Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-08 | CVE-2024-42256 | Unspecified vulnerability in Linux Kernel 6.10/6.10.0 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix server re-repick on subrequest retry When a subrequest is marked for needing retry, netfs will call cifs_prepare_write() which will make cifs repick the server for the op before renegotiating credits; it then calls cifs_issue_write() which invokes smb2_async_writev() - which re-repicks the server. If a different server is then selected, this causes the increment of server->in_flight to happen against one record and the decrement to happen against another, leading to misaccounting. Fix this by just removing the repick code in smb2_async_writev(). | 9.8 |
| 2024-08-08 | CVE-2024-7350 | The Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to authentication bypass in versions 1.1.6 to 1.1.7. network low complexity critical | 9.8 |
| 2024-08-07 | CVE-2024-41912 | Unspecified vulnerability in HP Poly Clariti Manager Firmware A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. | 9.8 |
| 2024-08-07 | CVE-2024-41237 | SQL Injection vulnerability in Lopalopa Responsive School Management System 3.2.0 A SQL injection vulnerability in /smsa/teacher_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter. | 9.8 |
| 2024-08-07 | CVE-2024-20450 | Classic Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges. These vulnerabilities exist because incoming HTTP packets are not properly checked for errors, which could result in a buffer overflow. | 9.8 |
| 2024-08-07 | CVE-2024-20454 | Classic Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges. These vulnerabilities exist because incoming HTTP packets are not properly checked for errors, which could result in a buffer overflow. | 9.8 |
| 2024-08-07 | CVE-2024-7584 | Classic Buffer Overflow vulnerability in Tenda I22 Firmware 1.0.0.3(4687) A vulnerability, which was classified as critical, was found in Tenda i22 1.0.0.3(4687). | 9.8 |
| 2024-08-07 | CVE-2024-7585 | Classic Buffer Overflow vulnerability in Tenda I22 Firmware 1.0.0.3(4687) A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as critical. | 9.8 |
| 2024-08-07 | CVE-2024-34479 | SQL Injection vulnerability in Oretnom23 Computer Laboratory Management System 1.0 SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection. | 9.8 |
| 2024-08-07 | CVE-2024-34480 | SQL Injection vulnerability in Oretnom23 Computer Laboratory Management System 1.0 SourceCodester Computer Laboratory Management System 1.0 allows admin/category/view_category.php id SQL Injection. | 9.8 |