Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-16 | CVE-2024-5500 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 6.5 |
| 2024-07-16 | CVE-2024-5566 | Unspecified vulnerability in Github Enterprise Server An improper privilege management vulnerability allowed users to migrate private repositories without having appropriate scopes defined on the related Personal Access Token. | 6.5 |
| 2024-07-16 | CVE-2024-5795 | Resource Exhaustion vulnerability in Github Enterprise Server A Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause unbounded resource exhaustion by sending a large payload to the Git server. | 6.5 |
| 2024-07-16 | CVE-2024-5815 | Cross-Site Request Forgery (CSRF) vulnerability in Github Enterprise Server A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. | 6.5 |
| 2024-07-16 | CVE-2024-5816 | Incorrect Authorization vulnerability in Github Enterprise Server An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed a suspended GitHub App to retain access to the repository via a scoped user access token. | 5.3 |
| 2024-07-16 | CVE-2024-5817 | Incorrect Authorization vulnerability in Github Enterprise Server An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed read access to issue content via GitHub Projects. | 6.5 |
| 2024-07-16 | CVE-2024-6336 | Unspecified vulnerability in Github Enterprise Server A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. | 5.3 |
| 2024-07-16 | CVE-2024-6395 | Unspecified vulnerability in Github Enterprise Server An exposure of sensitive information vulnerability in GitHub Enterprise Server would allow an attacker to enumerate the names of private repositories that utilize deploy keys. | 5.3 |
| 2024-07-16 | CVE-2024-39036 | Path Traversal vulnerability in Seacms 12.9 SeaCMS v12.9 is vulnerable to Arbitrary File Read via admin_safe.php. | 6.5 |
| 2024-07-16 | CVE-2024-6325 | Incorrect Default Permissions vulnerability in Rockwellautomation Factorytalk Policy Manager 6.40.0 The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html by implementing CIP security and did not update to the versions of the software CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html and CVE-2022-1161. | 6.5 |