Skip to main content
CVE-2024-52535 HIGH This Week

Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vulnerability in the software. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Dell Supportassist For Business Pcs Supportassist For Home Pcs
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-12272 HIGH This Week

The WP Travel Engine - Elementor Widgets | Create Travel Booking Website Using WordPress and Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP WordPress RCE LFI Information Disclosure
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-1609 HIGH This Week

In OPPOStore iOS App, there's a possible escalation of privilege due to improper input validation. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Privilege Escalation
NVD
CVSS 4.0
8.7
EPSS
0.5%
CVE-2024-47978 HIGH This Week

Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Execution with Unnecessary Privileges vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Nativeedge Orchestrator
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-53291 HIGH This Week

Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through Metadata vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell Nativeedge Orchestrator
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-12428 HIGH This Week

The WP Data Access - App, Table, Form and Chart Builder plugin plugin for WordPress is vulnerable to SQL Injection via the 'order[user_login][dir]' parameter in all versions up to, and including,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi WordPress
NVD
CVSS 3.1
7.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy