Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-24 | CVE-2024-53914 | Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24344. | 9.8 |
| 2024-11-24 | CVE-2024-53915 | Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24405. | 9.8 |
| 2024-11-24 | CVE-2024-53913 | Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24343. | 9.8 |
| 2024-11-24 | CVE-2024-53901 | Out-of-bounds Write vulnerability in Tonyc Imager The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image. | 5.5 |
| 2024-11-24 | CVE-2024-53899 | Command Injection vulnerability in Virtualenv virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. | 7.8 |
| 2024-11-24 | CVE-2024-11233 | Out-of-bounds Write vulnerability in PHP In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas. | 8.2 |
| 2024-11-24 | CVE-2024-11234 | Injection vulnerability in PHP In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user. | 7.2 |
| 2024-11-24 | CVE-2024-11236 | Integer Overflow or Wraparound vulnerability in PHP In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write. | 9.8 |
| 2024-11-23 | CVE-2024-11632 | SQL Injection vulnerability in Fabianros Simple CAR Rental System 1.0 A vulnerability was found in code-projects Simple Car Rental System 1.0. | 9.8 |
| 2024-11-23 | CVE-2024-35160 | Insufficient Session Expiration vulnerability in IBM BIG SQL and Watson Query With Cloud PAK for Data IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 and IBM Db2 Big SQL on Cloud Pak for Data 7.3, 7.4, 7.5, and 7.6 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. | 6.5 |