Weekly Vulnerabilities Reports > March 18 to 24, 2024
Overview
93 new vulnerabilities reported during this period, including 17 critical vulnerabilities and 15 high severity vulnerabilities. This weekly summary report vulnerabilities in 14 products from 9 vendors including Tenda, Google, Fedoraproject, IBM, and Microsoft. Vulnerabilities are notably categorized as "Cross-site Scripting", "Stack-based Buffer Overflow", "OS Command Injection", "Out-of-bounds Write", and "Out-of-bounds Read".
- 80 reported vulnerabilities are remotely exploitables.
- 45 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 45 reported vulnerabilities are exploitable by an anonymous user.
- Tenda has the most reported vulnerabilities, with 19 reported vulnerabilities.
- Tenda has the most reported critical vulnerabilities, with 16 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
17 Critical Vulnerabilities
15 High Vulnerabilities
59 Medium Vulnerabilities
2 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2024-03-18 | CVE-2024-26051 | Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 3.4 | |
2024-03-22 | CVE-2022-32756 | IBM | Information Exposure Through an Error Message vulnerability in IBM Security Verify Directory 10.0.0 IBM Security Verify Directory 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |