Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-20	CVE-2024-7711	Incorrect Authorization vulnerability in Github Enterprise Server An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server, allowing an attacker to update the title, assignees, and labels of any issue inside a public repository. network low complexity github CWE-863	4.3
2024-08-20	CVE-2024-42369	Uncontrolled Recursion vulnerability in Matrix Javascript SDK matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. network low complexity matrix CWE-674	5.3
2024-08-20	CVE-2024-43376	Information Exposure Through an Error Message vulnerability in Umbraco CMS 14.0.0/14.1.0/14.1.1 Umbraco is an ASP.NET CMS. network low complexity umbraco CWE-209	5.3
2024-08-20	CVE-2024-43377	Unspecified vulnerability in Umbraco CMS 14.0.0/14.1.0/14.1.1 Umbraco CMS is an ASP.NET CMS. network low complexity umbraco	4.3
2024-08-20	CVE-2024-43397	Unspecified vulnerability in Apolloconfig Apollo Apollo is a configuration management system. network low complexity apolloconfig	4.3
2024-08-20	CVE-2024-43409	Improper Authentication vulnerability in Ghost Ghost is a Node.js content management system. network low complexity ghost CWE-287	6.5
2024-08-20	CVE-2024-39094	Cross-site Scripting vulnerability in Friendica 2024.03 Friendica 2024.03 is vulnerable to Cross Site Scripting (XSS) in settings/profile via the homepage, xmpp, and matrix parameters. network low complexity friendica CWE-79	5.4
2024-08-20	CVE-2024-6377	Open Redirect vulnerability in 3DS 3Dexperience R2022X/R2023X An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to redirect users to an arbitrary website via a crafted URL. network low complexity 3ds CWE-601	6.1
2024-08-20	CVE-2024-6378	Cross-site Scripting vulnerability in 3DS 3Dexperience R2022X/R2023X A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session. network low complexity 3ds CWE-79	5.4
2024-08-20	CVE-2024-6379	Cross-site Scripting vulnerability in 3DS 3Dexperience R2022X/R2023X A reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session. network low complexity 3ds CWE-79	6.1

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium