Skip to main content
CVE-2024-45607 MEDIUM PATCH This Month

whatsapp-api-js is a TypeScript server agnostic Whatsapp's Official API framework. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Jwt Attack Information Disclosure Whatsapp Api Js
NVD GitHub
CVSS 3.1
5.3
EPSS
14.1%
CVE-2024-8708 MEDIUM This Month

A vulnerability was found in SourceCodester Best House Rental Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Best House Rental Management System
NVD VulDB
CVSS 4.0
5.3
EPSS
0.3%
CVE-2024-8707 MEDIUM This Month

A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 3.0.6. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal PHP
NVD VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-6702 MEDIUM This Month

Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Infinity
NVD
CVSS 3.1
4.8
EPSS
0.2%
CVE-2024-6701 MEDIUM This Month

Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with case type. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Infinity
NVD
CVSS 3.1
4.8
EPSS
0.2%
CVE-2024-6700 MEDIUM This Month

Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with App name. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Infinity
NVD
CVSS 3.1
4.8
EPSS
0.2%
CVE-2024-25270 MEDIUM This Month

An issue in Mirapolis LMS 4.6.XX allows authenticated users to exploit an Insecure Direct Object Reference (IDOR) vulnerability by manipulating the ID parameter and increment STEP parameter, leading. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Lms
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-6389 MEDIUM This Month

An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-6446 LOW Monitor

An issue has been discovered in GitLab affecting all versions starting from 17.1 to 17.1.7, 17.2 prior to 17.2.5 and 17.3 prior to 17.3.2. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.1
3.5
EPSS
0.4%
CVE-2024-36066 LOW Monitor

The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Ejbca
NVD
CVSS 3.1
3.1
EPSS
0.2%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy