Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2024-11-15 CVE-2024-11263 Unspecified vulnerability in Zephyrproject Zephyr
When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols.
local
low complexity
zephyrproject
8.4
8.4
2024-11-15 CVE-2017-13310 Incorrect Default Permissions vulnerability in Google Android
In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass.
local
low complexity
google CWE-276
7.8
7.8
2024-11-15 CVE-2017-13312 Unspecified vulnerability in Google Android 8.0
In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to improper input validation.
local
low complexity
google
7.8
7.8
2024-11-15 CVE-2017-13314 Missing Authorization vulnerability in Google Android
In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2024-11-15 CVE-2024-38370 Unspecified vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project
7.5
7.5
2024-11-15 CVE-2024-41679 SQL Injection vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project CWE-89
8.8
8.8
2024-11-15 CVE-2024-45608 SQL Injection vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project CWE-89
8.8
8.8
2024-11-15 CVE-2024-40638 Unspecified vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project
8.8
8.8
2024-11-15 CVE-2024-11248 Unspecified vulnerability in Tenda Ac10 Firmware 16.03.10.13
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical.
network
low complexity
tenda
8.8
8.8
2024-11-15 CVE-2024-39726 XXE vulnerability in IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2/7.0.3
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
8.2
8.2