Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-10 | CVE-2024-49552 | Out-of-bounds Write vulnerability in Adobe Media Encoder Media Encoder versions 25.0, 24.6.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-12-10 | CVE-2024-49553 | Out-of-bounds Write vulnerability in Adobe Media Encoder Media Encoder versions 25.0, 24.6.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-12-10 | CVE-2024-11633 | Argument Injection or Modification vulnerability in Ivanti Connect Secure Argument injection in Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution | 7.2 |
| 2024-12-10 | CVE-2024-11634 | Command Injection vulnerability in Ivanti Connect Secure 22.7/7.1/7.4 Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution. | 7.2 |
| 2024-12-10 | CVE-2024-11772 | Command Injection vulnerability in Ivanti Cloud Services Appliance 4.5/4.6/5.0 Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution. | 7.2 |
| 2024-12-10 | CVE-2024-11773 | SQL Injection vulnerability in Ivanti Cloud Services Appliance 4.5/4.6/5.0 SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements. | 7.2 |
| 2024-12-10 | CVE-2024-9844 | Unspecified vulnerability in Ivanti Connect Secure Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker to bypass restrictions. | 8.8 |
| 2024-12-10 | CVE-2024-53246 | Cleartext Transmission of Sensitive Information vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.3.2408.101, 9.2.2406.106, 9.2.2403.111, and 9.1.2312.206, an SPL command can potentially disclose sensitive information. | 7.5 |
| 2024-12-10 | CVE-2024-55602 | Unspecified vulnerability in Pwndoc Project Pwndoc PwnDoc is a penetration test report generator. | 8.5 |
| 2024-12-10 | CVE-2024-10494 | Unspecified vulnerability in NI Labview An out of bounds read due to improper input validation in HeapObjMapImpl.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. | 7.8 |