Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-19 | CVE-2020-15934 | Improper Privilege Management vulnerability in Fortinet Forticlient An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux versions 6.2.7 and below, version 6.4.0. | 7.8 |
| 2024-12-19 | CVE-2021-26115 | OS Command Injection vulnerability in Fortinet Fortiwan An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.An OS command injection (CWE-78) vulnerability in FortiWAN Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command. | 7.8 |
| 2024-12-19 | CVE-2020-12819 | Out-of-bounds Write vulnerability in Fortinet Fortios A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. | 7.5 |
| 2024-12-19 | CVE-2024-11740 | Code Injection vulnerability in Wpdownloadmanager Download Manager The The Download Manager plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.3.03. | 7.3 |
| 2024-12-19 | CVE-2024-35141 | Unspecified vulnerability in IBM Security Verify Access Docker IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges. | 7.8 |
| 2024-12-19 | CVE-2024-51532 | Argument Injection or Modification vulnerability in Dell Powerstoreos Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. | 7.1 |
| 2024-12-19 | CVE-2022-44512 | Out-of-bounds Write vulnerability in Adobe products Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-12-19 | CVE-2022-44513 | Out-of-bounds Write vulnerability in Adobe products Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-12-19 | CVE-2022-44514 | Use After Free vulnerability in Adobe products Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-12-19 | CVE-2022-44518 | Use After Free vulnerability in Adobe products Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |