Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-04-19 CVE-2024-29991 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
network
high complexity
 5.0
5.0
2024-04-18 CVE-2024-29986 Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
network
low complexity
 5.4
5.4
2024-04-18 CVE-2024-29003 The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface.
low complexity
CWE-79
7.5
7.5
2024-04-18 CVE-2024-28076 The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability.
high complexity
CWE-601
7.0
7.0
2024-04-17 CVE-2023-39367 An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU).
network
low complexity
CWE-78
critical
 9.1
9.1
2024-04-17 CVE-2023-40146 A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU).
low complexity
CWE-77
6.8
6.8
2024-04-17 CVE-2023-43491 An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU).
network
low complexity
CWE-284
5.3
5.3
2024-04-17 CVE-2023-45209 An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU).
network
low complexity
CWE-284
5.3
5.3
2024-04-17 CVE-2023-45744 A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU).
network
low complexity
CWE-284
8.3
8.3
2024-04-17 CVE-2024-3834 Use After Free vulnerability in Google Chrome
Use after free in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
8.8