Skip to main content
CVE-2024-29041 MEDIUM PATCH This Month

Express.js minimalist web framework for node. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Open Redirect Express
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2024-28245 MEDIUM PATCH This Month

KaTeX is a JavaScript library for TeX math rendering on the web. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Katex
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-29216 MEDIUM This Month

Exposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-29009 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in easy-popup-show all versions allows a remote unauthenticated attacker to hijack the authentication of the administrator and to perform unintended. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-28183 MEDIUM PATCH This Month

ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required.

Authentication Bypass Apple Microsoft Esp Idf
NVD GitHub
CVSS 3.1
5.7
EPSS
0.2%
CVE-2024-30203 MEDIUM PATCH This Month

In Emacs before 29.3, Gnus treats inline MIME contents as trusted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Emacs Org Mode Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2022-45356 MEDIUM This Month

Missing Authorization vulnerability in Muffingroup Betheme.6.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Betheme
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-37886 MEDIUM This Month

Missing Authorization vulnerability in InspiryThemes RealHomes realhomes.3.8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-22699 MEDIUM This Month

Missing Authorization vulnerability in MainWP MainWP Wordfence Extension.0.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Mainwp Wordfence Extension Wordfence
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2022-45851 MEDIUM This Month

Missing Authorization vulnerability in ShareThis ShareThis Dashboard for Google Analytics.1.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Authentication Bypass
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2022-45351 MEDIUM This Month

Missing Authorization vulnerability in Muffingroup Betheme.6.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Betheme
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2022-45352 MEDIUM This Month

Missing Authorization vulnerability in Muffingroup Betheme.6.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Betheme
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2024-28246 MEDIUM PATCH This Month

KaTeX is a JavaScript library for TeX math rendering on the web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Katex
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-21914 MEDIUM This Month

A vulnerability exists in the affected product that allows a malicious user to restart the Rockwell Automation PanelView™ Plus 7 terminal remotely without security protections. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell Denial Of Service Factorytalk View
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-25039 MEDIUM This Month

Missing Authorization vulnerability in CodePeople Google Maps CP.0.43. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Authentication Bypass Google Maps Cp
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-37885 MEDIUM This Month

Missing Authorization vulnerability in InspiryThemes RealHomes realhomes.3.8. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-33923 MEDIUM This Month

Missing Authorization vulnerability in HashThemes Viral News, HashThemes Viral, HashThemes HashOne.4.5; Viral: from n/a through 1.8.0; HashOne: from n/a through 1.3.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2022-45349 MEDIUM This Month

Missing Authorization vulnerability in Muffingroup Betheme.6.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Betheme
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-30480 MEDIUM This Month

Missing Authorization vulnerability in Sparkle WP Educenter.5.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-30204 LOW PATCH Monitor

In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Emacs Org Mode Debian Linux
NVD
CVSS 3.1
2.8
EPSS
0.5%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy