Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-08 | CVE-2024-4341 | Unspecified vulnerability in Extremepacs Extreme XDS Improper Privilege Management vulnerability in Ekstrem Bir Bilgisayar Danismanlik Ic Ve Dis Ticaret Ltd. | 6.5 |
| 2024-07-08 | CVE-2024-6163 | Authentication Bypass by Spoofing vulnerability in Checkmk Certain http endpoints of Checkmk in Checkmk < 2.3.0p10 < 2.2.0p31, < 2.1.0p46, <= 2.0.0p39 allows remote attacker to bypass authentication and access data | 5.3 |
| 2024-07-08 | CVE-2024-37389 | Cross-site Scripting vulnerability in Apache Nifi Apache NiFi 1.10.0 through 1.26.0 and 2.0.0-M1 through 2.0.0-M3 support a description field in the Parameter Context configuration that is vulnerable to cross-site scripting. | 5.4 |
| 2024-07-08 | CVE-2024-34602 | Unspecified vulnerability in Samsung Android 12.0/13.0/14.0 Use of implicit intent for sensitive communication in Samsung Messages prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. | 5.5 |
| 2024-07-08 | CVE-2024-34603 | Unspecified vulnerability in Samsung Android 13.0/14.0 Improper access control in Samsung Message prior to SMR Jul-2024 Release 1 allows local attackers to access location data. | 5.5 |
| 2024-07-08 | CVE-2024-31897 | Server-Side Request Forgery (SSRF) vulnerability in IBM Cloud PAK for Business Automation IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, 22.0.2, 23.0.1, and 23.0.2 vulnerable to server-side request forgery (SSRF). | 4.3 |
| 2024-07-08 | CVE-2024-37528 | Cross-site Scripting vulnerability in IBM Cloud PAK for Business Automation IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting. | 5.4 |
| 2024-07-08 | CVE-2024-39723 | Improper Authentication vulnerability in IBM Storage Virtualize 8.6 IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. | 4.6 |
| 2024-07-08 | CVE-2024-5711 | Cross-site Scripting vulnerability in Stitionai Devika A stored Cross-Site Scripting (XSS) vulnerability exists in the stitionai/devika chat feature, allowing attackers to inject malicious payloads into the chat input. | 6.1 |
| 2024-07-07 | CVE-2024-6539 | Cross-site Scripting vulnerability in Heyewei Springbootcms A vulnerability classified as problematic has been found in heyewei SpringBootCMS up to 2024-05-28. | 4.8 |