Skip to main content
CVE-2024-43536 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

RCE Open Redirect Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2024-43526 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
6.8
EPSS
0.7%
CVE-2024-43525 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
6.8
EPSS
0.7%
CVE-2024-43524 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
6.8
EPSS
0.7%
CVE-2024-43523 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
6.8
EPSS
0.7%
CVE-2024-37983 MEDIUM PATCH This Month

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
6.7
EPSS
0.6%
CVE-2024-37976 MEDIUM PATCH This Month

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
6.7
EPSS
0.6%
CVE-2024-39831 MEDIUM This Month

in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Use After Free RCE Denial Of Service Memory Corruption Openharmony
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2024-43480 MEDIUM PATCH This Month

Azure Service Fabric for Linux Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Heap Overflow Buffer Overflow RCE Microsoft Azure Service Fabric
NVD
CVSS 3.1
6.6
EPSS
1.1%
CVE-2024-38129 MEDIUM PATCH This Month

Windows Kerberos Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Authentication Bypass Microsoft Windows Server 2022 23h2
NVD
CVSS 3.1
6.6
EPSS
1.2%
CVE-2024-21533 MEDIUM This Month

All versions of the package ggit are vulnerable to Arbitrary Argument Injection via the clone() API, which allows specifying the remote URL to clone and the file on disk to clone to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2024-43609 MEDIUM PATCH This Month

Microsoft Office Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft 365 Apps Office Office Long Term Servicing Channel
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2024-43561 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-43559 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-43558 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-43557 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-43555 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1809 +8
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-43542 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-43540 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-43538 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-43537 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1809 +8
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-43534 MEDIUM PATCH This Month

Windows Graphics Component Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2024-47161 MEDIUM This Month

In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-37179 MEDIUM This Month

SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted request to the Web Intelligence Reporting Server to download any file from the machine. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP File Upload Businessobjects Business Intelligence
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-43513 MEDIUM PATCH This Month

BitLocker Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +10
NVD
CVSS 3.1
6.4
EPSS
0.6%
CVE-2024-8482 MEDIUM This Month

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 1.3.982 due to insufficient. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Royal Elementor Addons
NVD
CVSS 3.1
6.4
EPSS
0.4%
CVE-2024-8433 MEDIUM This Month

The Easy Mega Menu Plugin for WordPress - ThemeHunk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘themehunk_megamenu_bg_image' parameter in all versions up to, and. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2024-9292 MEDIUM This Month

The Bridge Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'formforall' shortcode in versions up to, and including, 3.2.0 due to insufficient input sanitization and output. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2024-35215 MEDIUM This Month

NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1 and 7.0 could allow an attacker with local access to cause a. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qnx Software Development Platform
NVD
CVSS 3.1
6.2
EPSS
0.2%
CVE-2024-9207 MEDIUM This Month

The BuddyPress Docs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-8629 MEDIUM This Month

The WooCommerce Multilingual & Multicurrency with WPML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-43547 MEDIUM PATCH This Month

Windows Kerberos Information Disclosure Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
5.9
EPSS
0.7%
CVE-2024-43546 MEDIUM PATCH This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.6).

Information Disclosure Microsoft Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +5
NVD
CVSS 3.1
5.6
EPSS
0.6%
CVE-2024-43614 MEDIUM PATCH This Month

Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Path Traversal Microsoft Defender For Endpoint
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2024-43603 MEDIUM PATCH This Month

Visual Studio Collector Service Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Visual Studio Visual Studio 2017 Visual Studio 2019 Visual Studio 2022
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2024-43585 MEDIUM PATCH This Month

Code Integrity Guard Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass Windows 10 1809 Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +6
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2024-43554 MEDIUM PATCH This Month

Windows Kernel-Mode Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2024-43508 MEDIUM PATCH This Month

Windows Graphics Component Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 11 22h2 Windows 11 23h2 +2
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2024-43500 MEDIUM PATCH This Month

Windows Resilient File System (ReFS) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 11 22h2 Windows 11 23h2 +2
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2024-34671 MEDIUM This Month

Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to version 26.0.3.1 allows local attackers to get sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Samsung Internet
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34670 MEDIUM This Month

Use of implicit intent for sensitive communication in Sound Assistant prior to version 6.1.0.9 allows local attackers to get sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Sound Assistant
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-34663 MEDIUM This Month

Integer overflow in libSEF.quram.so prior to SMR Oct-2024 Release 1 allows local attackers to write out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-45382 MEDIUM This Month

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Openharmony
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-43697 MEDIUM This Month

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Openharmony
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-43696 MEDIUM This Month

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Openharmony
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-39806 MEDIUM This Month

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Openharmony
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-47951 MEDIUM This Month

In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Teamcity
NVD
CVSS 3.1
5.4
EPSS
1.4%
CVE-2024-47950 MEDIUM This Month

In JetBrains TeamCity before 2024.07.3 stored XSS was possible in Backup configuration settings. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Teamcity
NVD
CVSS 3.1
5.4
EPSS
1.4%
CVE-2024-47196 MEDIUM This Month

A vulnerability has been identified in ModelSim (All versions < V2025.2), Questa (All versions < V2025.2). Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity. No vendor patch available.

RCE Modelsim Questa
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-47195 MEDIUM This Month

A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity. No vendor patch available.

RCE Modelsim Questa
NVD
CVSS 4.0
5.4
EPSS
0.2%
Prev Page 4 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy