Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-09 | CVE-2024-27366 | Out-of-bounds Read vulnerability in Samsung products An issue was discovered in Samsung Mobile Processor, Wearable Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. | 5.5 |
| 2024-09-09 | CVE-2024-27367 | Out-of-bounds Read vulnerability in Samsung products An issue was discovered in Samsung Mobile Processor Exynos Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. | 5.5 |
| 2024-09-09 | CVE-2024-27368 | Out-of-bounds Read vulnerability in Samsung products An issue was discovered in Samsung Mobile Processor Exynos Mobile Processor, Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. | 5.5 |
| 2024-09-09 | CVE-2024-7260 | Open Redirect vulnerability in Redhat Build of Keycloak and Keycloak An open redirect vulnerability was found in Keycloak. | 6.1 |
| 2024-09-09 | CVE-2024-45406 | Cross-site Scripting vulnerability in Craftcms Craft CMS Craft is a content management system (CMS). | 4.8 |
| 2024-09-09 | CVE-2024-8604 | Cross-site Scripting vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0 A vulnerability classified as problematic has been found in SourceCodester Online Food Ordering System 2.0. | 6.1 |
| 2024-09-09 | CVE-2024-8605 | Cross-site Scripting vulnerability in Code-Projects Inventory Management 1.0 A vulnerability classified as problematic was found in code-projects Inventory Management 1.0. | 5.4 |
| 2024-09-09 | CVE-2024-8372 | Unspecified vulnerability in Angularjs Angular.Js Improper sanitization of the value of the '[srcset]' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects AngularJS versions 1.3.0-rc.4 and greater. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. | 4.3 |
| 2024-09-09 | CVE-2024-8373 | Unspecified vulnerability in Angularjs Angular.Js Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. | 4.3 |
| 2024-09-09 | CVE-2024-8601 | Incorrect Authorization vulnerability in Techexcel Back Office Software This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to improper access controls on certain API endpoints. | 6.5 |