Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-20 | CVE-2024-12830 | Path Traversal vulnerability in Arista NG Firewall 17.1.1 Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. | 7.3 |
| 2024-12-20 | CVE-2024-12831 | Incorrect Authorization vulnerability in Arista NG Firewall 17.1.1 Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. | 7.8 |
| 2024-12-20 | CVE-2024-54538 | Unspecified vulnerability in Apple products A denial-of-service issue was addressed with improved input validation. | 7.5 |
| 2024-12-19 | CVE-2024-11157 | Out-of-bounds Write vulnerability in Rockwellautomation Arena A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. | 7.3 |
| 2024-12-19 | CVE-2024-11364 | Use of Uninitialized Resource vulnerability in Rockwellautomation Arena Another “uninitialized variable” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to access a variable prior to it being initialized. | 7.3 |
| 2024-12-19 | CVE-2024-12175 | Use After Free vulnerability in Rockwellautomation Arena Another “use after free” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to use a resource that was already used. | 7.8 |
| 2024-12-19 | CVE-2024-12790 | Cross-site Scripting vulnerability in Fabianros Hostel Management System 1.0 A vulnerability was found in code-projects Hostel Management Site 1.0. | 8.2 |
| 2024-12-19 | CVE-2024-12785 | SQL Injection vulnerability in Angeljudesuarez Vehicle Management System 1.0 A vulnerability was found in itsourcecode Vehicle Management System 1.0. | 8.8 |
| 2024-12-19 | CVE-2024-25131 | A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. | 8.8 |
| 2024-12-19 | CVE-2020-12820 | Out-of-bounds Write vulnerability in Fortinet Fortios Under non-default configuration, a stack-based buffer overflow in FortiOS version 6.0.10 and below, version 5.6.12 and below may allow a remote attacker authenticated to the SSL VPN to crash the FortiClient NAC daemon (fcnacd) and potentially execute arbitrary code via requesting a large FortiClient file name. | 8.8 |