Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-12-19 CVE-2024-12793 Path Traversal vulnerability in Pbootcms
A vulnerability, which was classified as problematic, has been found in PbootCMS up to 5.2.3.
network
low complexity
pbootcms CWE-22
4.3
4.3
2024-12-19 CVE-2024-12794 SQL Injection vulnerability in Codezips E-Commerce Site 1.0
A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0.
network
low complexity
codezips CWE-89
critical
 9.8
9.8
2024-12-19 CVE-2024-49336 Server-Side Request Forgery (SSRF) vulnerability in IBM Security Guardium 11.5
IBM Security Guardium 11.5 is vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
5.4
2024-12-19 CVE-2024-51471 IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow an authenticated user to cause a denial-of-service when trace is enabled due to information being written into memory outside of the intended buffer size.
network
high complexity
CWE-125
5.3
5.3
2024-12-19 CVE-2024-12788 SQL Injection vulnerability in Codezips Technical Discussion Forum 1.0
A vulnerability was found in Codezips Technical Discussion Forum 1.0 and classified as critical.
network
low complexity
codezips CWE-89
critical
 9.8
9.8
2024-12-19 CVE-2024-12789 Code Injection vulnerability in Pbootcms
A vulnerability was found in PbootCMS up to 3.2.3.
network
low complexity
pbootcms CWE-94
critical
 9.8
9.8
2024-12-19 CVE-2024-12787 SQL Injection vulnerability in 1000Projects Attendance Tracking Management System 1.0
A vulnerability has been found in 1000 Projects Attendance Tracking Management System 1.0 and classified as critical.
network
low complexity
1000projects CWE-89
critical
 9.8
9.8
2024-12-19 CVE-2024-25131 A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated.
network
low complexity
CWE-20
8.8
8.8
2024-12-19 CVE-2021-26102 Path Traversal vulnerability in Fortinet Fortiwan
A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete files on the system by sending a crafted POST request.
network
low complexity
fortinet CWE-22
critical
 9.1
9.1
2024-12-19 CVE-2024-10244 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ISDO Software Web Software allows SQL Injection.This issue affects Web Software: before 3.6.
network
low complexity
CWE-89
critical
 9.8
9.8