Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-06 | CVE-2024-39229 | Unspecified vulnerability in Gl-Inet products An issue in GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, XE3000/X3000 v4, and B2200/MV1000/MV1000W/USB150/N300/SF1200 v3.216 allows attackers to intercept communications via a man-in-the-middle attack when DDNS clients are reporting data to the server. | 5.3 |
| 2024-08-06 | CVE-2024-42358 | Infinite Loop vulnerability in Msweet Pdfio PDFio is a simple C library for reading and writing PDF files. | 5.5 |
| 2024-08-06 | CVE-2023-28806 | Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. | 6.5 |
| 2024-08-06 | CVE-2024-23464 | Unspecified vulnerability in Zscaler Client Connector In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin rights. | 4.9 |
| 2024-08-06 | CVE-2024-39751 | Information Exposure Through an Error Message vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
| 2024-08-06 | CVE-2024-41333 | Cross-site Scripting vulnerability in PHPgurukul Tourism Management System 2.0 A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter. | 6.1 |
| 2024-08-06 | CVE-2024-43111 | Cross-site Scripting vulnerability in Mozilla Firefox Long pressing on a download link could potentially allow Javascript commands to be executed within the browser This vulnerability affects Firefox for iOS < 129. | 6.1 |
| 2024-08-06 | CVE-2024-43112 | Cross-site Scripting vulnerability in Mozilla Firefox Long pressing on a download link could potentially provide a means for cross-site scripting This vulnerability affects Firefox for iOS < 129. | 6.1 |
| 2024-08-06 | CVE-2024-43113 | Cross-site Scripting vulnerability in Mozilla Firefox The contextual menu for links could provide an opportunity for cross-site scripting attacks This vulnerability affects Firefox for iOS < 129. | 6.1 |
| 2024-08-06 | CVE-2024-6995 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.7 |