Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-10 | CVE-2024-49533 | Unspecified vulnerability in Adobe products Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
| 2024-12-10 | CVE-2024-49534 | Unspecified vulnerability in Adobe products Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
| 2024-12-10 | CVE-2024-49535 | Unspecified vulnerability in Adobe products Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that allows an attacker to provide malicious XML input containing a reference to an external entity, potentially leading to unauthorized read access outside the Acrobat sandbox. | 6.3 |
| 2024-12-10 | CVE-2024-49551 | Out-of-bounds Write vulnerability in Adobe Media Encoder Media Encoder versions 25.0, 24.6.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-12-10 | CVE-2024-49552 | Out-of-bounds Write vulnerability in Adobe Media Encoder Media Encoder versions 25.0, 24.6.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-12-10 | CVE-2024-49553 | Out-of-bounds Write vulnerability in Adobe Media Encoder Media Encoder versions 25.0, 24.6.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-12-10 | CVE-2024-49554 | NULL Pointer Dereference vulnerability in Adobe Media Encoder Media Encoder versions 25.0, 24.6.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. | 5.5 |
| 2024-12-10 | CVE-2024-11633 | Argument Injection or Modification vulnerability in Ivanti Connect Secure Argument injection in Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution | 7.2 |
| 2024-12-10 | CVE-2024-11634 | Command Injection vulnerability in Ivanti Connect Secure 22.7/7.1/7.4 Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution. | 7.2 |
| 2024-12-10 | CVE-2024-11639 | Missing Authentication for Critical Function vulnerability in Ivanti Cloud Services Appliance 4.5/4.6/5.0 An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access | 9.8 |