Skip to main content
CVE-2024-4962 MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-7000-40 V31R02B1413C. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP File Upload Dar 7000 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
2.5%
CVE-2024-4961 MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DAR-7000-40 V31R02B1413C. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP File Upload Dar 7000 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
2.3%
CVE-2024-4960 MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in D-Link DAR-7000-40 V31R02B1413C. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP File Upload Dar 7000 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
2.3%
CVE-2024-2619 MEDIUM PATCH This Month

The Elementor Header & Footer Builder for WordPress is vulnerable to HTML Injection in all versions up to, and including, 1.6.26 due to insufficient input sanitization and output escaping. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Elementor Header Footer Builder Elementor
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2024-21792 MEDIUM This Month

Time-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2.5.0 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Intel
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2024-22390 MEDIUM This Month

Improper input validation in firmware for some Intel(R) FPGA products before version 2.9.1 may allow denial of service. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-34751 MEDIUM This Month

Deserialization of Untrusted Data vulnerability in WebToffee Order Export & Order Import for WooCommerce.4.9. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Deserialization WordPress
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-3609 MEDIUM PATCH This Month

The ReviewX - Multi-criteria Rating & Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized deletion of data due to a missing capability check on the reviewx_remove_guest_image. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Reviewx
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-4204 MEDIUM This Month

The Bulk Posts Editing For WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-34808 MEDIUM This Month

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samuel Marshall JCH Optimize.2.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-4843 MEDIUM This Month

ePO doesn't allow a regular privileged user to delete tasks or assignments. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-31226 LOW PATCH Monitor

Sunshine is a self-hosted game stream host for Moonlight. Rated low severity (CVSS 2.9).

Information Disclosure Microsoft Sunshine
NVD GitHub
CVSS 3.1
2.9
EPSS
0.2%
CVE-2024-22384 LOW Monitor

Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2022.0.0 published Nov 2023 may allow an authenticated user to potentially enable information disclosure via. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Buffer Overflow Information Disclosure
NVD
CVSS 3.1
2.8
EPSS
0.2%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy