Skip to main content
CVE-2024-8366 MEDIUM This Month

A vulnerability was found in code-projects Pharmacy Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Pharmacy Management System
NVD VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2024-39579 MEDIUM This Month

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2024-45304 MEDIUM PATCH This Month

Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Contracts
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-39578 MEDIUM This Month

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is low attack complexity. No vendor patch available.

Dell Denial Of Service Powerscale Onefs
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2024-5212 MEDIUM This Month

The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘envato_code[]’ parameter in all versions up to, and including, 5.0 due to insufficient input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Tagdiv Composer
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-3886 MEDIUM This Month

The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘envato_code[]’ parameter in all versions up to, and including, 5.0 due to insufficient input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Tagdiv Composer
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-44946 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcm_sendmsg() for the same socket. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Memory Corruption Information Disclosure Linux +1
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2024-8108 MEDIUM This Month

The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alignment' parameter in all versions up to, and including, 2.01 due to insufficient input sanitization. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Share This Image
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-8276 MEDIUM PATCH This Month

The WPZOOM Portfolio Lite - Filterable Portfolio Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:wpzoom-blocks' Gutenberg block in. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Wpzoom Portfolio
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-0111 MEDIUM This Month

NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Cuda Toolkit
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-8006 MEDIUM PATCH This Month

Remote packet capture support is disabled by default in libpcap. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Libpcap
NVD GitHub
CVSS 3.1
4.4
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy