Skip to main content
CVE-2024-48936 MEDIUM This Month

SchedMD Slurm before 24.05.4 has Incorrect Authorization. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Slurm
NVD
CVSS 3.1
5.0
EPSS
0.3%
CVE-2024-51509 MEDIUM This Month

Tiki through 27.0 allows users who have certain permissions to insert a "Modules" (aka tiki-admin_modules.php) stored XSS payload in the Name. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Tiki
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2024-51508 MEDIUM This Month

Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Index. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Tiki
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2024-51507 MEDIUM This Month

Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Name. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Tiki
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2024-51506 MEDIUM This Month

Tiki through 27.0 allows users who have certain permissions to insert a "Create a Wiki Pages" stored XSS payload in the description. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Tiki
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2024-47827 MEDIUM PATCH This Month

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Rated medium severity (CVSS 4.8).

Race Condition Kubernetes Denial Of Service Argo Workflows
NVD GitHub
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-50463 MEDIUM This Month

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.2.9. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect
NVD VulDB
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-44274 MEDIUM This Month

The issue was addressed with improved authentication. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Watchos
NVD VulDB
CVSS 3.1
4.6
EPSS
0.2%
CVE-2024-44137 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass macOS
NVD VulDB
CVSS 3.1
4.6
EPSS
0.1%
CVE-2024-44235 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2024-44260 MEDIUM This Month

This issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD VulDB
CVSS 3.1
4.4
EPSS
0.0%
CVE-2024-44244 MEDIUM This Month

A memory corruption issue was addressed with improved input validation. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Memory Corruption Buffer Overflow Ipados Iphone Os +5
NVD VulDB
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-30106 MEDIUM This Month

HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error, which could allow a user to obtain sensitive information they are not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Connections
NVD
CVSS 3.1
4.3
EPSS
0.3%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy