Skip to main content
CVE-2024-27997 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder visualcomposer.6.0. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD VulDB
CVSS 3.1
5.9
EPSS
0.1%
CVE-2024-29105 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timersys WP Popups allows Stored XSS.1.5.5. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
5.9
EPSS
0.1%
CVE-2024-29095 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gemini Labs Site Reviews site-reviews.11.6. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD VulDB
CVSS 3.1
5.9
EPSS
0.1%
CVE-2024-27996 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Survey Maker team Survey Maker allows Stored XSS.0.5. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Survey Maker
NVD
CVSS 3.1
5.9
EPSS
0.1%
CVE-2024-2605 MEDIUM This Month

An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Mozilla Microsoft Firefox Thunderbird
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2024-29141 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PDF Embedder allows Stored XSS.6.4. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-24043 MEDIUM This Month

Directory Traversal vulnerability in Speedy11CZ MCRPX v.1.4.0 and before allows a local attacker to execute arbitrary code via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-2641 MEDIUM This Month

A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Rg Nbs2009G P Firmware
NVD VulDB
CVSS 3.1
5.3
EPSS
0.8%
CVE-2024-1145 MEDIUM This Month

User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Alma Blog
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2024-29093 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Saleswonder Team: Tobias Builder for WooCommerce reviews shortcodes - ReviewShort woo-product-reviews-shortcode.01.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-2639 MEDIUM This Month

A vulnerability was found in Bdtask Wholesale Inventory Management System up to 20240311. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Session Fixation Information Disclosure
NVD VulDB
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-2616 LOW Monitor

To harden ICU against exploitation, the behavior for out-of-memory conditions was changed to crash instead of attempt to continue. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Memory Corruption Firefox Thunderbird
NVD
CVSS 3.1
2.7
EPSS
0.7%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy