Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-14 | CVE-2024-7732 | SQL Injection vulnerability in Secom Dr.Id Attendance System 3.3.0.320160517/3.4.0.0.3.11 Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents. | 9.8 |
| 2024-08-14 | CVE-2024-38652 | Path Traversal vulnerability in Ivanti Avalanche Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion. | 9.1 |
| 2024-08-13 | CVE-2024-28986 | Deserialization of Untrusted Data vulnerability in Solarwinds web Help Desk SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. | 9.8 |
| 2024-08-13 | CVE-2024-7748 | Unspecified vulnerability in Remyandrade Accounts Manager APP 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Accounts Manager App 1.0. | 9.8 |
| 2024-08-13 | CVE-2024-7742 | Server-Side Request Forgery (SSRF) vulnerability in Ltcms 1.0.20 A vulnerability was found in wanglongcn ltcms 1.0.20. | 9.8 |
| 2024-08-13 | CVE-2024-7743 | Server-Side Request Forgery (SSRF) vulnerability in Ltcms 1.0.20 A vulnerability was found in wanglongcn ltcms 1.0.20. | 9.8 |
| 2024-08-13 | CVE-2024-7740 | Server-Side Request Forgery (SSRF) vulnerability in Ltcms 1.0.20 A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. | 9.8 |
| 2024-08-13 | CVE-2024-7569 | Unspecified vulnerability in Ivanti Neurons for Itsm 2023.2/2023.3/2023.4 An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information. | 9.8 |
| 2024-08-13 | CVE-2024-7593 | Improper Authentication vulnerability in Ivanti Virtual Traffic Management Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel. | 9.8 |
| 2024-08-13 | CVE-2024-38063 | Unspecified vulnerability in Microsoft products Windows TCP/IP Remote Code Execution Vulnerability | 9.8 |