Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-04 | CVE-2022-28656 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products is_closing_session() allows users to consume RAM in the Apport process | 5.5 |
2024-06-04 | CVE-2022-28658 | Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing | 5.5 |
2024-06-04 | CVE-2024-30889 | Cross-site Scripting vulnerability in Web-Audimex Audimexee 15.1.2 Cross Site Scripting vulnerability in audimex audimexEE v.15.1.2 and fixed in 15.1.3.9 allows a remote attacker to execute arbitrary code via the service, method, widget_type, request_id, payload parameters. | 5.4 |
2024-06-04 | CVE-2024-34362 | Use After Free vulnerability in Envoyproxy Envoy Envoy is a cloud-native, open source edge and service proxy. | 5.9 |
2024-06-04 | CVE-2024-34364 | Out-of-bounds Write vulnerability in Envoyproxy Envoy Envoy is a cloud-native, open source edge and service proxy. | 6.5 |
2024-06-04 | CVE-2024-4220 | Unspecified vulnerability in Beyondtrust Beyondinsight Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can allow an attacker to enumerate usernames. | 5.3 |
2024-06-04 | CVE-2024-30528 | Missing Authorization vulnerability in Spiffyplugins Spiffy Calendar Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar.This issue affects Spiffy Calendar: from n/a through 4.9.10. | 6.3 |
2024-06-04 | CVE-2024-32464 | Cross-site Scripting vulnerability in Rubyonrails Rails Action Text brings rich text content and editing to Rails. | 6.1 |
2024-06-04 | CVE-2024-34759 | Cross-site Scripting vulnerability in Videowhisper Picture Gallery Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in VideoWhisper Picture Gallery allows Stored XSS.This issue affects Picture Gallery: from n/a through 1.5.11. | 5.4 |
2024-06-04 | CVE-2024-0756 | Cross-site Scripting vulnerability in Elearningfreak Insert or Embed Articulate Content The Insert or Embed Articulate Content into WordPress plugin through 4.3000000023 lacks validation of URLs when adding iframes, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page. | 5.4 |