Latest CVE Feed
-
8.1
HIGHCVE-2024-45670
IBM Security SOAR 51.0.1.0 and earlier contains a mechanism for users to recover or change their passwords without knowing the original password, but the user account must be compromised prior to the weak recovery mechanism.... Read more
Affected Products : soar- Published: Nov. 14, 2024
- Modified: Nov. 16, 2024
-
5.3
MEDIUMCVE-2024-45642
IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a tr... Read more
- Published: Nov. 14, 2024
- Modified: Nov. 16, 2024
-
4.8
MEDIUMCVE-2024-45099
IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a tr... Read more
- Published: Nov. 14, 2024
- Modified: Nov. 16, 2024
-
7.8
HIGHCVE-2024-49027
Microsoft Excel Remote Code Execution Vulnerability... Read more
- Published: Nov. 12, 2024
- Modified: Nov. 16, 2024
-
7.8
HIGHCVE-2024-49026
Microsoft Excel Remote Code Execution Vulnerability... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_2024 office_2021 office_2019- Published: Nov. 12, 2024
- Modified: Nov. 16, 2024
-
7.8
HIGHCVE-2024-49030
Microsoft Excel Remote Code Execution Vulnerability... Read more
- Published: Nov. 12, 2024
- Modified: Nov. 16, 2024
-
7.8
HIGHCVE-2024-49029
Microsoft Excel Remote Code Execution Vulnerability... Read more
- Published: Nov. 12, 2024
- Modified: Nov. 16, 2024
-
7.5
HIGHCVE-2024-49033
Microsoft Word Security Feature Bypass Vulnerability... Read more
- Published: Nov. 12, 2024
- Modified: Nov. 16, 2024
-
7.5
HIGHCVE-2024-49040
Microsoft Exchange Server Spoofing Vulnerability... Read more
Affected Products : exchange_server- Published: Nov. 12, 2024
- Modified: Nov. 16, 2024
-
6.7
MEDIUM- Published: Nov. 12, 2024
- Modified: Nov. 16, 2024
-
8.8
HIGHCVE-2024-43620
Windows Telephony Service Remote Code Execution Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
8.8
HIGHCVE-2024-43621
Windows Telephony Service Remote Code Execution Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
8.8
HIGHCVE-2024-43622
Windows Telephony Service Remote Code Execution Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
7.8
HIGHCVE-2024-43623
Windows NT OS Kernel Elevation of Privilege Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
8.1
HIGHCVE-2024-43625
Microsoft Windows VMSwitch Elevation of Privilege Vulnerability... Read more
- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
6.9
MEDIUMCVE-2024-11125
A vulnerability was found in GetSimpleCMS 3.3.16 and classified as problematic. This issue affects some unknown processing of the file /admin/profile.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The expl... Read more
Affected Products : getsimplecms- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
6.1
MEDIUMCVE-2024-9477
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AirTies Air4443 Firmware allows Cross-Site Scripting (XSS).This issue affects Air4443 Firmware: through 14102024. NOTE: The vendor was contacted... Read more
- Published: Nov. 13, 2024
- Modified: Nov. 15, 2024
-
8.2
HIGHCVE-2024-36140
A vulnerability has been identified in OZW672 (All versions < V5.2), OZW772 (All versions < V5.2). The user accounts tab of affected devices is vulnerable to stored cross-site scripting (XSS) attacks. This could allow an authenticated remote attacker t... Read more
- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
5.3
MEDIUMCVE-2024-11175
A vulnerability was found in Public CMS 5.202406.d and classified as problematic. This issue affects some unknown processing of the file /admin/cmsVote/save of the component Voting Management. The manipulation leads to cross site scripting. The attack may... Read more
Affected Products : publiccms- Published: Nov. 13, 2024
- Modified: Nov. 15, 2024
-
8.5
HIGHCVE-2024-29119
A vulnerability has been identified in Spectrum Power 7 (All versions < V24Q3). The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges.... Read more
Affected Products : spectrum_power_7- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024