Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-24 | CVE-2024-37679 | Cross-site Scripting vulnerability in Finesoft Project Finesoft Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. | 6.1 |
| 2024-06-24 | CVE-2024-37680 | Cross-site Scripting vulnerability in Finesoft Project Finesoft Hangzhou Meisoft Information Technology Co., Ltd. | 6.1 |
| 2024-06-24 | CVE-2024-37732 | Cross-site Scripting vulnerability in Anchorcms Anchor CMS 0.12.7 Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute arbitrary code via a crafted .pdf file. | 6.1 |
| 2024-06-24 | CVE-2023-49793 | Path Traversal vulnerability in Ericsson Codechecker CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. | 6.5 |
| 2024-06-24 | CVE-2024-33880 | Unspecified vulnerability in Virtosoftware Sharepoint Bulk File Download 5.5.44 An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. | 5.3 |
| 2024-06-24 | CVE-2024-33881 | Path Traversal vulnerability in Virtosoftware Sharepoint Bulk File Download 5.5.44 An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. | 5.3 |
| 2024-06-24 | CVE-2024-38369 | Incorrect Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 4.3 |
| 2024-06-24 | CVE-2024-6104 | Information Exposure Through Log Files vulnerability in Hashicorp Retryablehttp go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. | 5.5 |
| 2024-06-24 | CVE-2024-6285 | Integer Underflow (Wrap or Wraparound) vulnerability in Renesas Rcar Gen3 V2.5 Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed addresses. | 6.7 |
| 2024-06-24 | CVE-2024-39292 | Double Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winch IRQ is racy, an interrupt may occur before the winch is added to the winch_handlers list. If that happens, register_winch_irq() adds to that list a winch that is scheduled to be (or has already been) freed, causing a panic later in winch_cleanup(). Avoid the race by adding the winch to the winch_handlers list before registering the IRQ, and rolling back if um_request_irq() fails. | 5.5 |