Skip to main content
CVE-2024-8822 MEDIUM This Month

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Tools Pdf Xchange Editor
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-8821 MEDIUM This Month

PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure RCE Memory Corruption Pdf Tools +1
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-8820 MEDIUM This Month

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Tools Pdf Xchange Editor
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-8819 MEDIUM This Month

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Tools Pdf Xchange Editor
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-8816 MEDIUM This Month

PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure RCE Memory Corruption Pdf Tools +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-5512 MEDIUM This Month

Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2024-52998 MEDIUM This Month

Substance3D - Stager versions 3.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Substance 3d Stager
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-10034 MEDIUM This Month

The Gallery Blocks with Lightbox. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-47142 MEDIUM This Month

AIPHONE IXG SYSTEM IXG-2C7 firmware Ver.2.03 and earlier and IXG-2C7-L firmware Ver.2.03 and earlier contain an issue with insufficiently protected credentials, which may allow a network-adjacent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2024-37783 MEDIUM This Month

A reflected cross-site scripting (XSS) vulnerability in Gladinet CentreStack v13.12.9934.54690 allows attackers to inject malicious JavaScript into the web browser of a victim via the sessionId. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-50965 MEDIUM This Month

Cross Site Scripting vulnerability in Public Knowledge Project PKP Platform OJS/OMP/OPS- before v.3.3.0.16 allows an attacker to execute arbitrary code and escalate privileges via a crafted script. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE XSS
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-32770 MEDIUM This Month

A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Photo Station
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-32769 MEDIUM This Month

A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Photo Station
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-32768 MEDIUM This Month

A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Photo Station
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-32767 MEDIUM This Month

A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Photo Station
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-45837 MEDIUM This Month

Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2024-53253 MEDIUM PATCH This Month

Sentry is an error tracking and performance monitoring platform. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sentry
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2024-51072 MEDIUM This Month

An issue in KIA Seltos vehicle instrument cluster with software and hardware v1.0 allows attackers to cause a Denial of Service (DoS) via ECU reset UDS service. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2024-52793 MEDIUM This Month

The Deno Standard Library provides APIs for Deno and the Web. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Microsoft
NVD GitHub
CVSS 4.0
5.1
EPSS
0.6%
CVE-2024-37050 MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.8%
CVE-2024-37049 MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.8%
CVE-2024-37048 MEDIUM This Month

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.6%
CVE-2024-37047 MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.8%
CVE-2024-37045 MEDIUM This Month

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.6%
CVE-2024-37044 MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.8%
CVE-2024-37043 MEDIUM This Month

A path traversal vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.7%
CVE-2024-37042 MEDIUM This Month

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.6%
CVE-2024-37041 MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.8%
CVE-2024-10863 MEDIUM This Month

: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.1 before <24.4. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Microsoft
NVD
CVSS 4.0
5.1
EPSS
0.4%
CVE-2024-38296 MEDIUM This Month

Dell Edge Gateway 3200, versions prior to 15.40.30.2879, and Edge Gateway 5200, versions prior to 12.0.94.2380, contain an Exposure of Sensitive Information in Shared Microarchitectural Structures. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Intel Management Engine Firmware Update Utility
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-10666 MEDIUM This Month

The Easy Twitter Feed - Twitter feeds plugin for WP plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.6 via the [etf] shortcode. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure WordPress Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-9758 MEDIUM This Month

Tungsten Automation Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-49054 MEDIUM This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Microsoft Edge Chromium
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2024-11355 MEDIUM This Month

The Ultimate YouTube Video & Shorts Player With Vimeo plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_setting() function in all versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-9763 LOW Monitor

Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-9762 LOW Monitor

Tungsten Automation Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-9761 LOW Monitor

Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-9760 LOW Monitor

Tungsten Automation Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-9759 LOW Monitor

Tungsten Automation Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-9757 LOW Monitor

Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-9754 LOW Monitor

Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-9753 LOW Monitor

Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-9752 LOW Monitor

Tungsten Automation Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-9749 LOW Monitor

Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-52814 LOW Monitor

Argo Helm is a collection of community maintained charts for `argoproj.github.io` projects. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
2.8
EPSS
0.2%
CVE-2024-45719 LOW PATCH Monitor

Inadequate Encryption Strength vulnerability in Apache Answer.4.0. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Apache Information Disclosure Answer
NVD
CVSS 3.1
2.6
EPSS
0.2%
CVE-2024-11619 LOW Monitor

A vulnerability, which was classified as problematic, has been found in macrozheng mall up to 1.0.3. Rated low severity (CVSS 2.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Mall
NVD GitHub VulDB
CVSS 4.0
2.3
EPSS
0.7%
CVE-2024-50401 LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.1
EPSS
0.6%
CVE-2024-50400 LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.1
EPSS
0.6%
CVE-2024-50399 LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.1
EPSS
0.6%
Prev Page 7 of 8 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy