak random number generator to brute-force the confirmation code for customer registration. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Adobe Magento
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2019-1982 MEDIUM This Month

A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Firepower Services Software For Asa Firepower Threat Defense Secure Firewall Management Center
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2019-1980 MEDIUM This Month

A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Firepower Services Software For Asa Firepower Threat Defense Secure Firewall Management Center
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2019-8126 MEDIUM PATCH This Month

An XML entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Information Disclosure Adobe Magento
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2019-8124 MEDIUM PATCH This Month

An insufficient logging and monitoring vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Adobe Magento
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2019-8115 MEDIUM PATCH This Month

A reflected cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

XSS Adobe Magento
NVD
CVSS 3.1
4.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy