Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-42482 | Unspecified vulnerability in Fish-Shop Syntax-Check fish-shop/syntax-check is a GitHub action for syntax checking fish shell files. | 6.5 |
| 2024-08-12 | CVE-2024-21550 | Cross-site Scripting vulnerability in Steve-Community Steve SteVe is an open platform that implements different version of the OCPP protocol for Electric Vehicle charge points, acting as a central server for management of registered charge points. | 6.1 |
| 2024-08-12 | CVE-2024-27443 | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. | 6.1 |
| 2024-08-12 | CVE-2024-33533 | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0, issue 1 of 2. | 5.4 |
| 2024-08-12 | CVE-2024-33536 | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. | 5.4 |
| 2024-08-12 | CVE-2024-42258 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176 ("mm: huge_memory: don't force huge page alignment on 32 bit") didn't work for x86_32 [1]. | 5.5 |
| 2024-08-12 | CVE-2024-6639 | The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdx_list_item' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity | 6.4 |
| 2024-08-12 | CVE-2023-38018 | Session Fixation vulnerability in IBM Aspera Shares 1.10.0 IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. | 5.4 |
| 2024-08-12 | CVE-2024-0115 | Unspecified vulnerability in Nvidia Cv-Cuda NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python process. | 6.1 |
| 2024-08-12 | CVE-2024-21877 | Path Traversal vulnerability in Enphase IQ Gateway Firmware Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability through a url parameter in Enphase IQ Gateway (formerly known as Envoy) allows File Manipulation. | 6.5 |