VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Critical
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-01-19
CVE-2024-38337
IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow an unauthorized attacker to retrieve or alter sensitive information contents due to incorrect permission assignments.
network
low complexity
CWE-732
critical
9.1
9.1
2025-01-19
CVE-2024-41783
IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a privileged user to inject commands into the underlying operating system due to improper validation of a specified type of input.
network
low complexity
critical
9.1
9.1
2025-01-18
CVE-2024-13375
The Adifier System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.1.7.
network
low complexity
CWE-620
critical
9.8
9.8
2025-01-16
CVE-2025-0455
The airPASS from NetVision Information has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
network
low complexity
CWE-89
critical
9.8
9.8
2025-01-16
CVE-2025-0456
The airPASS from NetVision Information has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access the specific administrative functionality to retrieve * all accounts and passwords.
network
low complexity
CWE-306
critical
9.8
9.8
2025-01-15
CVE-2024-12084
A heap-based buffer overflow flaw was found in the rsync daemon.
network
low complexity
CWE-122
critical
9.8
9.8
2025-01-15
CVE-2024-9636
The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in versions 2.2.85 to 2.3.3.
network
low complexity
CWE-269
critical
9.8
9.8
2025-01-14
CVE-2025-21311
Windows NTLM V1 Elevation of Privilege Vulnerability
network
low complexity
CWE-303
critical
9.8
9.8
2025-01-14
CVE-2024-13179
Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication.
network
low complexity
ivanti
CWE-22
critical
9.8
9.8
2025-01-14
CVE-2024-13181
Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication.
network
low complexity
ivanti
CWE-22
critical
9.8
9.8
«
1
(current)
2
3
4
5
...
2470
2471
»
Next