Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-13 | CVE-2024-25052 | Insufficiently Protected Credentials vulnerability in IBM Jazz Reporting Service 7.0.3 IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by an admin user. | 4.4 |
2024-06-13 | CVE-2024-36395 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Verint Workforce Optimization 15.2.918.262 Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) | 6.1 |
2024-06-13 | CVE-2024-30472 | Unspecified vulnerability in Microsoft Telemetry Dashboard 1.0.0.8 Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. | 5.5 |
2024-06-13 | CVE-2024-32856 | Unspecified vulnerability in Dell products Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. | 6.0 |
2024-06-13 | CVE-2024-34113 | Inadequate Encryption Strength vulnerability in Adobe Coldfusion 2021/2023 ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords vulnerability that could result in a security feature bypass. | 5.5 |
2024-06-13 | CVE-2024-34130 | Incorrect Authorization vulnerability in Adobe Acrobat Reader 20.6.0/20.6.2/20.9.0 Acrobat Mobile Sign Android versions 24.4.2.33155 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. | 5.5 |
2024-06-13 | CVE-2024-30278 | Out-of-bounds Read vulnerability in Adobe Media Encoder Media Encoder versions 23.6.5, 24.3 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2024-06-13 | CVE-2024-0979 | Cross-site Scripting vulnerability in Plugin-Planet Dashboard Widgets Suite The Dashboard Widgets Suite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 3.4.3 due to insufficient input sanitization and output escaping. | 6.1 |
2024-06-13 | CVE-2024-1565 | Cross-site Scripting vulnerability in Wpdeveloper Embedpress The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the PDF Widget URL in all versions up to, and including, 3.9.10 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-06-13 | CVE-2024-30276 | Out-of-bounds Read vulnerability in Adobe Audition Audition versions 24.2, 23.6.4 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |