Skip to main content
CVE-2019-20202 MEDIUM POC This Month

An issue was discovered in ezXML 0.8.3 through 0.8.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ezxml
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2019-20201 MEDIUM POC This Month

An issue was discovered in ezXML 0.8.3 through 0.8.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Ezxml
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2019-20200 MEDIUM POC This Month

An issue was discovered in ezXML 0.8.3 through 0.8.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Ezxml
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2019-20199 MEDIUM POC This Month

An issue was discovered in ezXML 0.8.3 through 0.8.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Information Disclosure Ezxml
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2019-20198 MEDIUM POC This Month

An issue was discovered in ezXML 0.8.3 through 0.8.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ezxml
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2019-12273 MEDIUM POC This Month

OutSystems Platform 10 through 11 allows ImageResourceDetail.aspx CSRF for content modifications and file uploads. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Outsystems
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2019-9554 MEDIUM POC This Month

In the 3.1.12 Pro version of Craft CMS, XSS has been discovered in the header insertion field when adding source code at an s/admin/entries/news/new URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Craft Cms
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
2.6%
CVE-2019-9553 MEDIUM POC This Month

Bolt 3.6.4 has XSS via the slug, teaser, or title parameter to editcontent/pages, a related issue to CVE-2017-11128 and CVE-2018-19933. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Bolt
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
1.8%
CVE-2019-9206 MEDIUM POC This Month

PRTG Network Monitor v7.1.3.3378 allows XSS via the /public/login.htm errormsg or loginurl parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Prtg Network Monitor
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-19927 MEDIUM POC PATCH This Month

In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Ubuntu Information Disclosure Linux Kernel +1
NVD GitHub
CVSS 3.1
6.0
EPSS
0.8%
CVE-2019-20171 MEDIUM POC This Month

An issue was discovered in GPAC version 0.5.2 and 0.9.0-development-20191109. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gpac Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
1.2%
CVE-2019-20170 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gpac Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2019-20169 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Memory Corruption Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2019-20168 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Memory Corruption Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.8%
CVE-2019-20167 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.8%
CVE-2019-20166 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2019-20165 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gpac Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2019-20164 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2019-20163 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gpac Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2019-20162 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Gpac Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2019-20161 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Gpac Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2019-20160 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.7%
CVE-2019-20159 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.7%
CVE-2019-9556 MEDIUM POC This Month

FiberHome an5506-04-f RP2669 devices have XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS An5506 04 F Firmware
NVD Exploit-DB
CVSS 3.1
5.4
EPSS
1.1%
CVE-2019-12837 MEDIUM POC This Month

The Java API in accesuniversitat.gencat.cat 1.7.5 allows remote attackers to get personal information of all registered students via several API endpoints. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java Information Disclosure Portal D Acces A La Universitat
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2019-14466 MEDIUM PATCH This Month

The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

PHP Deserialization Gosa Debian Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2019-10227 MEDIUM POC This Month

openITCOCKPIT before 3.7.1 has reflected XSS in the 404-not-found component. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Openitcockpit
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-9207 MEDIUM This Month

PRTG Network Monitor v7.1.3.3378 allows XSS via the /search.htm searchtext parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Prtg Network Monitor
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-12186 MEDIUM PATCH This Month

An issue was discovered in Sylius products. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Grid Sylius
NVD
CVSS 3.1
4.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy