Skip to main content
CVE-2024-8642 MEDIUM PATCH This Month

In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Eclipse Dataspace Components
NVD GitHub
CVSS 4.0
5.1
EPSS
0.1%
CVE-2024-8693 MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.3%
CVE-2019-25212 MEDIUM PATCH This Month

The video carousel slider with lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.6 due to insufficient escaping on the user. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

SQLi WordPress Video Carousel Slider With Lightbox
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-44573 MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Rely Pcie Firmware
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2024-39808 MEDIUM This Month

Incorrect Calculation of Buffer Size (CWE-131) in the Controller 6000 and Controller 7000 OSDP message handling, allows an attacker with physical access to Controller wiring to instigate a reboot. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2024-7721 MEDIUM PATCH This Month

The HTML5 Video Player - mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_password' function in. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Html5 Video Player
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-44575 LOW Monitor

RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Rely Pcie Firmware
NVD
CVSS 3.1
3.7
EPSS
0.3%
CVE-2024-1656 LOW Monitor

Affected versions of Octopus Server had a weak content security policy. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Octopus Server
NVD
CVSS 3.1
2.6
EPSS
0.2%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy