Vulnerabilities

CVE Alert: CVE-2024-12111

December 20, 2024

Vulnerability Summary: CVE-2024-12111 In a specific scenario a LDAP user can abuse the authentication process in OpenText Privileged Access Manager...

CVE Alert: CVE-2024-7139

December 20, 2024

Vulnerability Summary: CVE-2024-7139 Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This...

CVE Alert: CVE-2024-49765

December 20, 2024

Vulnerability Summary: CVE-2024-49765 Discourse is an open source platform for community discussion. Sites that are using discourse connect but still...

CVE Alert: CVE-2024-52794

December 20, 2024

Vulnerability Summary: CVE-2024-52794 Discourse is an open source platform for community discussion. Users clicking on the lightbox thumbnails could be...

CVE Alert: CVE-2024-52589

December 20, 2024

Vulnerability Summary: CVE-2024-52589 Discourse is an open source platform for community discussion. Moderators can see the Screened emails list in...

CVE Alert: CVE-2024-53991

December 20, 2024

Vulnerability Summary: CVE-2024-53991 Discourse is an open source platform for community discussion. This vulnerability only impacts Discourse instances configured to...

CVE Alert: CVE-2024-54009

December 20, 2024

Vulnerability Summary: CVE-2024-54009 Remote authentication bypass vulnerability in HPE Alletra Storage MP B10000 in versions prior to version 10.4.5 could...

CVE Alert: CVE-2024-12727

December 20, 2024

Vulnerability Summary: CVE-2024-12727 A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall versions older than 21.0...

CVE Alert: CVE-2024-12700

December 20, 2024

Vulnerability Summary: CVE-2024-12700 There is an unrestricted file upload vulnerability where it is possible for an authenticated user (low privileged)...

CVE Alert: CVE-2024-12729

December 20, 2024

Vulnerability Summary: CVE-2024-12729 A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely in...

CVE Alert: CVE-2024-12728

December 20, 2024

Vulnerability Summary: CVE-2024-12728 A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version...

CVE Alert: CVE-2024-47119

December 19, 2024

Vulnerability Summary: CVE-2024-47119 IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could...

CVE Alert: CVE-2024-49576

December 19, 2024

Vulnerability Summary: CVE-2024-49576 A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox CBF_Widget object. A specially...

CVE Alert: CVE-2024-45082

December 19, 2024

Vulnerability Summary: CVE-2024-45082 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct...

CVE Alert: CVE-2024-47810

December 19, 2024

Vulnerability Summary: CVE-2024-47810 A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page object. A specially...

CVE Alert: CVE-2024-52361

December 19, 2024

Vulnerability Summary: CVE-2024-52361 IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can...

CVE Alert: CVE-2024-54383

December 19, 2024

Vulnerability Summary: CVE-2024-54383 Incorrect Privilege Assignment vulnerability in wpweb WooCommerce PDF Vouchers allows Privilege Escalation.This issue affects WooCommerce PDF Vouchers:...

CVE Alert: CVE-2024-55492

December 19, 2024

Vulnerability Summary: CVE-2024-55492 Winmail Server 4.4 is vulnerable to f_user=%22%3E%3Csvg%20onload Cross Site Scripting (XSS). Affected Endpoints: No affected endpoints listed....

CVE Alert: CVE-2024-25042

December 19, 2024

Vulnerability Summary: CVE-2024-25042 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting...

CVE Alert: CVE-2024-41752

December 19, 2024

Vulnerability Summary: CVE-2024-41752 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection. A remote...

CVE Alert: CVE-2024-55086

December 19, 2024

Vulnerability Summary: CVE-2024-55086 In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be achieved in the...

CVE Alert: CVE-2024-56050

December 19, 2024

Vulnerability Summary: CVE-2024-56050 Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to...

CVE Alert: CVE-2024-56049

December 19, 2024

Vulnerability Summary: CVE-2024-56049 Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2....

CVE Alert: CVE-2024-56051

December 19, 2024

Vulnerability Summary: CVE-2024-56051 Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS allows Code Injection.This issue affects...

Vulnerabilities

CVE Alert: CVE-2024-12111

CVE Alert: CVE-2024-7139

CVE Alert: CVE-2024-49765

CVE Alert: CVE-2024-52794

CVE Alert: CVE-2024-52589

CVE Alert: CVE-2024-53991

CVE Alert: CVE-2024-54009

CVE Alert: CVE-2024-12727

CVE Alert: CVE-2024-12700

CVE Alert: CVE-2024-12729

CVE Alert: CVE-2024-12728

CVE Alert: CVE-2024-47119

CVE Alert: CVE-2024-49576

CVE Alert: CVE-2024-45082

CVE Alert: CVE-2024-47810

CVE Alert: CVE-2024-52361

CVE Alert: CVE-2024-54383

CVE Alert: CVE-2024-55492

CVE Alert: CVE-2024-25042

CVE Alert: CVE-2024-41752

CVE Alert: CVE-2024-55086

CVE Alert: CVE-2024-56050

CVE Alert: CVE-2024-56049

CVE Alert: CVE-2024-56051

CVE Alert: CVE-2025-4162

CVE Alert: CVE-2025-4161

CVE Alert: CVE-2025-27007

CVE Alert: CVE-2025-1529

CVE Alert: CVE-2025-3890

You may have missed