Skip to main content
CVE-2024-20998 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Oracle Mysql Server Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-20993 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.1%
CVE-2024-21081 MEDIUM This Month

Vulnerability in the Oracle Partner Management product of Oracle E-Business Suite (component: Attribute Admin Setup). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Partner Management
NVD
CVSS 3.1
4.7
EPSS
0.4%
CVE-2024-21013 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle Mysql Server Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.4
EPSS
0.9%
CVE-2024-21008 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle Mysql Server Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.4
EPSS
0.9%
CVE-2024-20992 MEDIUM This Month

Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Content integration). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Webcenter Portal
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2024-3869 MEDIUM PATCH This Month

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'woocommerce_json_search_coupons' function . Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Customer Reviews For Woocommerce
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-3243 MEDIUM PATCH This Month

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the send_test_email() function in all versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Customer Reviews For Woocommerce
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-32455 MEDIUM This Month

Missing Authorization vulnerability in Very Good Plugins Fatal Error Notify.5.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-29402 MEDIUM This Month

cskefu v7 suffers from Insufficient Session Expiration, which allows attackers to exploit the old session for malicious activity. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-21099 MEDIUM This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Data Visualization). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Oracle Business Intelligence
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-21086 MEDIUM This Month

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Customer Relationship Management Technical Foundation
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-21048 MEDIUM This Month

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: XML input). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Oracle Web Applications Desktop Integrator
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-3873 MEDIUM This Month

A vulnerability was found in SMI SMI-EX-5414W up to 1.0.03. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD VulDB
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-21066 MEDIUM This Month

Vulnerability in the RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass XSS Oracle Database Server
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2024-21100 MEDIUM This Month

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Platform). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Oracle Commerce Platform
NVD
CVSS 3.1
4.0
EPSS
0.3%
CVE-2024-3861 MEDIUM This Month

If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Mozilla Memory Corruption Firefox +2
NVD
CVSS 3.1
4.0
EPSS
0.2%
CVE-2024-32633 MEDIUM This Month

An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Asr1803Sc Firmware Asr1607 Firmware Asr3603 Firmware Asr3602 Firmware +9
NVD
CVSS 3.1
4.0
EPSS
0.2%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy