Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-11 | CVE-2024-11597 | Incorrect Default Permissions vulnerability in Ivanti Performance Manager 2023.3/2024.1/2024.3 Under specific circumstances, insecure permissions in Ivanti Performance Manager before version 2024.3 HF1, 2024.1 HF1, or 2023.3 HF1 allows a local authenticated attacker to achieve local privilege escalation. | 7.8 |
| 2024-12-11 | CVE-2024-11598 | Incorrect Default Permissions vulnerability in Ivanti Application Control 2023.3/2024.1/2024.3 Under specific circumstances, insecure permissions in Ivanti Application Control before version 2024.3 HF1, 2024.1 HF2, or 2023.3 HF3 allows a local authenticated attacker to achieve local privilege escalation. | 7.8 |
| 2024-12-11 | CVE-2024-47760 | Unspecified vulnerability in Glpi-Project Glpi GLPI is a free asset and IT management software package. | 8.8 |
| 2024-12-11 | CVE-2024-47761 | Improper Authentication vulnerability in Glpi-Project Glpi GLPI is a free asset and IT management software package. | 7.2 |
| 2024-12-11 | CVE-2024-48912 | Unspecified vulnerability in Glpi-Project Glpi GLPI is a free asset and IT management software package. | 8.1 |
| 2024-12-11 | CVE-2024-8496 | Incorrect Default Permissions vulnerability in Ivanti Workspace Control Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation. | 7.8 |
| 2024-12-11 | CVE-2024-9845 | Incorrect Default Permissions vulnerability in Ivanti Automation Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to achieve local privilege escalation. | 7.8 |
| 2024-12-11 | CVE-2024-47758 | Unspecified vulnerability in Glpi-Project Glpi GLPI is a free asset and IT management software package. | 8.8 |
| 2024-12-11 | CVE-2023-23472 | Exposure of System Data to an Unauthorized Control Sphere vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system. | 6.5 |
| 2024-12-11 | CVE-2024-11351 | The Restrict – membership, site, content and user access restrictions for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.8 via the WordPress core search feature. | 5.3 |