Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-11-27 CVE-2024-11818 SQL Injection vulnerability in PHPgurukul User Registration & Login and User Management System 1.0
A vulnerability classified as critical has been found in PHPGurukul User Registration & Login and User Management System 1.0.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8
2024-11-27 CVE-2024-11819 SQL Injection vulnerability in 1000Projects Portfolio Management System MCA 1.0
A vulnerability classified as critical was found in 1000 Projects Portfolio Management System MCA 1.0.
network
low complexity
1000projects CWE-89
critical
 9.8
9.8
2024-11-26 CVE-2024-11817 SQL Injection vulnerability in PHPgurukul User Registration & Login and User Management System 1.0
A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8
2024-11-26 CVE-2024-53673 Deserialization of Untrusted Data vulnerability in HPE Insight Remote Support 7.12/7.12.0.529/7.12.0.545
A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code.
network
low complexity
hpe CWE-502
critical
 9.8
9.8
2024-11-26 CVE-2024-11744 SQL Injection vulnerability in 1000Projects Portfolio Management System MCA 1.0
A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical.
network
low complexity
1000projects CWE-89
critical
 9.8
9.8
2024-11-26 CVE-2024-11745 Out-of-bounds Write vulnerability in Tenda AC8 Firmware 16.03.34.09
A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-11-26 CVE-2024-49038 Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot Studio by an unauthorized attacker leads to elevation of privilege over a network.
network
low complexity
CWE-79
critical
 9.3
9.3
2024-11-26 CVE-2024-11680 Incorrect Authorization vulnerability in Projectsend
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability.
network
low complexity
projectsend CWE-863
critical
 9.8
9.8
2024-11-26 CVE-2017-11076 On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.
network
low complexity
CWE-823
critical
 9.8
9.8
2024-11-26 CVE-2017-17772 In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.
network
low complexity
CWE-126
critical
 9.8
9.8