Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-13 | CVE-2024-42377 | Missing Authorization vulnerability in SAP Shared Service Framework SAP shared service framework allows an authenticated non-administrative user to call a remote-enabled function, which will allow them to insert value entries into a non-sensitive table, causing low impact on integrity of the application | 4.3 |
2024-08-13 | CVE-2024-7388 | The WP Bannerize Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via banner alt data in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. network high complexity | 4.0 |
2024-08-13 | CVE-2022-38382 | Insufficient Session Expiration vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another authenticated user to obtain sensitive information. | 4.1 |
2024-08-12 | CVE-2024-7705 | Unrestricted Upload of File with Dangerous Type vulnerability in Mainwww Mwcms 1.0.0 A vulnerability was found in Fujian mwcms 1.0.0. | 5.3 |
2024-08-12 | CVE-2024-43358 | Cross-site Scripting vulnerability in Zoneminder ZoneMinder is a free, open source closed-circuit television software application. | 6.1 |
2024-08-12 | CVE-2024-43359 | Cross-site Scripting vulnerability in Zoneminder ZoneMinder is a free, open source closed-circuit television software application. | 6.1 |
2024-08-12 | CVE-2023-41884 | SQL Injection vulnerability in Zoneminder ZoneMinder is a free, open source Closed-circuit television software application. | 6.5 |
2024-08-12 | CVE-2024-42474 | Path Traversal vulnerability in Snowflake Streamlit Streamlit is a data oriented application development framework for python. | 6.5 |
2024-08-12 | CVE-2024-7700 | Command Injection vulnerability in Theforeman Foreman A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page. | 6.5 |
2024-08-12 | CVE-2024-41909 | Improper Validation of Integrity Check Value vulnerability in Apache Mina Sshd Like many other SSH implementations, Apache MINA SSHD suffered from the issue that is more widely known as CVE-2023-48795. | 5.9 |