Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-09 | CVE-2024-11454 | Untrusted Search Path vulnerability in Autodesk Revit A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized. | 7.8 |
| 2024-12-09 | CVE-2024-11608 | Out-of-bounds Write vulnerability in Autodesk Revit A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. | 7.8 |
| 2024-12-09 | CVE-2024-54922 | SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0 A SQL Injection was found in /admin/edit_user.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the firstname, lastname, and username parameters. | 7.2 |
| 2024-12-09 | CVE-2024-54930 | SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0 Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_student.php. | 7.2 |
| 2024-12-09 | CVE-2024-54933 | SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0 Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_content.php. | 7.2 |
| 2024-12-09 | CVE-2024-45760 | Missing Authorization vulnerability in Dell Openmanage Server Administrator Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper access control vulnerability. | 8.8 |
| 2024-12-09 | CVE-2024-45761 | Unspecified vulnerability in Dell Openmanage Server Administrator Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper input validation vulnerability. | 8.1 |
| 2024-12-09 | CVE-2024-54926 | SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0 A SQL Injection vulnerability was found in /search_class.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the school_year parameter. | 8.8 |
| 2024-12-09 | CVE-2023-7298 | Out-of-bounds Write vulnerability in Autodesk FBX Software Development KIT A maliciously crafted FBX file, when parsed through Autodesk FBX SDK, may force an Out-of-Bounds Write vulnerability. | 8.8 |
| 2024-12-09 | CVE-2024-49600 | Unspecified vulnerability in Dell Power Manager Dell Power Manager (DPM), versions prior to 3.17, contain an improper access control vulnerability. | 7.8 |