Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-12 | CVE-2024-8640 | Command Injection vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 16.11 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. | 8.8 |
| 2024-09-12 | CVE-2024-8754 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. | 8.1 |
| 2024-09-12 | CVE-2024-42483 | Insufficient Verification of Data Authenticity vulnerability in Espressif Esp-Now ESP-NOW Component provides a connectionless Wi-Fi communication protocol. | 6.5 |
| 2024-09-12 | CVE-2024-45823 | Unspecified vulnerability in Rockwellautomation Factorytalk Batch View 2.01.00 CVE-2024-45823 IMPACT An authentication bypass vulnerability exists in the affected product. | 9.8 |
| 2024-09-12 | CVE-2024-45825 | Unspecified vulnerability in Rockwellautomation 5015-U8Ihft Firmware 1.011/1.012 CVE-2024-45825 IMPACT A denial-of-service vulnerability exists in the affected products. | 7.5 |
| 2024-09-12 | CVE-2024-45826 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Rockwellautomation Thinmanager 13.1.0/13.2.0 CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. | 8.8 |
| 2024-09-12 | CVE-2024-6510 | Uncontrolled Search Path Element vulnerability in AVG Internet Security Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYSTEM via COM-Hijacking. | 7.8 |
| 2024-09-12 | CVE-2024-6700 | Cross-site Scripting vulnerability in Pega Infinity Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with App name. | 4.8 |
| 2024-09-12 | CVE-2024-6701 | Cross-site Scripting vulnerability in Pega Infinity Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with case type. | 4.8 |
| 2024-09-12 | CVE-2024-6702 | Cross-site Scripting vulnerability in Pega Infinity Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage. | 4.8 |