Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-18 | CVE-2024-52426 | Cross-site Scripting vulnerability in Linear Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Linear Oy Linear linear allows DOM-Based XSS.This issue affects Linear: from n/a through 2.7.11. | 5.4 |
| 2024-11-18 | CVE-2024-52572 | Out-of-bounds Write vulnerability in Siemens Tecnomatix Plant Simulation A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). | 7.8 |
| 2024-11-18 | CVE-2024-9474 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability. | 7.2 |
| 2024-11-18 | CVE-2024-52427 | Code Injection vulnerability in Vollstart Event Tickets With Ticket Scanner Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso Nikolov Event Tickets with Ticket Scanner allows Server Side Include (SSI) Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through 2.3.11. | 8.8 |
| 2024-11-18 | CVE-2024-52428 | Unspecified vulnerability in Scripteo ADS Booster BY ADS PRO Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Scripteo Ads Booster by Ads Pro allows PHP Local File Inclusion.This issue affects Ads Booster by Ads Pro: from n/a through 1.12. | 9.8 |
| 2024-11-18 | CVE-2024-52429 | Unspecified vulnerability in Antonhoelstad WP Quick Setup Unrestricted Upload of File with Dangerous Type vulnerability in Anton Hoelstad WP Quick Setup allows Upload a Web Shell to a Web Server.This issue affects WP Quick Setup: from n/a through 2.0. | 8.8 |
| 2024-11-18 | CVE-2024-52430 | Unspecified vulnerability in LIS Video Gallery Deserialization of Untrusted Data vulnerability in Lis Lis Video Gallery allows Object Injection.This issue affects Lis Video Gallery: from n/a through 0.2.1. | 9.8 |
| 2024-11-18 | CVE-2024-52431 | Unspecified vulnerability in Pressaholic Wordpress Video Robot Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pressaholic WordPress Video Robot - The Ultimate Video Importer allows SQL Injection.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through 1.20.0. | 9.8 |
| 2024-11-18 | CVE-2024-52432 | Unspecified vulnerability in Nixsolutions NIX Anti-Spam Light Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light allows Object Injection.This issue affects NIX Anti-Spam Light: from n/a through 0.0.4. | 9.8 |
| 2024-11-18 | CVE-2024-52433 | Deserialization of Untrusted Data vulnerability in Mindstien MY GEO Posts Free Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free allows Object Injection.This issue affects My Geo Posts Free: from n/a through 1.2. | 9.8 |