Data provided in a request performed to the server while activating a new device are put in a database. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.
Plane is open-source project management software. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
GitHub Desktop is an open-source, Electron-based GitHub app designed for git development. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A vulnerability was found in Ackites KillWxapkg up to 2.4.1. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
A vulnerability was found in Ackites KillWxapkg up to 2.4.1. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Missing Authorization vulnerability in Drupal Single Content Sync allows Functionality Misuse.0.0 before 1.4.12. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
Input provided in a field containing "activationMessage" in Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.
Input provided in comment section of Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.