Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2024-04-23 CVE-2024-28130 An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8.
network
low complexity
CWE-704
7.5
7.5
2024-04-18 CVE-2024-29003 The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface.
low complexity
CWE-79
7.5
7.5
2024-04-18 CVE-2024-28076 The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability.
high complexity
CWE-601
7.0
7.0
2024-04-17 CVE-2023-45744 A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU).
network
low complexity
CWE-284
8.3
8.3
2024-04-17 CVE-2024-3834 Use After Free vulnerability in Google Chrome
Use after free in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
8.8
2024-04-17 CVE-2024-3837 Use After Free vulnerability in Google Chrome
Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
8.8
2024-04-16 CVE-2024-20989 Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony POS).
network
high complexity
 7.0
7.0
2024-04-16 CVE-2024-20999 Vulnerability in the Oracle Solaris product of Oracle Systems (component: Zones).
local
low complexity
 8.2
8.2
2024-04-16 CVE-2024-21006 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).
network
low complexity
 7.5
7.5
2024-04-16 CVE-2024-21007 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).
network
low complexity
 7.5
7.5