Skip to main content
CVE-2019-19341 MEDIUM This Month

A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ansible Tower
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-19342 MEDIUM This Month

A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password contains the '#' character. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ansible Tower
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2019-18615 MEDIUM This Month

In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cloudvision Portal
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2019-19903 MEDIUM This Month

An issue was discovered in Backdrop CMS 1.14.x before 1.14.2. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Backdrop Cms
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2019-19901 MEDIUM This Month

An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Backdrop Cms
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2019-19900 MEDIUM This Month

An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Backdrop Cms
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2019-11294 MEDIUM This Month

Cloud Foundry Cloud Controller API (CAPI), version 1.88.0, allows space developers to list all global service brokers, including service broker URLs and GUIDs, which should only be accessible to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Capi Release Cf Deployment
NVD
CVSS 3.1
4.3
EPSS
0.8%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy