Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-15 | CVE-2017-13314 | Missing Authorization vulnerability in Google Android In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. | 7.8 |
| 2024-11-15 | CVE-2024-49060 | Azure Stack HCI Elevation of Privilege Vulnerability | 8.8 |
| 2024-11-15 | CVE-2024-41679 | SQL Injection vulnerability in Glpi-Project Glpi GLPI is a free asset and IT management software package. | 8.8 |
| 2024-11-15 | CVE-2024-45608 | SQL Injection vulnerability in Glpi-Project Glpi GLPI is a free asset and IT management software package. | 8.8 |
| 2024-11-15 | CVE-2024-40638 | Unspecified vulnerability in Glpi-Project Glpi GLPI is a free asset and IT management software package. | 8.8 |
| 2024-11-15 | CVE-2024-11248 | Unspecified vulnerability in Tenda Ac10 Firmware 16.03.10.13 A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. | 8.8 |
| 2024-11-15 | CVE-2024-39726 | XXE vulnerability in IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2/7.0.3 IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 8.2 |
| 2024-11-15 | CVE-2024-44625 | Path Traversal vulnerability in Gogs Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go. | 8.8 |
| 2024-11-15 | CVE-2024-50653 | Unspecified vulnerability in Crmeb CRMEB <=5.4.0 is vulnerable to Incorrect Access Control. | 7.5 |
| 2024-11-15 | CVE-2024-50654 | Unspecified vulnerability in Pickmall Lilishop lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain coupons beyond the quantity limit by capturing and sending the data packets for coupon collection in high concurrency. | 7.5 |