Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-12 | CVE-2024-49050 | Unspecified vulnerability in Microsoft Python Extension Visual Studio Code Python Extension Remote Code Execution Vulnerability | 8.8 |
| 2024-11-12 | CVE-2024-49051 | Unspecified vulnerability in Microsoft PC Manager Microsoft PC Manager Elevation of Privilege Vulnerability | 7.8 |
| 2024-11-12 | CVE-2024-49056 | Unspecified vulnerability in Microsoft Airlift Microsoft COM Authentication bypass by assumed-immutable data on airlift.microsoft.com allows an authorized attacker to elevate privileges over a network. | 8.8 |
| 2024-11-12 | CVE-2024-11004 | Cross-site Scripting vulnerability in Ivanti Connect Secure 22.7/7.1/7.4 Reflected XSS in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to obtain admin privileges. | 6.1 |
| 2024-11-12 | CVE-2024-11005 | OS Command Injection vulnerability in Ivanti Connect Secure and Policy Secure Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution. | 7.2 |
| 2024-11-12 | CVE-2024-11006 | OS Command Injection vulnerability in Ivanti Connect Secure and Policy Secure Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution. | 7.2 |
| 2024-11-12 | CVE-2024-49521 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Commerce Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to a security feature bypass. | 7.7 |
| 2024-11-12 | CVE-2024-49527 | Out-of-bounds Read vulnerability in Adobe Animate Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
| 2024-11-12 | CVE-2024-7571 | Unspecified vulnerability in Ivanti Secure Access Client Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges. | 7.8 |
| 2024-11-12 | CVE-2024-8539 | Unspecified vulnerability in Ivanti Secure Access Client Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files. | 7.1 |