Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-12-16 CVE-2024-54382 Path Traversal vulnerability in Bold-Themes Bold Page Builder
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in BoldThemes Bold Page Builder allows Path Traversal.This issue affects Bold Page Builder: from n/a through 5.1.5.
network
low complexity
bold-themes CWE-22
4.9
4.9
2024-12-16 CVE-2024-12641 TenderDocTransfer from Chunghwa Telecom has a Reflected Cross-site scripting vulnerability.
network
low complexity
CWE-79
critical
 9.6
9.6
2024-12-16 CVE-2024-12642 TenderDocTransfer from Chunghwa Telecom has an Arbitrary File Write vulnerability.
network
low complexity
CWE-23
8.1
8.1
2024-12-16 CVE-2024-12643 The tbm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability.
network
low complexity
CWE-36
8.1
8.1
2024-12-16 CVE-2024-12644 The tbm-client from Chunghwa Telecom has an Arbitrary File vulnerability.
network
low complexity
CWE-36
7.1
7.1
2024-12-16 CVE-2024-12645 The topm-client from Chunghwa Telecom has an Arbitrary File Read vulnerability.
network
low complexity
CWE-23
6.5
6.5
2024-12-16 CVE-2024-12646 The topm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability.
network
low complexity
CWE-36
8.1
8.1
2024-12-16 CVE-2024-8798 Out-of-bounds Write vulnerability in Zephyrproject Zephyr
No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.
low complexity
zephyrproject CWE-787
6.5
6.5
2024-12-14 CVE-2024-31891 IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 contains a local privilege escalation vulnerability.
local
low complexity
CWE-250
7.8
7.8
2024-12-14 CVE-2024-31892 IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 could allow a user to perform unauthorized actions after intercepting and modifying a csv file due to improper neutralization of formula elements.
network
high complexity
CWE-89
7.5
7.5