Skip to main content
CVE-2019-10219 MEDIUM POC PATCH This Month

A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hibernate Validator Fuse Jboss Data Grid Jboss Enterprise Application Platform +184
NVD GitHub
CVSS 3.1
6.1
EPSS
2.2%
CVE-2019-14860 MEDIUM This Month

It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cors Misconfiguration Fuse Syndesis
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2019-14824 MEDIUM This Month

A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure 389 Directory Server Enterprise Linux Debian Linux
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2019-16210 MEDIUM This Month

Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Brocade Sannav
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2019-16206 MEDIUM This Month

The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ‘trace’ and the 'debug' logging level; which could allow a local authenticated attacker. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Brocade Sannav
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2019-3866 MEDIUM This Month

An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Openstack Mistral
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-13557 MEDIUM This Month

In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an information exposure vulnerability which may allow a remote attacker to access system and configuration information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tasy Emr Tasy Webportal
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2019-13535 MEDIUM This Month

In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN-not available in the United States) version. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Valleylab Ft10 Energy Platform Firmware Valleylab Ls10 Energy Platform Firmware
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2019-13531 MEDIUM This Month

In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN-not available in the United States) version. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Valleylab Ft10 Energy Platform Firmware Valleylab Ls10 Energy Platform Firmware
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2019-15005 MEDIUM This Month

The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Atlassian Troubleshooting And Support Bamboo Bitbucket +5
NVD
CVSS 3.1
4.3
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy