Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-15 | CVE-2024-52525 | Cleartext Storage of Sensitive Information vulnerability in Nextcloud Server Nextcloud Server is a self hosted personal cloud system. | 7.5 |
| 2024-11-15 | CVE-2024-11245 | SQL Injection vulnerability in Anisha Farmacia 1.0 A vulnerability, which was classified as critical, has been found in code-projects Farmacia 1.0. | 7.5 |
| 2024-11-15 | CVE-2024-41784 | Path Traversal vulnerability in IBM Sterling Secure Proxy IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2024-11-15 | CVE-2024-52555 | Unspecified vulnerability in Jetbrains Webstorm In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via type definitions installer script | 7.8 |
| 2024-11-15 | CVE-2024-11241 | SQL Injection vulnerability in Anisha JOB Recruitment 1.0 A vulnerability was found in code-projects Job Recruitment 1.0. | 7.5 |
| 2024-11-15 | CVE-2021-3742 | Unspecified vulnerability in Chatwoot A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.5.0. | 8.8 |
| 2024-11-15 | CVE-2024-10311 | Unspecified vulnerability in Cmorillas1 External Database Based Actions 0.1 The External Database Based Actions plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.1. | 8.8 |
| 2024-11-14 | CVE-2024-50968 | Unspecified vulnerability in Adonesevangelista Agri-Trading Online Shopping System 1.0 A business logic vulnerability exists in the Add to Cart function of itsourcecode Agri-Trading Online Shopping System 1.0, which allows remote attackers to manipulate the quant parameter when adding a product to the cart. | 7.5 |
| 2024-11-14 | CVE-2024-3760 | Unspecified vulnerability in Lunary In lunary-ai/lunary version 1.2.7, there is a lack of rate limiting on the forgot password page, leading to an email bombing vulnerability. | 7.5 |
| 2024-11-14 | CVE-2024-3379 | Incorrect Authorization vulnerability in Lunary In lunary-ai/lunary versions 1.2.2 through 1.2.6, an incorrect authorization vulnerability allows unprivileged users to re-generate the private key for projects they do not have access to. | 8.1 |