Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-17 | CVE-2024-8947 | Use After Free vulnerability in Micropython 1.22.2 A vulnerability was found in MicroPython 1.22.2. | 8.1 |
| 2024-09-17 | CVE-2024-8948 | Out-of-bounds Write vulnerability in Micropython 1.23.0 A vulnerability was found in MicroPython 1.23.0. | 7.5 |
| 2024-09-17 | CVE-2024-8949 | Improper Ownership Management vulnerability in Oretnom23 Online Eyewear Shop 1.0 A vulnerability classified as critical has been found in SourceCodester Online Eyewear Shop 1.0. | 8.8 |
| 2024-09-17 | CVE-2024-38380 | Cross-site Scripting vulnerability in Millbeckcommunications Proroute H685T-W Firmware 3.2.334 This vulnerability occurs when user-supplied input is improperly sanitized and then reflected back to the user's browser, allowing an attacker to execute arbitrary JavaScript in the context of the victim's browser session. | 5.4 |
| 2024-09-17 | CVE-2024-38812 | Out-of-bounds Write vulnerability in VMWare Vcenter Server 7.0/8.0 The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution. | 9.8 |
| 2024-09-17 | CVE-2024-38813 | Improper Check for Dropped Privileges vulnerability in VMWare Vcenter Server 7.0/8.0 The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet. | 9.8 |
| 2024-09-17 | CVE-2024-45682 | OS Command Injection vulnerability in Millbeck Proroute H685T-W Firmware 3.2.334 There is a command injection vulnerability that may allow an attacker to inject malicious input on the device's operating system. | 9.8 |
| 2024-09-17 | CVE-2024-8796 | Insufficient Entropy vulnerability in Tinfoilsecurity Devise-Two-Factor Under the default configuration, Devise-Two-Factor versions >= 2.2.0 & < 6.0.0 generate TOTP shared secrets that are 120 bits instead of the 128-bit minimum defined by RFC 4226. | 5.3 |
| 2024-09-17 | CVE-2024-8944 | SQL Injection vulnerability in Fabianros Hospital Management System 1.0 A vulnerability, which was classified as critical, was found in code-projects Hospital Management System 1.0. | 9.8 |
| 2024-09-17 | CVE-2024-8945 | SQL Injection vulnerability in Fairsketch Rise Ultimate Project Manager 3.7.0 A vulnerability has been found in CodeCanyon RISE Ultimate Project Manager 3.7.0 and classified as critical. | 8.8 |