Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-01 CVE-2024-38490 Out-of-bounds Write vulnerability in Dell EMC Idrac Service Module
Dell iDRAC Service Module version 5.3.0.0 and prior, contain a Out of bound Write Vulnerability.
local
low complexity
dell CWE-787
4.4
4.4
2024-08-01 CVE-2024-25947 Out-of-bounds Write vulnerability in Dell EMC Idrac Service Module
Dell iDRAC Service Module version 5.3.0.0 and prior, contain an Out of bound Read Vulnerability.
local
low complexity
dell CWE-787
4.4
4.4
2024-08-01 CVE-2024-5331 The Breakdance plugin for WordPress is vulnerable to unauthorized access of data in all versions up to, and including, 1.7.2.
network
low complexity
 4.3
4.3
2024-08-01 CVE-2024-5678 SQL Injection vulnerability in Zohocorp Manageengine Applications Manager
Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature.
network
low complexity
zohocorp CWE-89
4.7
4.7
2024-08-01 CVE-2024-2090 The Remote Content Shortcode plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5 via the remote_content shortcode.
network
low complexity
 6.4
6.4
2024-08-01 CVE-2024-7342 Unrestricted Upload of File with Dangerous Type vulnerability in Baidu Ueditor
A vulnerability was found in Baidu UEditor 1.4.3.3.
network
low complexity
baidu CWE-434
6.1
6.1
2024-08-01 CVE-2024-7343 Cross-site Scripting vulnerability in Baidu Ueditor 1.4.2
A vulnerability was found in Baidu UEditor 1.4.2.
network
low complexity
baidu CWE-79
6.1
6.1
2024-08-01 CVE-2024-1715 The AdFoxly – Ad Manager, AdSense Ads & Ads.txt plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the adfoxly_ad_status() function in all versions up to, and including, 1.8.5.
network
low complexity
 5.3
5.3
2024-08-01 CVE-2024-7339 A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T and classified as problematic.
network
low complexity
tvt provision-isr artion-sec
5.3
5.3
2024-08-01 CVE-2024-6687 The CTT Expresso para WooCommerce plugin for WordPress is vulnerable to sensitive information exposure in all versions up to and including 3.2.12 via the /wp-content/uploads/cepw directory.
network
low complexity
 5.3
5.3