Skip to main content
CVE-2024-12305 MEDIUM This Month

An object-level access control vulnerability in Unifiedtransform version 2.0 and potentially earlier versions allows unauthorized access to student grades. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass PHP
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-55578 MEDIUM This Month

Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and application_secret) in log files. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-55565 MEDIUM PATCH This Month

nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service
NVD GitHub
CVSS 3.1
4.3
EPSS
0.7%
CVE-2024-12369 MEDIUM PATCH This Month

A vulnerability was found in OIDC-Client. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Code Injection
NVD GitHub
CVSS 3.1
4.2
EPSS
0.2%
Prev Page 5 of 5

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy