Vulnerabilities > Cert > Vince > 1.50.6

DATE CVE VULNERABILITY TITLE RISK
2024-10-28 CVE-2024-10469 Incorrect Default Permissions vulnerability in Cert Vince
VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users.
network
low complexity
cert CWE-276
6.5
6.5
2024-10-14 CVE-2024-9953 Deserialization of Untrusted Data vulnerability in Cert Vince
A potential denial-of-service (DoS) vulnerability exists in CERT VINCE software versions prior to 3.0.8.
network
low complexity
cert CWE-502
4.9
4.9