Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-18 | CVE-2024-52572 | Out-of-bounds Write vulnerability in Siemens Tecnomatix Plant Simulation A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). | 7.8 |
| 2024-11-18 | CVE-2024-52573 | Out-of-bounds Write vulnerability in Siemens Tecnomatix Plant Simulation A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). | 7.8 |
| 2024-11-18 | CVE-2024-52574 | Out-of-bounds Read vulnerability in Siemens Tecnomatix Plant Simulation A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). | 7.8 |
| 2024-11-18 | CVE-2024-9474 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability. | 7.2 |
| 2024-11-18 | CVE-2024-52427 | Code Injection vulnerability in Vollstart Event Tickets With Ticket Scanner Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso Nikolov Event Tickets with Ticket Scanner allows Server Side Include (SSI) Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through 2.3.11. | 8.8 |
| 2024-11-18 | CVE-2024-52429 | Unrestricted Upload of File with Dangerous Type vulnerability in Antonhoelstad WP Quick Setup Unrestricted Upload of File with Dangerous Type vulnerability in Anton Hoelstad WP Quick Setup allows Upload a Web Shell to a Web Server.This issue affects WP Quick Setup: from n/a through 2.0. | 8.8 |
| 2024-11-18 | CVE-2024-52435 | SQL Injection vulnerability in Wpdownloadmanager Premium Packages - Sell Digital products Securely Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in W3 Eden, Inc. | 7.2 |
| 2024-11-18 | CVE-2024-52436 | SQL Injection vulnerability in Wpexperts Post Smtp Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Post SMTP allows Blind SQL Injection.This issue affects Post SMTP: from n/a through 2.9.9. | 7.2 |
| 2024-11-18 | CVE-2024-41971 | A low privileged remote attacker can overwrite an arbitrary file on the filesystem leading to a DoS and data loss. | 8.1 |
| 2024-11-18 | CVE-2024-41973 | A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead to an arbitrary file writes with root privileges. | 8.1 |