Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-06 | CVE-2024-10827 | Use After Free vulnerability in Google Chrome Use after free in Serial in Google Chrome prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-11-06 | CVE-2024-6861 | A disclosure of sensitive information flaw was found in foreman via the GraphQL API. | 7.5 |
| 2024-11-06 | CVE-2024-8614 | Unrestricted Upload of File with Dangerous Type vulnerability in Eyecix Jobsearch WP JOB Board The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jobsearch_wp_handle_upload() function in all versions up to, and including, 2.6.7. | 8.8 |
| 2024-11-06 | CVE-2024-10020 | Unspecified vulnerability in Heateor Social Login The Heateor Social Login WordPress plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.1.35. | 8.1 |
| 2024-11-06 | CVE-2024-9307 | Unrestricted Upload of File with Dangerous Type vulnerability in Themelooks Mfolio The mFolio Lite plugin for WordPress is vulnerable to file uploads due to a missing capability check in all versions up to, and including, 1.2.1. | 8.8 |
| 2024-11-06 | CVE-2024-9946 | Unspecified vulnerability in Heateor Super Socializer The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.13.68. | 8.1 |
| 2024-11-06 | CVE-2024-34676 | Out-of-bounds Write vulnerability in Samsung Android 12.0/13.0/14.0 Out-of-bounds write in parsing subtitle file in libsubextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. | 7.3 |
| 2024-11-06 | CVE-2024-34678 | Out-of-bounds Write vulnerability in Samsung Android 12.0/13.0/14.0 Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. | 7.8 |
| 2024-11-06 | CVE-2024-34679 | Incorrect Default Permissions vulnerability in Samsung Android 14.0 Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege. | 7.1 |
| 2024-11-06 | CVE-2024-49401 | Unspecified vulnerability in Samsung Android 13.0/14.0 Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities. | 7.1 |