Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-27 | CVE-2024-3393 | Improper Check for Unusual or Exceptional Conditions vulnerability in Paloaltonetworks Pan-Os A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. | 7.5 |
| 2024-12-27 | CVE-2024-12978 | SQL Injection vulnerability in Anisha JOB Recruitment 1.0 A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as critical. | 7.5 |
| 2024-12-26 | CVE-2024-12962 | SQL Injection vulnerability in Anisha JOB Recruitment 1.0 A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as critical. | 7.5 |
| 2024-12-26 | CVE-2024-12939 | SQL Injection vulnerability in Anisha JOB Recruitment 1.0 A vulnerability was found in code-projects Job Recruitment 1.0. | 7.5 |
| 2024-12-25 | CVE-2024-47978 | Unspecified vulnerability in Dell Nativeedge Orchestrator Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Execution with Unnecessary Privileges vulnerability. | 7.8 |
| 2024-12-25 | CVE-2024-52535 | Link Following vulnerability in Dell products Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vulnerability in the software remediation component. | 8.8 |
| 2024-12-25 | CVE-2024-53291 | Unspecified vulnerability in Dell Nativeedge Orchestrator Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through Metadata vulnerability. | 7.5 |
| 2024-12-25 | CVE-2024-12428 | The WP Data Access – App, Table, Form and Chart Builder plugin plugin for WordPress is vulnerable to SQL Injection via the 'order[user_login][dir]' parameter in all versions up to, and including, 5.5.22 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
| 2024-12-25 | CVE-2024-12272 | The WP Travel Engine – Elementor Widgets | Create Travel Booking Website Using WordPress and Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.7 via several widgets. | 8.8 |
| 2024-12-24 | CVE-2024-53150 | Out-of-bounds Read vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. | 7.1 |