Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-18 | CVE-2024-52429 | Unspecified vulnerability in Antonhoelstad WP Quick Setup Unrestricted Upload of File with Dangerous Type vulnerability in Anton Hoelstad WP Quick Setup allows Upload a Web Shell to a Web Server.This issue affects WP Quick Setup: from n/a through 2.0. | 8.8 |
| 2024-11-18 | CVE-2024-52435 | SQL Injection vulnerability in Wpdownloadmanager Premium Packages - Sell Digital products Securely Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in W3 Eden, Inc. | 7.2 |
| 2024-11-18 | CVE-2024-52436 | SQL Injection vulnerability in Wpexperts Post Smtp Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Post SMTP allows Blind SQL Injection.This issue affects Post SMTP: from n/a through 2.9.9. | 7.2 |
| 2024-11-18 | CVE-2024-41971 | A low privileged remote attacker can overwrite an arbitrary file on the filesystem leading to a DoS and data loss. | 8.1 |
| 2024-11-18 | CVE-2024-41973 | A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead to an arbitrary file writes with root privileges. | 8.1 |
| 2024-11-18 | CVE-2024-41974 | A low privileged remote attacker may modify the BACNet service properties due to incorrect permission assignment for critical resources which may lead to a DoS limited to BACNet communication. | 7.1 |
| 2024-11-18 | CVE-2024-42384 | Unspecified vulnerability in Cesanta Mongoose Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. | 7.5 |
| 2024-11-18 | CVE-2024-42385 | Unspecified vulnerability in Cesanta Mongoose Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters. | 7.0 |
| 2024-11-18 | CVE-2024-42386 | Unspecified vulnerability in Cesanta Mongoose Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. | 7.5 |
| 2024-11-18 | CVE-2024-42392 | Unspecified vulnerability in Cesanta Mongoose Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an infinite loop bug if the input string contains unexpected characters. | 7.5 |