| 2024-12-12 | CVE-2024-54113 | Unspecified vulnerability in Huawei Harmonyos 5.0.0
Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect power consumption. | 7.5 |
| 2024-12-12 | CVE-2024-54114 | Out-of-bounds Read vulnerability in Huawei Harmonyos 5.0.0
Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability. | 7.5 |
| 2024-12-12 | CVE-2024-54115 | Out-of-bounds Read vulnerability in Huawei Harmonyos 5.0.0
Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability. | 7.5 |
| 2024-12-12 | CVE-2024-54116 | Out-of-bounds Read vulnerability in Huawei Harmonyos 5.0.0
Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | 7.5 |
| 2024-12-12 | CVE-2024-54117 | Unspecified vulnerability in Huawei Harmonyos 5.0.0
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | 7.5 |
| 2024-12-12 | CVE-2024-12312 | The Print Science Designer plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.152 via deserialization of untrusted input through the 'designer-saved-projects' cookie. | 8.1 |
| 2024-12-12 | CVE-2024-11052 | The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the calculations parameter in all versions up to, and including, 3.8.19 due to insufficient input sanitization and output escaping. | 7.2 |
| 2024-12-12 | CVE-2024-12040 | The Product Carousel Slider & Grid Ultimate for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9.10 via the 'theme' attribute of the `wcpcsu` shortcode. | 8.8 |
| 2024-12-12 | CVE-2024-12172 | The WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpc_update_user_meta_option() function in all versions up to, and including, 3.2.21. | 7.5 |
| 2024-12-12 | CVE-2024-10590 | The Opt-In Downloads plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the admin_upload() function in all versions up to, and including, 4.07. | 8.8 |