Skip to main content
CVE-2024-4536 MEDIUM PATCH This Month

In Eclipse Dataspace Components from version 0.2.1 to 0.6.2, in the EDC Connector component ( https://github.com/eclipse-edc/Connector ), an attacker might obtain OAuth2 client secrets from the. Rated medium severity (CVSS 5.3).

Hashicorp Information Disclosure Edc Connector
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-4584 MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in Faraday GM8181 and GM828x up to 20240429. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 3.1
5.3
EPSS
0.6%
CVE-2024-4583 MEDIUM This Month

A vulnerability classified as problematic was found in Faraday GM8181 and GM828x up to 20240429. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 3.1
5.3
EPSS
0.6%
CVE-2024-34314 MEDIUM This Month

CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fetch_action method of /admin/template_admin.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

LFI PHP Information Disclosure Cmseasy
NVD GitHub
CVSS 3.1
4.9
EPSS
0.4%
CVE-2024-20871 MEDIUM This Month

Improper authorization vulnerability in Samsung Keyboard prior to version One UI 5.1.1 allows physical attackers to partially bypass the factory reset protection. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Samsung One Ui
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2024-20821 MEDIUM This Month

A vulnerability possible to reconfigure OTP allows local attackers to transit RMA(Return Merchandise Authorization) mode, which disables security features. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-6810 MEDIUM This Month

The ClickCease Click Fraud Protection plugin for WordPress is vulnerable to unauthorized access of data due to an improper capability check on the get_settings function in all versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-28148 MEDIUM PATCH This Month

An authenticated user could potentially access metadata for a datasource they are not authorized to view by submitting a targeted REST API request.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Apache Superset
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2024-20856 MEDIUM This Month

Improper Authentication vulnerability in Secure Folder prior to SMR May-2024 Release 1 allows physical attackers to access Secure Folder without proper authentication in a specific scenario. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Android
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-33748 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the search function in Maven net.mingsoft MS Basic 2.1.13.4 and earlier. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD GitHub
CVSS 3.1
4.1
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy