Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-06 | CVE-2024-6999 | Unspecified vulnerability in Google Chrome Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
2024-08-06 | CVE-2024-7001 | Unspecified vulnerability in Google Chrome Inappropriate implementation in HTML in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
2024-08-06 | CVE-2024-7003 | Unspecified vulnerability in Google Chrome Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
2024-08-06 | CVE-2024-7004 | Unspecified vulnerability in Google Chrome Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. | 4.3 |
2024-08-06 | CVE-2024-7005 | Unspecified vulnerability in Google Chrome Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. | 4.3 |
2024-08-06 | CVE-2024-7564 | Path Traversal vulnerability in Logsign Unified Secops Platform 6.4.11 Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. | 6.5 |
2024-08-06 | CVE-2024-36424 | NULL Pointer Dereference vulnerability in K7Computing K7 Ultimate Security 16.0.000/16.0.0117/16.0.0120 K7RKScan.sys in K7 Ultimate Security before 17.0.2019 allows local users to cause a denial of service (BSOD) because of a NULL pointer dereference. | 5.5 |
2024-08-06 | CVE-2023-40819 | Cross-site Scripting vulnerability in Devlop.Systems Id4Portais ID4Portais in version < V.2022.837.002a returns message parameter unsanitized in the response, resulting in a HTML Injection vulnerability. | 6.1 |
2024-08-06 | CVE-2024-40101 | Cross-site Scripting vulnerability in Microweber A Reflected Cross-site scripting (XSS) vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter. | 6.1 |
2024-08-06 | CVE-2024-41910 | Cross-site Scripting vulnerability in HP Poly Clariti Manager Firmware A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. | 6.1 |