Skip to main content
CVE-2024-12899 MEDIUM POC This Month

A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Attendance Tracking Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-23945 MEDIUM POC PATCH This Month

Signing cookies is an application security feature that adds a digital signature to cookie data to verify its authenticity and integrity. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Apache Information Disclosure Hive Spark
NVD GitHub
CVSS 3.1
5.9
EPSS
1.5%
CVE-2024-12898 MEDIUM POC This Month

A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Attendance Tracking Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-56378 MEDIUM POC PATCH This Month

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Poppler
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2024-12901 MEDIUM This Month

A vulnerability classified as critical was found in FoxCMS up to 1.2. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Information Disclosure Foxcms
NVD VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-53276 MEDIUM This Month

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Cors Misconfiguration
NVD GitHub
CVSS 4.0
6.3
EPSS
0.5%
CVE-2024-52321 MEDIUM This Month

Multiple SHARP routers contain an improper authentication vulnerability in the configuration backup function. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.0
5.9
EPSS
0.5%
CVE-2024-56362 MEDIUM PATCH This Month

Navidrome is an open source web-based music collection server and streamer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Navidrome
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-56364 MEDIUM PATCH This Month

SimpleXLSX is software for parsing and retrieving data from Excel XLSx files. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD GitHub
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-56326 MEDIUM PATCH This Month

Jinja is an extensible templating engine. Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity.

RCE Python Jinja
NVD GitHub
CVSS 4.0
5.4
EPSS
0.5%
CVE-2024-56201 MEDIUM PATCH This Month

Jinja is an extensible templating engine. Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity.

RCE Python Jinja
NVD GitHub
CVSS 4.0
5.4
EPSS
0.3%
CVE-2024-11230 MEDIUM PATCH This Month

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘size’ parameter in all versions up to, and including, 1.6.46 due to insufficient input. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Elementor Header Footer Builder
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-53275 MEDIUM This Month

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 4.0
5.3
EPSS
0.3%
CVE-2024-12900 MEDIUM This Month

A vulnerability classified as critical has been found in FoxCMS up to 1.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure Foxcms
NVD VulDB
CVSS 4.0
5.3
EPSS
0.7%
CVE-2024-47864 MEDIUM This Month

home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow
NVD
CVSS 3.0
5.3
EPSS
0.6%
CVE-2024-12897 MEDIUM This Month

A vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 up to 20241222. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD VulDB
CVSS 4.0
5.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy