Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-12	CVE-2024-42478	Out-of-bounds Read vulnerability in Ggerganov Llama.Cpp llama.cpp provides LLM inference in C/C++. network low complexity ggerganov CWE-125 critical	9.8
2024-08-12	CVE-2024-42479	Out-of-bounds Write vulnerability in Ggerganov Llama.Cpp llama.cpp provides LLM inference in C/C++. network low complexity ggerganov CWE-787 critical	9.8
2024-08-12	CVE-2024-42520	Classic Buffer Overflow vulnerability in Totolink A3002R Firmware 4.0.0B20230531.1404 TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl. network low complexity totolink CWE-120 critical	9.8
2024-08-12	CVE-2024-6917	OS Command Injection vulnerability in Veribase Order Management Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Veribilim Software Veribase Order Management allows OS Command Injection.This issue affects Veribase Order Management: before v4.010.2. network low complexity veribase CWE-78 critical	9.8
2024-08-12	CVE-2024-21876	Path Traversal vulnerability in Enphase IQ Gateway Firmware Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability via a URL parameter in Enphase IQ Gateway (formerly known as Envoy) allows an unautheticated attacker to access or create arbitratry files.This issue affects Envoy: from 4.x to 8.x and < 8.2.4225. network low complexity enphase CWE-22 critical	9.1
2024-08-12	CVE-2024-21878	OS Command Injection vulnerability in Enphase IQ Gateway Firmware Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection. network low complexity enphase CWE-78 critical	9.8
2024-08-12	CVE-2024-22122	Command Injection vulnerability in Zabbix Zabbix allows to configure SMS notifications. network low complexity zabbix CWE-77 critical	9.1
2024-08-12	CVE-2024-37023	Command Injection vulnerability in Vonets products Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters. network low complexity vonets CWE-77 critical	9.9
2024-08-12	CVE-2024-38219	Type Confusion vulnerability in Microsoft Edge Chromium Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability network high complexity microsoft CWE-843 critical	9.0
2024-08-12	CVE-2024-39791	Out-of-bounds Write vulnerability in Vonets products Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code. network low complexity vonets CWE-787 critical	9.8

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical