Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-15	CVE-2022-1884	Command Injection vulnerability in Gogs A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. network low complexity gogs CWE-77 critical	9.8
2024-11-15	CVE-2023-0109	Cross-site Scripting vulnerability in Usememos Memos 0.9.1 A stored cross-site scripting (XSS) vulnerability was discovered in usememos/memos version 0.9.1. network low complexity usememos CWE-79	5.4
2024-11-15	CVE-2023-0737	Cross-Site Request Forgery (CSRF) vulnerability in Wallabag 2.5.2 wallabag version 2.5.2 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. network low complexity wallabag CWE-352	6.5
2024-11-15	CVE-2023-2332	Cross-site Scripting vulnerability in Pimcore 10.5.19 A stored Cross-site Scripting (XSS) vulnerability exists in the Conditions tab of Pricing Rules in pimcore/pimcore versions 10.5.19. network low complexity pimcore CWE-79	4.8
2024-11-15	CVE-2023-4679	Use After Free vulnerability in Gpac 2.3.0Dev A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. local low complexity gpac CWE-416	5.5
2024-11-15	CVE-2024-0787	Improper Restriction of Excessive Authentication Attempts vulnerability in PHPipam phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. network high complexity phpipam CWE-307	5.9
2024-11-15	CVE-2024-0875	Cross-site Scripting vulnerability in Open-Emr Openemr 7.0.1 A stored cross-site scripting (XSS) vulnerability exists in openemr/openemr version 7.0.1. network low complexity open-emr CWE-79	4.8
2024-11-15	CVE-2024-10443	Command Injection vulnerability in Synology Beephotos and Photos Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via unspecified vectors. network low complexity synology CWE-77 critical	9.8
2024-11-15	CVE-2024-10534	Origin Validation Error vulnerability in Dataprom Personnel Attendance Control Systems / Access Control Security Systems Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS) allows Traffic Injection.This issue affects Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS): before 2024. network low complexity dataprom CWE-346 critical	9.8
2024-11-15	CVE-2024-11182	Cross-site Scripting vulnerability in Mdaemon 5.0/5.0.6 An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. network low complexity mdaemon CWE-79	6.1

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities