Skip to main content
CVE-2024-27347 MEDIUM PATCH This Month

Server-Side Request Forgery (SSRF) vulnerability in Apache HugeGraph-Hubble.0.0 before 1.3.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Apache Hugegraph Hubble
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2024-22815 MEDIUM This Month

An issue in the communication protocol of Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service (DoS) via crafted commands. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Pathpilot Controller
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2024-28717 MEDIUM PATCH This Month

An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Denial Of Service
NVD GitHub
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-4026 MEDIUM This Month

Cross-Site Scripting (XSS) vulnerability in the Holded application. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2024-22813 MEDIUM This Month

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to overwrite the hardcoded IP address in the device memory, disrupting network connectivity between the router and. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Pathpilot Controller
NVD GitHub
CVSS 3.1
4.4
EPSS
0.4%
CVE-2024-32681 MEDIUM This Month

Missing Authorization vulnerability in BdThemes Prime Slider - Addons For Elementor.13.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Prime Slider
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-32687 MEDIUM This Month

Missing Authorization vulnerability in WPClever WPC Frequently Bought Together for WooCommerce.0.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-3177 LOW PATCH Monitor

A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Kubernetes
NVD GitHub
CVSS 3.1
2.7
EPSS
2.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy