Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-28 | CVE-2024-44943 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing try_grab_folio A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. | 5.5 |
| 2024-08-28 | CVE-2021-22509 | Cleartext Storage of Sensitive Information vulnerability in Microfocus Netiq Advanced Authentication A vulnerability identified in storing and reusing information in Advance Authentication. | 6.5 |
| 2024-08-28 | CVE-2021-22529 | Unspecified vulnerability in Microfocus Netiq Advanced Authentication A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. | 5.5 |
| 2024-08-28 | CVE-2024-4554 | Cross-site Scripting vulnerability in Microfocus Netiq Access Manager 5.0.2 Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1. | 5.4 |
| 2024-08-28 | CVE-2024-6312 | Path Traversal vulnerability in Funnelforms Free The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 3.7.3.2 via the 'af2DeleteFontFile' function. | 6.5 |
| 2024-08-28 | CVE-2024-39771 | Improper Certificate Validation vulnerability in Safie Qbic Cloud Cc-2/2L Firmware and Safie ONE Firmware QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier do not properly validate certificates, which may allow a network-adjacent unauthenticated attacker to obtain and/or alter communications of the affected product via a man-in-the-middle attack. | 6.8 |
| 2024-08-28 | CVE-2024-6448 | The Mollie Payments for WooCommerce plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 7.7.0. | 5.3 |
| 2024-08-28 | CVE-2024-7573 | The Relevanssi Live Ajax Search plugin for WordPress is vulnerable to argument injection in all versions up to, and including, 2.4. network low complexity | 5.3 |
| 2024-08-27 | CVE-2024-8216 | Unspecified vulnerability in Insurance Management System Project Insurance Management System 1.0 A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. | 5.4 |
| 2024-08-27 | CVE-2022-39996 | Cross-site Scripting vulnerability in Teldat Rs123 Firmware and Rs123W Firmware Cross Site Scripting vulnerability in Teldats Router RS123, RS123w allows attacker to execute arbitrary code via the cmdcookie parameter to the upgrade/query.php page. | 4.8 |