Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-04	CVE-2024-20469	OS Command Injection vulnerability in Cisco Identity Services Engine 3.2/3.3 A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. local low complexity cisco CWE-78	6.7
2024-09-04	CVE-2024-20503	Missing Encryption of Sensitive Data vulnerability in Cisco DUO Authentication for Epic A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to view sensitive information in cleartext on an affected system. This vulnerability is due to improper storage of an unencrypted registry key. local low complexity cisco CWE-311	5.5
2024-09-04	CVE-2024-8414	Cross-Site Request Forgery (CSRF) vulnerability in Munyweki Insurance Management System 1.0 A vulnerability has been found in SourceCodester Insurance Management System 1.0 and classified as problematic. network low complexity munyweki CWE-352	4.3
2024-09-04	CVE-2024-45052	Information Exposure Through Discrepancy vulnerability in Ethyca Fides Fides is an open-source privacy engineering platform. network low complexity ethyca CWE-203	5.3
2024-09-04	CVE-2024-45074	Path Traversal vulnerability in IBM Webmethods Integration 10.15 IBM webMethods Integration 10.15 could allow an authenticated user to traverse directories on the system. network low complexity ibm CWE-22	6.5
2024-09-04	CVE-2024-45314	Unspecified vulnerability in Dpgaspar Flask APP Builder Flask-AppBuilder is an application development framework. local low complexity dpgaspar	5.5
2024-09-04	CVE-2024-8412	Open Redirect vulnerability in Linuxos Shakal-Ng A vulnerability, which was classified as problematic, was found in LinuxOSsk Shakal-NG up to 1.3.3. network low complexity linuxos CWE-601	6.1
2024-09-04	CVE-2024-44819	Cross-site Scripting vulnerability in Zzcms Cross Site Scripting vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via a crafted script to the pagename parameter of the admin/del.php component. network low complexity zzcms CWE-79	6.1
2024-09-04	CVE-2024-44820	Cross-site Scripting vulnerability in Zzcms A sensitive information disclosure vulnerability exists in ZZCMS v.2023 and before within the eginfo.php file located at /3/E_bak5.1/upload/. network low complexity zzcms CWE-79	6.1
2024-09-04	CVE-2024-7077	Cross-site Scripting vulnerability in Semtekyazilim Semtek Sempos Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Semtek Informatics Software Consulting Inc. network low complexity semtekyazilim CWE-79	6.1

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium