Skip to main content
CVE-2024-20992 MEDIUM This Month

Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Content integration). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Webcenter Portal
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2024-3869 MEDIUM PATCH This Month

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'woocommerce_json_search_coupons' function . Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Customer Reviews For Woocommerce
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-3243 MEDIUM PATCH This Month

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the send_test_email() function in all versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Customer Reviews For Woocommerce
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-32455 MEDIUM This Month

Missing Authorization vulnerability in Very Good Plugins Fatal Error Notify.5.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-29402 MEDIUM This Month

cskefu v7 suffers from Insufficient Session Expiration, which allows attackers to exploit the old session for malicious activity. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-21099 MEDIUM This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Data Visualization). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Oracle Business Intelligence
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-21086 MEDIUM This Month

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Customer Relationship Management Technical Foundation
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-21048 MEDIUM This Month

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: XML input). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Oracle Web Applications Desktop Integrator
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-3873 MEDIUM This Month

A vulnerability was found in SMI SMI-EX-5414W up to 1.0.03. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD VulDB
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-21066 MEDIUM This Month

Vulnerability in the RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass XSS Oracle Database Server
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2024-29291 POC This Week

An issue in Laravel Framework 8 through 11 might allow a remote attacker to discover database credentials in storage/logs/laravel.log. Public exploit code available and no vendor patch available.

Information Disclosure
NVD GitHub Exploit-DB
EPSS
1.3%
CVE-2024-21100 MEDIUM This Month

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Platform). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Oracle Commerce Platform
NVD
CVSS 3.1
4.0
EPSS
0.3%
CVE-2024-3861 MEDIUM This Month

If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Mozilla Memory Corruption Firefox +2
NVD
CVSS 3.1
4.0
EPSS
0.2%
CVE-2024-32633 MEDIUM This Month

An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Asr1803Sc Firmware Asr1607 Firmware Asr3603 Firmware Asr3602 Firmware +9
NVD
CVSS 3.1
4.0
EPSS
0.2%
CVE-2024-27086 LOW PATCH Monitor

The MSAL library enabled acquisition of security tokens to call protected APIs. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Google Denial Of Service
NVD GitHub
CVSS 3.1
3.9
EPSS
0.2%
CVE-2024-21000 LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Mysql Server Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
3.8
EPSS
0.6%
CVE-2024-3302 LOW Monitor

There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Mozilla Firefox Thunderbird
NVD
CVSS 3.1
3.7
EPSS
0.8%
CVE-2024-21108 LOW Monitor

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2024-21005 LOW Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Java Oracle Graalvm Jdk +6
NVD
CVSS 3.1
3.1
EPSS
0.9%
CVE-2024-21003 LOW Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation Java Oracle Graalvm Jdk +6
NVD
CVSS 3.1
3.1
EPSS
0.9%
CVE-2024-21004 LOW Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 2.5), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation Java Oracle Graalvm Jdk +6
NVD
CVSS 3.1
2.5
EPSS
0.4%
CVE-2024-21002 LOW Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 2.5), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation Java Oracle Graalvm Jdk +6
NVD
CVSS 3.1
2.5
EPSS
0.4%
CVE-2024-20995 LOW Monitor

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
2.4
EPSS
0.5%
CVE-2024-21101 LOW Monitor

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
2.2
EPSS
0.4%
CVE-2024-21105 LOW Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Rated low severity (CVSS 2.0), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Authentication Bypass Oracle Solaris
NVD
CVSS 3.1
2.0
EPSS
0.3%
Prev Page 5 of 5

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy