Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-24	CVE-2024-41662	Cross-site Scripting vulnerability in Vnote Project Vnote VNote is a note-taking platform. network low complexity vnote-project CWE-79 critical	9.6
2024-07-24	CVE-2024-40422	Path Traversal vulnerability in Stitionai Devika 1.0 The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is susceptible to a path traversal attack. network low complexity stitionai CWE-22 critical	9.1
2024-07-24	CVE-2024-41914	Cross-site Scripting vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. network low complexity arubanetworks CWE-79 critical	9.0
2024-07-24	CVE-2023-45249	Improper Authentication vulnerability in Acronis Cyber Infrastructure Remote command execution due to use of default passwords. network low complexity acronis CWE-287 critical	9.8
2024-07-24	CVE-2024-6096	Unsafe Reflection vulnerability in Progress Telerik Reporting In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is possible through object injection via an insecure type resolution vulnerability. network low complexity progress CWE-470 critical	9.8
2024-07-24	CVE-2024-6327	Deserialization of Untrusted Data vulnerability in Progress Telerik Report Server In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability. network low complexity progress CWE-502 critical	9.8
2024-07-24	CVE-2024-7066	Unspecified vulnerability in F-Logic Datacube3 Firmware A vulnerability was found in F-logic DataCube3 1.0. network low complexity f-logic critical	9.8
2024-07-23	CVE-2024-41319	Command Injection vulnerability in Totolink A6000R Firmware 1.0.1B20201211.2000 TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function. network low complexity totolink CWE-77 critical	9.8
2024-07-22	CVE-2024-6793	Deserialization of Untrusted Data vulnerability in NI Veristand A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that may result in remote code execution. network low complexity ni CWE-502 critical	9.8
2024-07-22	CVE-2024-6794	Deserialization of Untrusted Data vulnerability in NI Veristand A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming Server that may result in remote code execution. network low complexity ni CWE-502 critical	9.8

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical