Skip to main content
CVE-2024-10995 MEDIUM POC This Month

A vulnerability was found in Codezips Hospital Appointment System 1.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Hospital Appointment System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.7%
CVE-2024-10991 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in Codezips Hospital Appointment System 1.0.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Hospital Appointment System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.7%
CVE-2024-10988 MEDIUM POC This Month

A vulnerability was found in code-projects E-Health Care System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Health Care System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-51055 MEDIUM POC This Month

An issue Hoosk v1.7.1 allows a remote attacker to execute arbitrary code via a crafted script to the config.php component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP XSS Hoosk
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-10997 MEDIUM POC This Month

A vulnerability was found in 1000 Projects Bookstore Management System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Bookstore Management System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2024-11026 MEDIUM POC This Month

A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Java Google Freenow
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.6%
CVE-2024-35420 MEDIUM POC This Month

wac commit 385e1 was discovered to contain a heap overflow. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Wac
NVD GitHub
CVSS 3.1
6.2
EPSS
0.2%
CVE-2024-35418 MEDIUM POC This Month

wac commit 385e1 was discovered to contain a heap overflow via the setup_call function at /wac-asan/wa.c. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Wac
NVD GitHub
CVSS 3.1
6.2
EPSS
0.2%
CVE-2024-35410 MEDIUM POC This Month

wac commit 385e1 was discovered to contain a heap overflow via the interpret function at /wac-asan/wa.c. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Wac
NVD GitHub
CVSS 3.1
6.2
EPSS
0.3%
CVE-2024-35425 MEDIUM POC This Month

vmir e8117 was discovered to contain a segmentation violation via the function_prepare_parse function at /src/vmir_function.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Vmir
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-35424 MEDIUM POC This Month

vmir e8117 was discovered to contain a segmentation violation via the import_function function at /src/vmir_wasm_parser.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Vmir
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-35421 MEDIUM POC This Month

vmir e8117 was discovered to contain a segmentation violation via the wasm_parse_block function at /src/vmir_wasm_parser.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Vmir
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-35419 MEDIUM POC This Month

wac commit 385e1 was discovered to contain a heap overflow via the load_module function at /wac-asan/wa.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Wac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-10994 MEDIUM POC This Month

A vulnerability has been found in Codezips Online Institute Management System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP File Upload Online Institute Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.6%
CVE-2024-10993 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in Codezips Online Institute Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP File Upload Online Institute Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.7%
CVE-2024-10990 MEDIUM POC This Month

A vulnerability classified as critical was found in SourceCodester Online Veterinary Appointment System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Veterinary Appointment System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-10989 MEDIUM POC This Month

A vulnerability classified as critical has been found in code-projects E-Health Care System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Health Care System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.4%
CVE-2024-10987 MEDIUM POC This Month

A vulnerability was found in code-projects E-Health Care System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Health Care System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.4%
CVE-2024-11000 MEDIUM POC This Month

A vulnerability classified as problematic was found in CodeAstro Real Estate Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP File Upload Real Estate Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.6%
CVE-2024-10999 MEDIUM POC This Month

A vulnerability classified as problematic has been found in CodeAstro Real Estate Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP File Upload Real Estate Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.6%
CVE-2024-51157 MEDIUM POC This Month

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component http://erp.07fly.net:80/oa/OaSchedule/add.html. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF 07flycms
NVD GitHub
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-40240 MEDIUM This Month

An incorrect access control issue in HomeServe Home Repair' android app - 3.3.4 allows a physically proximate attacker to escalate privileges via the fingerprint authentication function. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Google Homeserve
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2024-40239 MEDIUM This Month

An incorrect access control issue in Life: Personal Diary, Journal android app 17.5.0 allows a physically proximate attacker to escalate privileges via the fingerprint authentication function. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Google Life
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2024-44765 MEDIUM This Month

An Improper Authorization (Access Control Misconfiguration) vulnerability in MGT-COMMERCE GmbH CloudPanel v2.0.0 to v2.4.2 allows low-privilege users to bypass access controls and gain unauthorized. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2024-51030 MEDIUM This Month

A SQL injection vulnerability in manage_client.php and view_cab.php of Sourcecodester Cab Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, leading. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SQLi PHP Information Disclosure Cab Management System
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2024-46947 MEDIUM This Month

Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-48011 MEDIUM This Month

Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Data Domain Operating System
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-10621 MEDIUM This Month

The Simple Shortcode for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's pw_map shortcode in all versions up to, and including, 1.5.4 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Google
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2024-52000 MEDIUM This Month

Combodo iTop is a simple, web based IT Service Management tool. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Itop
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-50188 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83869: fix memory corruption when enabling fiber When configuring the fiber port, the DP83869 PHY driver incorrectly. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-50210 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succeeds, it calls fget() for the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Red Hat Information Disclosure Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-50205 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() The step variable is initialized to zero. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-35427 MEDIUM This Month

vmir e8117 was discovered to contain a segmentation violation via the export_function function at /src/vmir_wasm_parser.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Vmir
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50208 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50207 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix reader locking when changing the sub buffer order The function ring_buffer_subbuf_order_set() updates each. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-50206 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix memory corruption during fq dma init The loop responsible for allocating up to MTK_FQ_DMA_LENGTH. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50204 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: fs: don't try and remove empty rbtree node When copying a namespace we won't have added the new copy into the namespace rbtree. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50202 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: nilfs2: propagate directory read errors from nilfs_find_entry() Syzbot reported that a task hang occurs in vcs_open() during a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50201 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix encoder->possible_clones Include the encoder itself in its possible_clones bitmask. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50200 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: maple_tree: correct tree corruption on spanning store Patch series "maple_tree: correct tree corruption on spanning store", v3. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50199 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50198 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: iio: light: veml6030: fix IIO device retrieval from embedded device The dev pointer that is received as an argument in the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50197 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: pinctrl: intel: platform: fix error path in device_for_each_child_node() The device_for_each_child_node() loop requires calls to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Intel Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50196 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: pinctrl: ocelot: fix system hang on level based interrupts The current implementation only calls chained_irq_enter() and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50195 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: posix-clock: Fix missing timespec64 check in pc_clock_settime() As Andrew pointed out, it will make sense that the PTP core checked. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50194 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Fix uprobes for big-endian kernels The arm64 uprobes code is broken for big-endian kernels as it doesn't convert the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50191 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SB_RDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SB_RDONLY. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50190 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ice: fix memleak in ice_init_tx_topology() Fix leak of the FW blob (DDP pkg). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50189 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() Using the device-managed version allows to simplify clean-up in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50187 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Stop the active perfmon before being destroyed Upon closing the file descriptor, the active performance monitor is not. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy