Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-40472 | SQL Injection vulnerability in Rems Daily Calories Monitoring Tool 1.0 Sourcecodester Daily Calories Monitoring Tool v1.0 is vulnerable to SQL Injection via "delete-calorie.php." | 9.8 |
| 2024-08-12 | CVE-2024-40480 | Unspecified vulnerability in Jayesh Online Exam System 1.0 A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator dashboard and delete valid user accounts via the direct URL access. | 9.8 |
| 2024-08-12 | CVE-2024-41570 | Server-Side Request Forgery (SSRF) vulnerability in Havocframework Havoc An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server. | 9.8 |
| 2024-08-12 | CVE-2024-42001 | Forced Browsing vulnerability in Vonets products An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active session. | 9.8 |
| 2024-08-12 | CVE-2024-42467 | Unspecified vulnerability in Openhab web Interface openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. | 10.0 |
| 2024-08-12 | CVE-2024-42469 | Path Traversal vulnerability in Openhab openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. | 9.8 |
| 2024-08-12 | CVE-2024-42470 | Missing Authorization vulnerability in Openhab openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. | 9.1 |
| 2024-08-12 | CVE-2024-42473 | Incorrect Authorization vulnerability in Openfga 1.5.7/1.5.8 OpenFGA is an authorization/permission engine. | 9.8 |
| 2024-08-12 | CVE-2024-7503 | The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.5. network low complexity critical | 9.8 |
| 2024-08-12 | CVE-2024-7613 | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 1.2.0.8(8155) A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. | 9.8 |