| 2024-12-11 | CVE-2024-48912 | Unspecified vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package. | 8.1 |
| 2024-12-11 | CVE-2024-8496 | Incorrect Default Permissions vulnerability in Ivanti Workspace Control
Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation. | 7.8 |
| 2024-12-11 | CVE-2024-9845 | Incorrect Default Permissions vulnerability in Ivanti Automation
Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to achieve local privilege escalation. | 7.8 |
| 2024-12-11 | CVE-2024-47758 | Unspecified vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package. | 8.8 |
| 2024-12-11 | CVE-2023-23472 | IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system. | 3.1 |
| 2024-12-11 | CVE-2024-11351 | The Restrict – membership, site, content and user access restrictions for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.8 via the WordPress core search feature. | 5.3 |
| 2024-12-11 | CVE-2024-51460 | Information Exposure Through an Error Message vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information when a detailed technical error message is returned in a stack trace. | 4.3 |
| 2024-12-11 | CVE-2024-12325 | The Waymark plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘content’ parameter in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-12-11 | CVE-2024-11008 | The Members – Membership & User Role Editor Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.10 via the WordPress core search feature. | 5.3 |
| 2024-12-11 | CVE-2024-11840 | The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the uucss_data, update_rapidload_settings, wp_ajax_update_htaccess_file, uucss_update_rule, upload_rules, get_all_rules, update_titan_settings, preload_page, and activate_module functions in all versions up to, and including, 2.4.2. | 7.1 |