Skip to main content
CVE-2019-19466 MEDIUM POC This Month

SCEditor 2.1.3 allows XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Sceditor
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2019-19602 MEDIUM POC PATCH This Month

fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of service (memory corruption) or. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Linux Linux Kernel Ubuntu Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2019-19596 MEDIUM POC This Month

GitBook through 2.6.9 allows XSS via a local .md file. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Gitbook
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-19546 MEDIUM This Month

Norton Password Manager, prior to 6.6.2.5, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Password Manager
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2019-11255 MEDIUM PATCH This Month

Improper input validation in Kubernetes CSI sidecar containers for external-provisioner (<v0.4.3, <v1.0.2, v1.1, <v1.2.2, <v1.3.1), external-snapshotter (<v0.4.2, <v1.0.2, v1.1, <1.2.2), and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Kubernetes External Provisioner External Resizer External Snapshotter +1
NVD GitHub
CVSS 3.1
6.5
EPSS
1.8%
CVE-2019-19545 MEDIUM This Month

Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cross origin resource sharing (CORS) vulnerability, which is a type of issue that allows restricted resources on a web page to be. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Password Manager
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2019-18381 MEDIUM This Month

Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cross origin resource sharing (CORS) vulnerability, which is a type of issue that allows restricted resources on a web page to be. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Password Manager
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2019-19587 MEDIUM PATCH This Month

In WSO2 Enterprise Integrator 6.5.0, reflected XSS occurs when updating the message processor configuration from the source view in the Management Console. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Enterprise Integrator
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2019-16769 MEDIUM PATCH This Month

The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Node.js Serialize Javascript
NVD GitHub
CVSS 3.1
5.4
EPSS
1.0%
CVE-2019-7185 MEDIUM This Month

This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Qnap Music Station
NVD
CVSS 3.1
4.8
EPSS
1.5%
CVE-2019-7184 MEDIUM This Month

This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the administrator’s management console. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Qnap Video Station
NVD
CVSS 3.1
4.8
EPSS
1.5%
CVE-2019-16768 MEDIUM PATCH This Month

In affected versions of Sylius, exception messages from internal exceptions (like database exception) are wrapped by \Symfony\Component\Security\Core\Exception\AuthenticationServiceException and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sylius
NVD GitHub
CVSS 3.1
4.3
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy