Bytecode Alliance wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) before 1.3.0 can have an "double free or corruption" error for a valid WebAssembly module because. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
MDaemon SecurityGateway through 9.0.3 allows XSS via a crafted Message Content Filtering rule. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments - Fully Integrated Solution Built and Supported by Woo.9.2. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup - WordPress Cloud Backup, Migration, Restore & Cloning Plugin.1.9. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.