willitmerge is a command line tool to check if pull requests are mergeable. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ClipBucket v5 is an open source video sharing platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
fontTools is a library for manipulating fonts, written in Python. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required. Public exploit code available.
Multiple Cross-Site Scripting (XSS) vulnerabilities exist in xmall v1.1 due to improper handling of user-supplied data. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. Public exploit code available.
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required. Public exploit code available.
Kiteworks MFT orchestrates end-to-end file transfer workflows. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.
Kiteworks MFT orchestrates end-to-end file transfer workflows. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Werkzeug is a comprehensive WSGI web application library. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Kiteworks is a private data network (PDN). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.
Reflected Cross-Site Scripting (rXSS) in krpano before version 1.23.2 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the victim's browser via a crafted URL to the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Retro is an online platform providing items of vintage collections. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
OrangeHRM is a comprehensive human resource management (HRM) system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
OrangeHRM is a comprehensive human resource management (HRM) system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.