VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-12-23
CVE-2024-12902
ANCHOR from Global Wisdom Software is an integrated product running on a Windows virtual machine.
local
low complexity
8.4
8.4
2024-12-21
CVE-2024-12066
The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the smsa_delete_label() function in all versions up to, and including, 2.2.
network
low complexity
CWE-73
8.8
8.8
2024-12-21
CVE-2024-12721
Deserialization of Untrusted Data vulnerability in Webbuilder143 Custom Product Tabs for Woocommerce
The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.4 via deserialization of untrusted input from the 'wb_custom_tabs' parameter.
network
low complexity
webbuilder143
CWE-502
7.2
7.2
2024-12-21
CVE-2024-12771
The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.3.43.
network
low complexity
CWE-352
8.8
8.8
2024-12-21
CVE-2024-11977
The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.4.10.
network
low complexity
CWE-94
7.3
7.3
2024-12-20
CVE-2024-56351
Insufficient Session Expiration vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles
network
low complexity
jetbrains
CWE-613
8.8
8.8
2024-12-20
CVE-2024-56356
XXE vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack
network
low complexity
jetbrains
CWE-611
7.1
7.1
2024-12-20
CVE-2024-40695
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface.
network
low complexity
CWE-434
8.0
8.0
2024-12-20
CVE-2023-42867
Unspecified vulnerability in Apple Garageband
This issue was addressed with improved validation of the process entitlement and Team ID.
local
low complexity
apple
7.8
7.8
2024-12-20
CVE-2024-44195
Unspecified vulnerability in Apple Macos 15.0
A logic issue was addressed with improved validation.
network
low complexity
apple
7.5
7.5
«
Previous
1
2
...
87
88
89
(current)
90
91
...
6692
6693
»
Next