Skip to main content
CVE-2024-45612 MEDIUM PATCH This Month

Contao is an Open Source CMS. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Canonical Contao
NVD GitHub
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-45384 MEDIUM PATCH This Month

Padding Oracle vulnerability in Apache Druid extension, druid-pac4j. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Oracle Druid
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2024-44127 MEDIUM This Month

This issue was addressed through improved state management. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Ipados Iphone Os
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2024-40862 MEDIUM This Month

A privacy issue was addressed by removing sensitive data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Xcode
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2024-40852 MEDIUM This Month

This issue was addressed by restricting options offered on a locked device. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Ipados Iphone Os
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2024-45803 MEDIUM PATCH This Month

Wire UI is a library of components and resources to empower Laravel and Livewire application development. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

RCE XSS Wireui
NVD GitHub
CVSS 4.0
5.1
EPSS
0.4%
CVE-2024-38860 MEDIUM This Month

Improper neutralization of input in Checkmk before versions 2.3.0p16 and 2.2.0p34 allows attackers to craft malicious links that can facilitate phishing attacks. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Checkmk
NVD
CVSS 4.0
5.1
EPSS
0.3%
CVE-2024-43985 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MagePeople Team Bus Ticket Booking with Seat Reservation allows Stored XSS.3.5. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Bus Ticket Booking With Seat Reservation
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-45811 MEDIUM PATCH This Month

Vite a frontend build tooling framework for javascript. Rated medium severity (CVSS 4.8), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
4.8
EPSS
1.0%
CVE-2024-8660 MEDIUM PATCH This Month

Concrete CMS versions 9.0.0 through 9.3.3 are affected by a stored XSS vulnerability in the "Top Navigator Bar" block. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Concrete Cms
NVD GitHub
CVSS 4.0
4.6
EPSS
0.3%
CVE-2024-44171 MEDIUM This Month

This issue was addressed through improved state management. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Watchos
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2024-40840 MEDIUM This Month

This issue was addressed through improved state management. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2024-40825 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass macOS Visionos
NVD VulDB
CVSS 3.1
4.4
EPSS
0.0%
CVE-2024-44130 MEDIUM This Month

This issue was addressed with improved data protection. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-8909 MEDIUM This Month

Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Google Chrome
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-8908 MEDIUM This Month

Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Google Chrome
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-8906 MEDIUM This Month

Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Chrome
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-45606 MEDIUM PATCH This Month

Sentry is a developer-first error tracking and performance monitoring platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Sentry
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-45605 MEDIUM PATCH This Month

Sentry is a developer-first error tracking and performance monitoring platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Sentry
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-45604 MEDIUM PATCH This Month

Contao is an Open Source CMS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Contao
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy