| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-52513 | Nextcloud Server's Attachments folder for Text app is accessible on "Files drop" and "Password protected" shares | nextcloud | security-advisories | Low | 2.6 | 2024-11-15 17:08:56 | Deep Dive |
| CVE-2024-52514 | Nextcloud Server allows users to copy folder that contain files that are blocked by the files access control | nextcloud | security-advisories | Medium | 4.1 | 2024-11-15 17:06:04 | Deep Dive |
| CVE-2024-52515 | Nextcloud Server has incomplete sanitization of SVG files allows to embed other images into previews | nextcloud | security-advisories | Medium | 5.7 | 2024-11-15 17:03:09 | Deep Dive |
| CVE-2024-52516 | Nextcloud Server's shares are not removed when user is limited to share with in their groups and being removed from one of them | nextcloud | security-advisories | Low | 3.0 | 2024-11-15 16:55:19 | Deep Dive |
| CVE-2024-52517 | Nextcloud Server's global credentials of external storages are sent back to the frontend | nextcloud | security-advisories | Medium | 4.6 | 2024-11-15 16:49:41 | Deep Dive |
| CVE-2024-52518 | Nextcloud Server is missing password confirmation when changing external storage options | nextcloud | security-advisories | Medium | 4.4 | 2024-11-15 16:46:45 | Deep Dive |
| CVE-2024-52519 | Nextcloud Server's OAuth2 client secrets were stored in a recoverable way | nextcloud | security-advisories | Low | 2.7 | 2024-11-15 16:43:57 | Deep Dive |
| CVE-2024-52520 | Nextcloud Server's link reference provider can be tricked into downloading bigger files than intended | nextcloud | security-advisories | Medium | 5.7 | 2024-11-15 16:41:42 | Deep Dive |
| CVE-2024-52521 | Nextcloud Server has a potential hash collision for background jobs could skip queuing them | nextcloud | security-advisories | Low | 2.6 | 2024-11-15 16:38:49 | Deep Dive |
| CVE-2024-52523 | Nextcloud Server Custom defined credentials of external storages are sent back to the frontend | nextcloud | security-advisories | Medium | 4.6 | 2024-11-15 16:35:39 | Deep Dive |
| CVE-2024-52525 | Nextcloud Server User password is available in memory of the PHP process | nextcloud | security-advisories | Low | 1.8 | 2024-11-15 16:30:28 | Deep Dive |
| CVE-2024-10534 | Improper Access Control in Dataprom Informatics' PACS-ACSS | Dataprom Informatics | Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS) | - | - | 2024-11-15 11:02:51 | Deep Dive |
| CVE-2024-10825 | Hide My WP Ghost – Security & Firewall <= 5.3.01 - Reflected Cross-Site Scripting via URL | johndarrel | WP Ghost (Hide My WP Ghost) – Security & Firewall | Medium | 6.1 | 2024-11-15 06:48:04 | Deep Dive |
| CVE-2024-10924 | Really Simple Security (Free, Pro, and Pro Multisite) 9.0.0 - 9.1.1.1 - Authentication Bypass | Really Simple Plugins | Really Simple Security Pro multisite | Critical | 9.8 | 2024-11-15 03:18:46 | Deep Dive |
| CVE-2024-45642 | IBM Security ReaQta information disclosure | IBM | Security ReaQta | Medium | 5.3 | 2024-11-14 12:04:31 | Deep Dive |
| CVE-2024-45099 | IBM Security ReaQta cross-site scripting | IBM | Security ReaQta | Low | 3.1 | 2024-11-14 12:02:49 | Deep Dive |
| CVE-2024-45670 | IBM Security SOAR weak password recovery mechanism | IBM | Security SOAR | Medium | 5.6 | 2024-11-14 11:50:03 | Deep Dive |
| CVE-2024-52549 | Jenkins plugin Script Security 安全漏洞 | Jenkins Project | Jenkins Script Security Plugin | - | - | 2024-11-13 20:53:00 | Deep Dive |
| CVE-2024-24914 | Check Point Gaia Portal 安全漏洞 | checkpoint | ClusterXL, Multi-Domain Security Management, Quantum Appliances, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, Quantum Security Management | High | 8.0 | 2024-11-07 11:25:53 | Deep Dive |
| CVE-2024-7059 | Genetec Security Center 安全漏洞 | Genetec Inc. | Genetec Security Center | High | 8.0 | 2024-11-05 13:13:30 | Deep Dive |