Skip to main content
CVE-2024-34463 MEDIUM This Month

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 3.1
5.1
EPSS
0.7%
CVE-2024-43803 MEDIUM PATCH This Month

The Bare Metal Operator (BMO) implements a Kubernetes API for managing bare metal hosts in Metal3. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Kubernetes
NVD GitHub
CVSS 3.1
4.9
EPSS
0.6%
CVE-2024-37136 MEDIUM This Month

Dell Path to PowerProtect, versions 1.1, 1.2, contains an Exposure of Private Personal Information to an Unauthorized Actor vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Path To Powerprotect
NVD
CVSS 3.1
4.9
EPSS
0.4%
CVE-2024-6343 MEDIUM This Month

A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Zyxel Buffer Overflow Denial Of Service Zld
NVD
CVSS 3.1
4.9
EPSS
0.6%
CVE-2024-43413 MEDIUM PATCH This Month

Xibo is an open source digital signage platform with a web content management system (CMS). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Xibo
NVD GitHub
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-7346 MEDIUM This Month

Host name validation for TLS certificates is bypassed when the installed OpenEdge default certificates are used to perform the TLS handshake for a networked connection. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Openedge
NVD
CVSS 3.1
4.8
EPSS
0.2%
CVE-2024-8399 MEDIUM This Month

Websites could utilize Javascript links to spoof URL addresses in the Focus navigation bar This vulnerability affects Focus for iOS < 130. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Firefox Focus
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2024-45678 MEDIUM This Month

Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Yubikey 5C Nfc Firmware Yubikey 5 Nfc Firmware Yubikey 5C Firmware Yubikey 5 Nano Firmware +14
NVD
CVSS 3.1
4.2
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy