Vulnerabilities > Cert

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-28	CVE-2024-10469	Incorrect Default Permissions vulnerability in Cert Vince VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users. network low complexity cert CWE-276	6.5
2024-10-14	CVE-2024-9953	Deserialization of Untrusted Data vulnerability in Cert Vince A potential denial-of-service (DoS) vulnerability exists in CERT VINCE software versions prior to 3.0.8. network low complexity cert CWE-502	4.9
2022-10-26	CVE-2022-40238	Deserialization of Untrusted Data vulnerability in Cert Vince A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5. network low complexity cert CWE-502	8.8
2022-10-10	CVE-2022-40248	Cross-site Scripting vulnerability in Cert Vince An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. network low complexity cert CWE-79	5.4
2022-10-10	CVE-2022-40257	Cross-site Scripting vulnerability in Cert Vince An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. network low complexity cert CWE-79	5.4
2022-08-16	CVE-2022-25799	Open Redirect vulnerability in Cert Vince 1.48.0/1.49.0 An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.50.0. network low complexity cert CWE-601	6.1

Vulnerabilities > Cert {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cert"}]}