Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-11-12 CVE-2024-49046 Unspecified vulnerability in Microsoft products
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
local
low complexity
microsoft
7.8
7.8
2024-11-12 CVE-2024-49048 Unspecified vulnerability in Microsoft Torchgeo
TorchGeo Remote Code Execution Vulnerability
network
high complexity
microsoft
8.1
8.1
2024-11-12 CVE-2024-49049 Unspecified vulnerability in Microsoft Remote SSH
Visual Studio Code Remote Extension Elevation of Privilege Vulnerability
local
low complexity
microsoft
7.1
7.1
2024-11-12 CVE-2024-49050 Unspecified vulnerability in Microsoft Python Extension
Visual Studio Code Python Extension Remote Code Execution Vulnerability
network
low complexity
microsoft
8.8
8.8
2024-11-12 CVE-2024-49051 Unspecified vulnerability in Microsoft PC Manager
Microsoft PC Manager Elevation of Privilege Vulnerability
local
low complexity
microsoft
7.8
7.8
2024-11-12 CVE-2024-49056 Authentication bypass by assumed-immutable data on airlift.microsoft.com allows an authorized attacker to elevate privileges over a network.
network
low complexity
CWE-302
7.3
7.3
2024-11-12 CVE-2024-49521 Server-Side Request Forgery (SSRF) vulnerability in Adobe Commerce
Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to a security feature bypass.
network
low complexity
adobe CWE-918
7.7
7.7
2024-11-12 CVE-2024-49527 Out-of-bounds Read vulnerability in Adobe Animate
Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
5.5
2024-11-12 CVE-2024-11007 OS Command Injection vulnerability in Ivanti Connect Secure 22.7/7.1/7.4
Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution.
network
low complexity
ivanti CWE-78
7.2
7.2
2024-11-12 CVE-2024-47905 Out-of-bounds Write vulnerability in Ivanti Connect Secure 22.7/7.1/7.4
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.
network
low complexity
ivanti CWE-787
4.9
4.9