NA - CVE-2024-52537 - Dell Client Platform Firmware Update Utility...
Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading...
NA - CVE-2024-53289 - Dell ThinOS version 2408 contains a...
Dell ThinOS version 2408 contains a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability,...
NA - CVE-2024-53290 - Dell ThinOS version 2408 contains an Improper...
Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with local access could...
NA - CVE-2024-53292 - Dell VxVerify, versions prior to x.40.405,...
Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in the shell wrapper. A local high privileged attacker could potentially exploit this vulnerability,...
NA - CVE-2024-10511 - CWE-287: Improper Authentication vulnerability...
CWE-287: Improper Authentication vulnerability exists that could cause Denial of access to the web interface when someone on the local network repeatedly requests the /accessdenied URL.
Medium - CVE-2024-12004 - The WPC Order Notes for WooCommerce plugin for...
The WPC Order Notes for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.2. This is due to missing or incorrect nonce...
Medium - CVE-2024-12283 - The WP Pipes plugin for WordPress is vulnerable...
The WP Pipes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘x1’ parameter in all versions up to, and including, 1.4.1 due to insufficient input sanitization and...
NA - CVE-2024-11401 - Rapid7 Insight Platform versions prior to...
Rapid7 Insight Platform versions prior to November 13th 2024, suffer from a privilege escalation vulnerability whereby, due to a lack of authorization checks, an attacker can successfully update...
NA - CVE-2024-11737 - CWE-20: Improper Input Validation vulnerability...
CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and a loss of confidentiality, integrity of the controller when an unauthenticated crafted Modbus...
NA - CVE-2024-12363 - Insufficient permissions in the TeamViewer...
Insufficient permissions in the TeamViewer Patch & Asset Management component prior to version 24.12 on Windows allows a local authenticated user to delete arbitrary files. TeamViewer Patch & Asset...