Skip to main content
CVE-2024-7753 MEDIUM POC This Month

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Clinic S Patient Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.9%
CVE-2024-42353 MEDIUM POC PATCH This Month

WebOb provides objects for HTTP requests and responses. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Python Open Redirect Webob
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2024-7790 MEDIUM POC This Month

A stored cross site scripting vulnerabilities exists in DevikaAI from commit 6acce21fb08c3d1123ef05df6a33912bf0ee77c2 onwards via improperly decoded user input. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Devika
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-7794 MEDIUM POC This Month

A vulnerability was found in itsourcecode Vehicle Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Vehicle Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-7793 MEDIUM POC This Month

A vulnerability was found in SourceCodester Task Progress Tracker 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Task Progress Tracker
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.4%
CVE-2024-7792 MEDIUM POC This Month

A vulnerability was found in SourceCodester Task Progress Tracker 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Task Progress Tracker
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.6%
CVE-2024-7754 MEDIUM POC This Month

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Clinic S Patient Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-7752 MEDIUM POC This Month

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Clinic S Patient Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-24580 MEDIUM This Month

Improper conditions check in some Intel(R) Data Center GPU Max Series 1100 and 1550 products may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Data Center Gpu Max 1100 Firmware Data Center Gpu Max 1550 Firmware
NVD
CVSS 4.0
6.8
EPSS
0.2%
CVE-2024-22374 MEDIUM This Month

Insufficient control flow management for some Intel(R) Xeon Processors may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service
NVD
CVSS 4.0
6.8
EPSS
0.2%
CVE-2024-21806 MEDIUM This Month

Improper conditions check in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an authenticated user to potentially enable. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Linux
NVD
CVSS 4.0
6.8
EPSS
0.2%
CVE-2024-39406 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Adobe Commerce Magento
NVD
CVSS 3.1
6.8
EPSS
0.9%
CVE-2024-42441 MEDIUM This Month

Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Apple Meeting Software Development Kit Rooms Workplace Desktop
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2024-42440 MEDIUM This Month

Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Apple Meeting Software Development Kit Rooms Workplace Desktop
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2024-38483 MEDIUM This Month

Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Latitude 5290 2 In 1 Firmware Precision 3420 Tower Firmware Precision 3620 Firmware +38
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2024-43368 MEDIUM PATCH This Month

The Trix editor, versions prior to 2.1.4, is vulnerable to XSS when pasting malicious code. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-37529 MEDIUM This Month

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Microsoft Db2
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-35152 MEDIUM This Month

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Microsoft Db2
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-35136 MEDIUM This Month

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Nosql Injection Microsoft Db2
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-31882 MEDIUM This Month

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Nosql Injection Microsoft Db2
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-42439 MEDIUM This Month

Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Apple Meeting Software Development Kit Workplace Desktop
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-42438 MEDIUM This Month

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service Meeting Software Development Kit Rooms +4
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-42437 MEDIUM This Month

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service Meeting Software Development Kit Rooms +4
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-42436 MEDIUM This Month

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service Meeting Software Development Kit Rooms +4
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-39822 MEDIUM This Month

Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Meeting Software Development Kit Rooms Rooms Controller Workplace +1
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-39818 MEDIUM This Month

Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Rooms Workplace Workplace Desktop Workplace Virtual Desktop Infrastructure
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-25157 MEDIUM This Month

An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Goanywhere Managed File Transfer
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-6532 MEDIUM This Month

The Sheet to Table Live Sync for Google Sheet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's STWT_Sheet_Table shortcode in all versions up to, and including, 1.0.1. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Google
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2024-7588 MEDIUM This Month

The Gutenberg Blocks, Page Builder - ComboBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Accordion block in all versions up to, and including, 2.2.87 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2024-37028 MEDIUM This Month

BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Big Ip Next Central Manager
NVD
CVSS 4.0
6.3
EPSS
0.4%
CVE-2024-5916 MEDIUM This Month

An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 4.0
6.0
EPSS
0.2%
CVE-2024-27267 MEDIUM This Month

The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Race Condition Java Denial Of Service Java Sdk
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2024-25562 MEDIUM This Month

Improper buffer restrictions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.8). No vendor patch available.

Intel Denial Of Service Distribution For Gdb Oneapi Base Toolkit
NVD
CVSS 4.0
5.8
EPSS
0.1%
CVE-2024-42259 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-41866 MEDIUM This Month

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Indesign
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-41854 MEDIUM This Month

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Indesign
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-41835 MEDIUM This Month

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure Acrobat Acrobat Dc +2
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2024-41834 MEDIUM This Month

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure Acrobat Acrobat Dc +2
NVD
CVSS 3.1
5.5
EPSS
1.5%
CVE-2024-41833 MEDIUM This Month

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure Acrobat Acrobat Dc +2
NVD
CVSS 3.1
5.5
EPSS
1.5%
CVE-2024-41832 MEDIUM This Month

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure Acrobat Acrobat Dc +2
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2024-39395 MEDIUM This Month

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Indesign
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-39387 MEDIUM This Month

Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Bridge
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-34138 MEDIUM This Month

Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Illustrator
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34137 MEDIUM This Month

Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Illustrator
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34136 MEDIUM This Month

Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Illustrator
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34135 MEDIUM This Month

Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Illustrator
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34134 MEDIUM This Month

Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Illustrator
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34127 MEDIUM This Month

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Indesign
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-34126 MEDIUM This Month

Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Dimension
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-34125 MEDIUM This Month

Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Dimension
NVD
CVSS 3.1
5.5
EPSS
0.3%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy