| 2024-12-13 | CVE-2024-12300 | The AR for WordPress plugin for WordPress is vulnerable to unauthorized double extension file upload due to a missing capability check on the set_ar_featured_image() function in all versions up to, and including, 7.3. | 3.7 |
| 2024-12-13 | CVE-2024-12572 | The Hello In All Languages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.6. | 6.1 |
| 2024-12-12 | CVE-2024-49071 | Unspecified vulnerability in Microsoft Defender for Endpoint
Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network. | 6.5 |
| 2024-12-12 | CVE-2024-49147 | Deserialization of Untrusted Data vulnerability in Microsoft Update Catalog
Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to elevate privileges on the website’s webserver. | 9.8 |
| 2024-12-12 | CVE-2024-55663 | Unspecified vulnerability in Xwiki
XWiki Platform is a generic wiki platform. network low complexity xwiki critical | 9.8 |
| 2024-12-12 | CVE-2024-47238 | Unspecified vulnerability in Dell products
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. local low complexity dell | 6.7 |
| 2024-12-12 | CVE-2024-52901 | Improper Validation of Specified Quantity in Input vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation. | 6.5 |
| 2024-12-12 | CVE-2024-55633 | Incorrect Authorization vulnerability in Apache Superset
Improper Authorization vulnerability in Apache Superset. | 6.5 |
| 2024-12-12 | CVE-2024-12271 | The 360 Javascript Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ref’ parameter in all versions up to, and including, 1.7.29 due to insufficient input sanitization and output escaping. network high complexity CWE-79 | 4.4 |
| 2024-12-12 | CVE-2024-54119 | Unspecified vulnerability in Huawei Harmonyos 5.0.0
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | 7.5 |