Skip to main content
CVE-2019-5108 MEDIUM POC PATCH THREAT This Month

An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Linux Information Disclosure Linux Kernel Debian Linux Ubuntu Linux +13
NVD
CVSS 3.1
6.5
EPSS
10.1%
CVE-2019-19944 MEDIUM POC This Month

In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libiec61850
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2019-19930 MEDIUM POC This Month

In libIEC61850 1.4.0, MmsValue_newOctetString in mms/iso_mms/common/mms_value.c has an integer signedness error that can lead to an attempted excessive memory allocation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Information Disclosure Libiec61850
NVD GitHub
CVSS 3.1
6.5
EPSS
1.1%
CVE-2019-11050 MEDIUM POC This Month

When PHP EXIF extension is parsing EXIF information from an image, e.g. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Buffer Overflow Information Disclosure Ubuntu Linux Debian Linux +3
NVD
CVSS 3.1
6.5
EPSS
7.6%
CVE-2019-11047 MEDIUM POC This Month

When PHP EXIF extension is parsing EXIF information from an image, e.g. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Buffer Overflow Information Disclosure Fedora Debian Linux +1
NVD
CVSS 3.1
6.5
EPSS
7.5%
CVE-2019-11045 MEDIUM POC This Month

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

PHP Information Disclosure Fedora Debian Linux Leap +2
NVD
CVSS 3.1
5.9
EPSS
8.8%
CVE-2019-19337 MEDIUM This Month

A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Red Hat Ceph Storage
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2019-6147 MEDIUM This Month

Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Next Generation Firewall Security Management Center
NVD
CVSS 3.1
5.9
EPSS
0.7%
CVE-2019-19151 MEDIUM This Month

On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Big Iq Centralized Management Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Analytics +12
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-5267 MEDIUM This Month

Huawei OceanStor SNS3096 V100R002C01 have an information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Huawei Information Disclosure Oceanstor Sns3096 Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2019-18391 MEDIUM PATCH This Month

A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow Memory Corruption Virglrenderer Leap +2
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2019-18388 MEDIUM PATCH This Month

A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Denial Of Service Virglrenderer Leap Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-3429 MEDIUM This Month

All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have a file reading vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zte Information Disclosure Zxcloud Goldendata Vap
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2019-6686 MEDIUM This Month

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, the Traffic Management Microkernel (TMM) might stop responding after the total number of diameter connections and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Big Ip Local Traffic Manager
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2019-6678 MEDIUM This Month

On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, the TMM process may restart when the packet filter feature is enabled. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Analytics Big Ip Application Acceleration Manager +9
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2019-11046 MEDIUM PATCH This Month

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

PHP Buffer Overflow Microsoft Information Disclosure Debian Linux +4
NVD
CVSS 3.1
5.3
EPSS
4.1%
CVE-2019-3430 MEDIUM This Month

All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have an information disclosure vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Zte Information Disclosure Zxcloud Goldendata Vap
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2019-19150 MEDIUM This Month

On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, the BIG-IP APM system logs the client-session-id when a per-session policy is attached. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Big Ip Access Policy Manager
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2019-6688 MEDIUM This Month

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5 and BIG-IQ versions 6.0.0-6.1.0 and 5.2.0-5.4.0, a user is able to obtain the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Big Iq Centralized Management Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Analytics +10
NVD
CVSS 3.1
4.3
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy