| 2024-11-13 | CVE-2024-52298 | Unspecified vulnerability in Xwiki PDF Viewer Macro
macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. network low complexity xwiki | 7.5 |
| 2024-11-13 | CVE-2024-52299 | Unspecified vulnerability in Xwiki PDF Viewer Macro
macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. network low complexity xwiki | 7.5 |
| 2024-11-13 | CVE-2024-50852 | Command Injection vulnerability in Tendacn G3 Firmware 15.11.0.20
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function. | 8.8 |
| 2024-11-13 | CVE-2024-50853 | Command Injection vulnerability in Tendacn G3 Firmware 15.11.0.20
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function. | 8.8 |
| 2024-11-13 | CVE-2024-50854 | Out-of-bounds Write vulnerability in Tendacn G3 Firmware 15.11.0.20
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow via the formSetPortMapping function. | 8.8 |
| 2024-11-13 | CVE-2024-9409 | Unspecified vulnerability in Schneider-Electric products
CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to become unresponsive resulting in communication loss when a large amount of IGMP packets is present in the network. | 7.5 |
| 2024-11-13 | CVE-2024-10174 | The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.6.13 via the 'Abstract_Permission' class due to missing validation on the 'user_id' user controlled key. | 7.3 |
| 2024-11-13 | CVE-2024-10816 | The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.24.01.24 via the js/fallback.php file. | 7.5 |
| 2024-11-13 | CVE-2024-10629 | The GPX Viewer plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check and file type validation in the gpxv_file_upload() function in all versions up to, and including, 2.2.8. | 8.8 |
| 2024-11-13 | CVE-2024-37398 | Unspecified vulnerability in Ivanti Secure Access Client
Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges. | 7.8 |