TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Denial Of Service
Authentication Bypass
Trackr Firmware
NVD
CVSS 3.1
7.1
EPSS
0.6%
The XCloner component before 3.5.4 for Joomla!. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Information Disclosure
Xcloner
NVD
CVSS 3.1
6.5
EPSS
1.7%