Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-11 | CVE-2024-37176 | Missing Authorization vulnerability in SAP Bw/4Hana SAP BW/4HANA Transformation and Data Transfer Process (DTP) allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks. | 5.4 |
| 2024-06-11 | CVE-2024-5090 | The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's SiteOrigin Blog Widget in all versions up to, and including, 1.61.1 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity | 6.4 |
| 2024-06-10 | CVE-2024-36306 | Link Following vulnerability in Trendmicro Apex ONE A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 5.5 |
| 2024-06-10 | CVE-2024-36359 | Cross-site Scripting vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 5.4 |
| 2024-06-10 | CVE-2024-36419 | Open Redirect vulnerability in Salesagility Suitecrm SuiteCRM is an open-source Customer Relationship Management (CRM) software application. | 6.1 |
| 2024-06-10 | CVE-2024-23251 | Unspecified vulnerability in Apple products An authentication issue was addressed with improved state management. low complexity apple | 4.6 |
| 2024-06-10 | CVE-2024-23282 | Unspecified vulnerability in Apple products The issue was addressed with improved checks. | 5.5 |
| 2024-06-10 | CVE-2024-27800 | Unspecified vulnerability in Apple products This issue was addressed by removing the vulnerable code. | 6.5 |
| 2024-06-10 | CVE-2024-27805 | Unspecified vulnerability in Apple products An issue was addressed with improved validation of environment variables. | 5.5 |
| 2024-06-10 | CVE-2024-27806 | Unspecified vulnerability in Apple products This issue was addressed with improved environment sanitization. | 5.5 |