Skip to main content
CVE-2024-31033 MEDIUM This Month

JJWT (aka Java JWT) through 0.12.5 ignores certain characters and thus a user might falsely conclude that they have a strong key. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Information Disclosure
NVD GitHub
CVSS 3.1
6.8
EPSS
0.8%
CVE-2024-20054 MEDIUM This Month

In gnss, there is a possible escalation of privilege due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Yocto Rdk B +2
NVD
CVSS 3.1
6.6
EPSS
0.3%
CVE-2024-20046 MEDIUM This Month

In battery, there is a possible escalation of privilege due to an integer overflow. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Integer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.6
EPSS
0.3%
CVE-2024-20044 MEDIUM This Month

In da, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
6.6
EPSS
0.3%
CVE-2024-20043 MEDIUM This Month

In da, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2024-20042 MEDIUM This Month

In da, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
6.6
EPSS
0.3%
CVE-2024-27609 MEDIUM PATCH This Month

Bonita before 2023.2-u2 allows stored XSS via a UI screen in the administration panel. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-20055 MEDIUM This Month

In imgsys, there is a possible information disclosure due to a missing bounds check. Rated medium severity (CVSS 6.3). No vendor patch available.

Buffer Overflow Information Disclosure Yocto Iot Yocto Android
NVD
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-20048 MEDIUM This Month

In flashc, there is a possible information disclosure due to an uncaught exception. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2024-28895 MEDIUM This Month

'Yahoo!. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple XSS Google
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-3130 MEDIUM This Month

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after. Rated medium severity (CVSS 5.7). No vendor patch available.

Authentication Bypass Apple Information Disclosure Google
NVD
CVSS 3.1
5.7
EPSS
0.1%
CVE-2024-26655 MEDIUM PATCH This Month

A memory leak vulnerability exists in the Linux kernel's posix_clock_open() function where allocated pccontext memory is not properly released if the clock operations open() callback returns an error. This affects Linux kernel versions including 6.9-rc1 and potentially earlier releases across all architectures. An unprivileged local attacker with standard user privileges can trigger repeated failed clock open operations to exhaust kernel memory and cause denial of service, though the extremely low EPSS score of 0.01% indicates exploitation in the wild is unlikely despite the vulnerability being patched across multiple kernel versions.

Linux Memory Corruption Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-27333 MEDIUM This Month

Kofax Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-27329 MEDIUM This Month

PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Tools Pdf Xchange Editor
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-27328 MEDIUM This Month

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Tools Pdf Xchange Editor
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-27326 MEDIUM This Month

PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Tools Pdf Xchange Editor
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-27325 MEDIUM This Month

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Tools Pdf Xchange Editor
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-27324 MEDIUM This Month

PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Tools Pdf Xchange Editor
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-20047 MEDIUM This Month

In battery, there is a possible out of bounds read due to an integer overflow. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-25080 MEDIUM This Month

WebMail in Axigen 10.x before 10.3.3.62 allows XSS via the image attachment viewer. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2024-3165 MEDIUM This Month

System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for database connections in the log output. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dotcms
NVD GitHub
CVSS 3.1
4.5
EPSS
0.5%
CVE-2024-3164 MEDIUM This Month

In dotCMS dashboard, the Tools and Log Files tabs under System → Maintenance Portlet, which is and always has been an Admin portlet, is accessible to anyone with that portlet and not just to CMS. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dotcms
NVD GitHub
CVSS 3.1
4.5
EPSS
0.5%
CVE-2024-20052 MEDIUM This Month

In flashc, there is a possible information disclosure due to an uncaught exception. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Yocto Rdk B Android Openwrt
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2024-20050 MEDIUM This Month

In flashc, there is a possible information disclosure due to an uncaught exception. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Yocto Rdk B Android Openwrt
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2024-20049 MEDIUM This Month

In flashc, there is a possible information disclosure due to an uncaught exception. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Yocto Rdk B Android Openwrt
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2024-20041 MEDIUM This Month

In da, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-29435 MEDIUM This Month

An issue discovered in Alldata v0.4.6 allows attacker to run arbitrary commands via the processId parameter. Rated medium severity (CVSS 4.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Alldata
NVD GitHub
CVSS 3.1
4.1
EPSS
0.3%
CVE-2024-3138 LOW Monitor

** DISPUTED ** A vulnerability was found in francoisjacquet RosarioSIS 11.5.1. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD VulDB
CVSS 3.1
3.5
EPSS
0.5%
CVE-2024-27332 LOW Monitor

PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Tools Pdf Xchange Editor
NVD
CVSS 3.0
3.3
EPSS
0.4%
CVE-2024-27331 LOW Monitor

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Tools Pdf Xchange Editor
NVD
CVSS 3.0
3.3
EPSS
0.4%
CVE-2024-27330 LOW Monitor

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Tools Pdf Xchange Editor
NVD
CVSS 3.0
3.3
EPSS
0.4%
CVE-2024-3141 LOW Monitor

A vulnerability has been found in Clavister E10 and E80 up to 14.00.10 and classified as problematic. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD GitHub VulDB
CVSS 3.1
2.4
EPSS
0.5%
CVE-2024-3128 LOW Monitor

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in Replify-Messenger 1.0 on Android.xml of the component Backup File Handler. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google
NVD GitHub VulDB
CVSS 3.1
2.4
EPSS
0.3%
CVE-2024-3125 LOW Monitor

A vulnerability classified as problematic was found in Zebra ZTC GK420d 1.0. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD GitHub VulDB
CVSS 3.1
2.4
EPSS
0.5%
CVE-2024-3124 LOW Monitor

A vulnerability classified as problematic has been found in fridgecow smartalarm 1.8.1 on Android. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google
NVD GitHub VulDB
CVSS 3.1
2.4
EPSS
0.3%
CVE-2024-20051 LOW Monitor

In flashc, there is a possible system crash due to an uncaught exception. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Yocto Rdk B Android Openwrt
NVD
CVSS 3.1
2.3
EPSS
0.1%
CVE-2024-20045 LOW Monitor

In audio, there is a possible out of bounds read due to an incorrect calculation of buffer size. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
2.3
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy