Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-08-13 CVE-2024-41730 Missing Authorization vulnerability in SAP Business Objects Business Intelligence Platform Enterprise430/Enterprise440
In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint.
network
low complexity
sap CWE-862
critical
 9.8
9.8
2024-08-13 CVE-2024-7707 Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35
A vulnerability was found in Tenda FH1206 02.03.01.35 and classified as critical.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-08-12 CVE-2024-43360 SQL Injection vulnerability in Zoneminder
ZoneMinder is a free, open source closed-circuit television software application.
network
low complexity
zoneminder CWE-89
critical
 9.8
9.8
2024-08-12 CVE-2024-42546 Classic Buffer Overflow vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504
TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password parameter in the loginauth function.
network
low complexity
totolink CWE-120
critical
 9.8
9.8
2024-08-12 CVE-2024-42547 Classic Buffer Overflow vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504
TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.
network
low complexity
totolink CWE-120
critical
 9.8
9.8
2024-08-12 CVE-2024-42543 Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.
network
low complexity
totolink CWE-120
critical
 9.8
9.8
2024-08-12 CVE-2024-42545 Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function.
network
low complexity
totolink CWE-120
critical
 9.8
9.8
2024-08-12 CVE-2023-7249 Path Traversal vulnerability in Opentext Directory Services
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText OpenText Directory Services allows Path Traversal.This issue affects OpenText Directory Services: from 16.4.2 before 24.1.
network
low complexity
opentext CWE-22
critical
 9.8
9.8
2024-08-12 CVE-2024-42480 Unspecified vulnerability in Clastix Kamaji
Kamaji is the Hosted Control Plane Manager for Kubernetes.
network
low complexity
clastix
critical
 9.9
9.9
2024-08-12 CVE-2024-38530 Unrestricted Upload of File with Dangerous Type vulnerability in Openeclass
The Open eClass platform (formerly known as GUnet eClass) is a complete Course Management System.
network
low complexity
openeclass CWE-434
critical
 9.8
9.8