Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-04-19 CVE-2024-29991 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
network
high complexity
 5.0
5.0
2024-04-18 CVE-2024-29986 Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
network
low complexity
 5.4
5.4
2024-04-17 CVE-2023-40146 A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU).
low complexity
CWE-77
6.8
6.8
2024-04-17 CVE-2023-43491 An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU).
network
low complexity
CWE-284
5.3
5.3
2024-04-17 CVE-2023-45209 An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU).
network
low complexity
CWE-284
5.3
5.3
2024-04-17 CVE-2024-3838 Unspecified vulnerability in Google Chrome
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app.
local
low complexity
google
5.5
5.5
2024-04-17 CVE-2024-3839 Out-of-bounds Read vulnerability in Google Chrome
Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
network
low complexity
google CWE-125
6.5
6.5
2024-04-16 CVE-2024-20990 Vulnerability in the Oracle Applications Technology product of Oracle E-Business Suite (component: Templates).
network
low complexity
 5.3
5.3
2024-04-16 CVE-2024-20991 Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener).
network
low complexity
 5.3
5.3
2024-04-16 CVE-2024-20992 Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Content integration).
network
high complexity
 4.4
4.4