Skip to main content
CVE-2019-12311 MEDIUM POC This Month

Sandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS File Upload Centraleyezer
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2019-12299 MEDIUM POC This Month

Sandline Centraleyezer (On Premises) allows Stored XSS using HTML entities in the name field of the Category section. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Centraleyezer
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2019-5102 MEDIUM POC This Month

An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Openwrt
NVD
CVSS 3.1
5.9
EPSS
0.8%
CVE-2019-5101 MEDIUM POC This Month

An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Openwrt
NVD
CVSS 3.1
5.9
EPSS
0.8%
CVE-2019-5688 MEDIUM This Month

NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Information Disclosure Gpumodeswitch Nvflash +1
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-17085 MEDIUM This Month

XXE attack vulnerability on Micro Focus Operations Agent, affected version 12.0, 12.01, 12.02, 12.03, 12.04, 12.05, 12.06, 12.10, 12.11. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Operations Agent
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2019-10763 MEDIUM PATCH This Month

pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Pimcore
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2019-19046 MEDIUM PATCH This Month

A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Linux Linux Kernel Fedora Leap
NVD GitHub
CVSS 3.1
6.5
EPSS
2.7%
CVE-2019-15054 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Mailbird before 2.7.5.0 r allow remote attackers to execute arbitrary JavaScript in a privileged context via a crafted HTML mail message. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mailbird
NVD
CVSS 3.1
6.1
EPSS
2.7%
CVE-2019-10070 MEDIUM PATCH This Month

Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apache Atlas
NVD
CVSS 3.1
6.1
EPSS
1.8%
CVE-2019-17057 MEDIUM This Month

Footy Tipping Software AFL Web Edition 2019 allows XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Tipping Software
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2019-19081 MEDIUM PATCH This Month

A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Linux Linux Kernel Leap Enterprise Linux
NVD GitHub
CVSS 3.1
5.9
EPSS
3.3%
CVE-2019-19080 MEDIUM PATCH This Month

Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Linux Linux Kernel Leap
NVD GitHub
CVSS 3.1
5.9
EPSS
2.8%
CVE-2019-19076 MEDIUM PATCH This Month

A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Linux Linux Kernel Ubuntu Linux Enterprise Linux
NVD GitHub
CVSS 3.1
5.9
EPSS
3.2%
CVE-2019-18373 MEDIUM This Month

Norton App Lock, prior to 1.4.0.503, may be susceptible to a bypass exploit. Rated medium severity (CVSS 5.6). No vendor patch available.

Authentication Bypass Norton App Lock
NVD
CVSS 3.1
5.6
EPSS
0.3%
CVE-2019-19077 MEDIUM PATCH This Month

A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Ubuntu Linux Leap
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2019-19055 MEDIUM PATCH This Month

A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Ubuntu Linux Fedora Linux Kernel
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2019-19051 MEDIUM PATCH This Month

A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Ubuntu Linux Debian Linux +1
NVD GitHub
CVSS 3.1
5.5
EPSS
0.6%
CVE-2019-19047 MEDIUM PATCH This Month

A memory leak in the mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Ubuntu Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.5%
CVE-2019-19043 MEDIUM PATCH This Month

A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Intel Linux Kernel Ubuntu Linux +1
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2019-19085 MEDIUM This Month

A persistent cross-site scripting (XSS) vulnerability in Octopus Server 3.4.0 through 2019.10.5 allows remote authenticated attackers to inject arbitrary web script or HTML. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Server
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-3423 MEDIUM This Month

permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal C520V21 Firmware
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2019-19083 MEDIUM PATCH This Month

Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). Rated medium severity (CVSS 4.7).

Denial Of Service Linux Amd Linux Kernel Ubuntu Linux +1
NVD GitHub
CVSS 3.1
4.7
EPSS
0.5%
CVE-2019-19082 MEDIUM PATCH This Month

Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). Rated medium severity (CVSS 4.7).

Denial Of Service Linux Amd Linux Kernel Ubuntu Linux +1
NVD GitHub
CVSS 3.1
4.7
EPSS
0.4%
CVE-2019-19066 MEDIUM PATCH This Month

A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Linux Kernel Ubuntu Linux Debian Linux +3
NVD GitHub
CVSS 3.1
4.7
EPSS
0.5%
CVE-2019-19065 MEDIUM PATCH This Month

A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Linux Kernel Ubuntu Linux Leap
NVD GitHub
CVSS 3.1
4.7
EPSS
0.5%
CVE-2019-19062 MEDIUM PATCH This Month

A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Linux Kernel Ubuntu Linux Debian Linux +3
NVD GitHub
CVSS 3.1
4.7
EPSS
0.6%
CVE-2019-19059 MEDIUM PATCH This Month

Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Intel Linux Kernel Ubuntu Linux +1
NVD GitHub
CVSS 3.1
4.7
EPSS
0.4%
CVE-2019-19058 MEDIUM PATCH This Month

A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Intel Linux Kernel Ubuntu Linux +2
NVD GitHub
CVSS 3.1
4.7
EPSS
0.4%
CVE-2019-19056 MEDIUM PATCH This Month

A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Linux Kernel Ubuntu Linux Debian Linux +2
NVD GitHub
CVSS 3.1
4.7
EPSS
0.4%
CVE-2019-19054 MEDIUM PATCH This Month

A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Linux Kernel Ubuntu Linux Fedora +14
NVD GitHub
CVSS 3.1
4.7
EPSS
0.4%
CVE-2019-19068 MEDIUM PATCH This Month

A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Ubuntu Linux Debian Linux +3
NVD GitHub
CVSS 3.1
4.6
EPSS
0.5%
CVE-2019-19063 MEDIUM PATCH This Month

Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption),. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Sd Wan Edge Ubuntu Linux +15
NVD GitHub
CVSS 3.1
4.6
EPSS
0.9%
CVE-2019-19072 MEDIUM PATCH This Month

A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Denial Of Service Linux Ubuntu Linux Fedora Linux Kernel +1
NVD GitHub
CVSS 3.1
4.4
EPSS
0.4%
CVE-2019-19067 MEDIUM PATCH This Month

Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Denial Of Service Linux Amd Linux Kernel Ubuntu Linux +1
NVD GitHub
CVSS 3.1
4.4
EPSS
0.5%
CVE-2019-19045 MEDIUM PATCH This Month

A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Ubuntu Linux Leap
NVD GitHub
CVSS 3.1
4.4
EPSS
0.6%
CVE-2019-19084 MEDIUM This Month

In Octopus Deploy 3.3.0 through 2019.10.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted package, triggering an exception that exposes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Octopus Deploy
NVD GitHub
CVSS 3.1
4.3
EPSS
0.7%
CVE-2019-19073 MEDIUM PATCH This Month

Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Fedora Leap
NVD GitHub
CVSS 3.1
4.0
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy