Latest CVE Feed
-
5.5
MEDIUMCVE-2024-49533
Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability t... Read more
- Published: Dec. 10, 2024
- Modified: Feb. 06, 2025
-
5.5
MEDIUMCVE-2024-49532
Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability t... Read more
- Published: Dec. 10, 2024
- Modified: Feb. 06, 2025
-
5.5
MEDIUMCVE-2024-49531
Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnera... Read more
- Published: Dec. 10, 2024
- Modified: Jan. 21, 2025
-
7.8
HIGHCVE-2024-49530
Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this ... Read more
- Published: Dec. 10, 2024
- Modified: Jan. 21, 2025
-
8.0
HIGHCVE-2024-46341
TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which can be easily decoded by an attacker executing a man-in-the-middle attack.... Read more
- Published: Dec. 10, 2024
- Modified: Jun. 20, 2025
-
9.8
CRITICALCVE-2024-46340
TL-WR845N(UN)_V4_201214, TP-Link TL-WR845N(UN)_V4_200909, and TL-WR845N(UN)_V4_190219 was discovered to transmit user credentials in plaintext after executing a factory reset.... Read more
- Published: Dec. 10, 2024
- Modified: Jun. 20, 2025
-
8.8
HIGHCVE-2024-9844
Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker to bypass restrictions.... Read more
Affected Products : connect_secure- Published: Dec. 10, 2024
- Modified: Jan. 17, 2025
-
8.8
HIGHCVE-2024-8540
Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local authenticated attacker to modify sensitive application components.... Read more
Affected Products : standalone_sentry- Published: Dec. 10, 2024
- Modified: Jul. 30, 2025
-
7.1
HIGHCVE-2024-7572
Insufficient permissions in Ivanti DSM before version 2024.3.5740 allows a local authenticated attacker to delete arbitrary files.... Read more
Affected Products : desktop_\&_server_management- Published: Dec. 10, 2024
- Modified: Jul. 11, 2025
-
4.4
MEDIUMCVE-2024-55550
Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative privilege to conduct a local file read, due to insufficient input sanitization. A successful exploit could allow the authenticated admin attacker to access resources ... Read more
Affected Products : micollab- Actively Exploited
- Published: Dec. 10, 2024
- Modified: Jan. 08, 2025
-
8.8
HIGHCVE-2024-55500
Cross-Site Request Forgery (CSRF) in Avenwu Whistle v.2.9.90 and before allows attackers to perform malicious API calls, resulting in the execution of arbitrary code on the victim's machine.... Read more
Affected Products :- Published: Dec. 10, 2024
- Modified: Dec. 11, 2024
-
7.2
HIGHCVE-2024-54008
An authenticated Remote Code Execution (RCE) vulnerability exists in the AirWave CLI. Successful exploitation of this vulnerability could allow a remote authenticated threat actor to run arbitrary commands as a privileged user on the underlying host.... Read more
Affected Products :- Published: Dec. 10, 2024
- Modified: Dec. 11, 2024
-
4.6
MEDIUMCVE-2024-50931
Silicon Labs Z-Wave Series 500 v6.84.0 was discovered to contain insecure permissions.... Read more
- Published: Dec. 10, 2024
- Modified: Jul. 01, 2025
-
8.8
HIGHCVE-2024-50930
An issue in Silicon Labs Z-Wave Series 500 v6.84.0 allows attackers to execute arbitrary code.... Read more
- Published: Dec. 10, 2024
- Modified: Jul. 01, 2025
-
6.2
MEDIUMCVE-2024-50929
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to arbitrarily change the device type in the controller's memory, leading to a Denial of Service (DoS).... Read more
- Published: Dec. 10, 2024
- Modified: Jul. 01, 2025
-
6.5
MEDIUMCVE-2024-50928
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to change the wakeup interval of end devices in controller memory, disrupting the device's communications with the controller.... Read more
- Published: Dec. 10, 2024
- Modified: Jul. 01, 2025
-
6.5
MEDIUMCVE-2024-50924
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to cause disrupt communications between the controller and the device itself via repeatedly sending crafted packets to the controller.... Read more
- Published: Dec. 10, 2024
- Modified: Jul. 01, 2025
-
6.5
MEDIUMCVE-2024-50921
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to cause a Denial of Service (DoS) via repeatedly sending crafted packets to the controller.... Read more
- Published: Dec. 10, 2024
- Modified: Jul. 01, 2025
-
8.8
HIGHCVE-2024-50920
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to create a fake node via supplying crafted packets.... Read more
- Published: Dec. 10, 2024
- Modified: Jul. 01, 2025
-
8.0
HIGHCVE-2024-50699
TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were discovered to contain weak default credentials for the Administrator account.... Read more
- Published: Dec. 10, 2024
- Modified: Jul. 02, 2025