Skip to main content
CVE-2024-25563 MEDIUM This Month

Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 23.40 may allow a privileged user to potentially enable information. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Killer Proset Wireless Wifi
NVD
CVSS 4.0
4.6
EPSS
0.2%
CVE-2024-38654 MEDIUM This Month

Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Ivanti Denial Of Service Secure Access Client
NVD
CVSS 3.0
4.4
EPSS
0.3%
CVE-2024-10778 MEDIUM This Month

The BuddyPress Builder for Elementor - BuddyBuilder plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.4 via the 'elementor-template' shortcode due. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass Information Disclosure Buddybuilder
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-52549 MEDIUM PATCH This Month

Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va_3b_b_89f8a_95b_ and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Script Security
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-28169 MEDIUM This Month

Cleartext transmission of sensitive information for some BigDL software maintained by Intel(R) before version 2.5.0 may allow an authenticated user to potentially enable denial of service via. Rated medium severity (CVSS 4.3). No vendor patch available.

Intel Denial Of Service
NVD
CVSS 4.0
4.3
EPSS
0.1%
CVE-2024-48900 MEDIUM PATCH This Month

A vulnerability was found in Moodle. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Moodle
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-11159 MEDIUM This Month

Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla Thunderbird
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-10794 MEDIUM This Month

The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.6 via the 'bhf' shortcode due to insufficient. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Information Disclosure
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-11143 MEDIUM PATCH This Month

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.8. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Kognetiks Chatbot
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-10593 MEDIUM This Month

The WPForms - Easy Form Builder for WordPress - Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Wpforms
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-10531 MEDIUM PATCH This Month

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_assistant() function in all versions up to,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Kognetiks Chatbot
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-10530 MEDIUM PATCH This Month

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the add_new_assistant() function in all versions up. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Kognetiks Chatbot
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-10854 MEDIUM This Month

The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the buy_one_click_import_options AJAX action in all versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Buy One Click Woocommerce
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-10853 MEDIUM This Month

The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the removeorder AJAX action in all versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Buy One Click Woocommerce
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-10852 MEDIUM This Month

The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the buy_one_click_export_options AJAX action in all versions up. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-32667 LOW Monitor

Out-of-bounds read for some OpenCL(TM) software may allow an authenticated user to potentially enable denial of service via local access. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service
NVD
CVSS 4.0
2.4
EPSS
0.2%
CVE-2024-32485 LOW Monitor

Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an authenticated user to potentially enable denial of service via local access. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Virtual Raid On Cpu
NVD
CVSS 4.0
2.4
EPSS
0.2%
CVE-2024-21783 LOW Monitor

Integer overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Privilege Escalation Intel
NVD
CVSS 4.0
2.4
EPSS
0.2%
CVE-2024-38660 LOW Monitor

Protection mechanism failure in the SPP for some Intel(R) Xeon(R) processor family (E-Core) may allow an authenticated user to potentially enable escalation of privilege via local access. Rated low severity (CVSS 2.0), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
2.0
EPSS
0.2%
CVE-2024-34776 LOW Monitor

Out-of-bounds write in some Intel(R) SGX SDK software may allow an authenticated user to potentially enable escalation of privilege via local access. Rated low severity (CVSS 2.0). No vendor patch available.

Privilege Escalation Buffer Overflow Intel Memory Corruption
NVD
CVSS 4.0
2.0
EPSS
0.1%
CVE-2024-28051 LOW Monitor

Out-of-bounds read in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable information disclosure via local access. Rated low severity (CVSS 1.0). No vendor patch available.

Intel Buffer Overflow Information Disclosure
NVD
CVSS 4.0
1.0
EPSS
0.2%
CVE-2024-28030 LOW Monitor

NULL pointer dereference in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable denial of service via local access. Rated low severity (CVSS 1.0). No vendor patch available.

Intel Denial Of Service
NVD
CVSS 4.0
1.0
EPSS
0.2%
CVE-2024-21808 LOW Monitor

Improper buffer restrictions in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated low severity (CVSS 1.0). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
1.0
EPSS
0.2%
Prev Page 5 of 5

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy