Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-18 | CVE-2024-41165 | A library injection vulnerability exists in Microsoft Word 16.83 for macOS. | 7.1 |
| 2024-12-18 | CVE-2024-12692 | Unspecified vulnerability in Google Chrome Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-12-18 | CVE-2024-12693 | Out-of-bounds Write vulnerability in Google Chrome Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |
| 2024-12-18 | CVE-2024-12694 | Unspecified vulnerability in Google Chrome Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-12-18 | CVE-2024-12695 | Unspecified vulnerability in Google Chrome Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |
| 2024-12-18 | CVE-2024-12686 | OS Command Injection vulnerability in Beyondtrust Remote Support A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user. | 7.2 |
| 2024-12-18 | CVE-2024-51470 | IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values. | 6.5 |
| 2024-12-18 | CVE-2024-55952 | Unspecified vulnerability in Dataease DataEase is an open source business analytics tool. | 8.8 |
| 2024-12-18 | CVE-2024-55953 | SQL Injection vulnerability in Dataease DataEase is an open source business analytics tool. | 8.1 |
| 2024-12-18 | CVE-2024-25042 | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting (XSS). | 6.1 |