Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-15 | CVE-2024-21283 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core product of Oracle PeopleSoft (component: Global Payroll for Core). | 8.1 |
| 2024-10-15 | CVE-2024-21284 | Unspecified vulnerability in Oracle Banking Liquidity Management 14.5.0.12.0 Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports). | 7.1 |
| 2024-10-15 | CVE-2024-21285 | Unspecified vulnerability in Oracle Banking Liquidity Management 14.5.0.12.0 Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports). | 7.1 |
| 2024-10-15 | CVE-2024-45271 | An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation. | 7.8 |
| 2024-10-15 | CVE-2024-45273 | Inadequate Encryption Strength vulnerability in multiple products An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used. | 7.8 |
| 2024-10-15 | CVE-2024-49387 | Cleartext Transmission of Sensitive Information vulnerability in Acronis Cyber Protect 16 Cleartext transmission of sensitive information in acep-collector service. | 7.5 |
| 2024-10-15 | CVE-2024-9975 | Unrestricted Upload of File with Dangerous Type vulnerability in Rems Drag and Drop Image Upload 1.0 A vulnerability was found in SourceCodester Drag and Drop Image Upload 1.0. | 8.8 |
| 2024-10-15 | CVE-2024-9983 | Path Traversal vulnerability in Ragic Enterprise Cloud Database Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. | 7.5 |
| 2024-10-15 | CVE-2024-9837 | The The AADMY – Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.1. | 7.3 |
| 2024-10-15 | CVE-2024-9980 | SQL Injection vulnerability in Formosasoft Ee-Class The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents. | 8.8 |