Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-08-07 CVE-2024-7582 Out-of-bounds Write vulnerability in Tenda I22 Firmware 1.0.0.3(4687)
A vulnerability classified as critical was found in Tenda i22 1.0.0.3(4687).
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-08-07 CVE-2024-7583 Out-of-bounds Write vulnerability in Tenda I22 Firmware 1.0.0.3(4687)
A vulnerability, which was classified as critical, has been found in Tenda i22 1.0.0.3(4687).
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-08-07 CVE-2024-7580 OS Command Injection vulnerability in Alientechnology Alr-F800 Firmware
A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00.
network
low complexity
alientechnology CWE-78
critical
 9.8
9.8
2024-08-07 CVE-2024-7581 Out-of-bounds Write vulnerability in Tendacn A301 Firmware 15.13.08.12
A vulnerability classified as critical has been found in Tenda A301 15.13.08.12.
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2024-08-07 CVE-2024-7578 Improper Authorization vulnerability in Alientechnology Alr-F800 Firmware
A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00.
network
low complexity
alientechnology CWE-285
critical
 9.8
9.8
2024-08-07 CVE-2024-36130 Improper Authentication vulnerability in Ivanti Endpoint Manager Mobile
An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating system of the appliance.
network
low complexity
ivanti CWE-287
critical
 9.8
9.8
2024-08-06 CVE-2024-41270 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Appleboy Gorush
An issue discovered in the RunHTTPServer function in Gorush v1.18.4 allows attackers to intercept and manipulate data due to use of deprecated TLS version.
network
low complexity
appleboy CWE-327
critical
 9.1
9.1
2024-08-06 CVE-2024-28740 Cross-site Scripting vulnerability in Koha
Cross Site Scripting vulnerability in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via the additonal-contents.pl component.
network
low complexity
koha CWE-79
critical
 9.6
9.6
2024-08-06 CVE-2024-42393 Out-of-bounds Write vulnerability in multiple products
There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack.
network
low complexity
hp arubanetworks CWE-787
critical
 9.8
9.8
2024-08-06 CVE-2024-42394 Out-of-bounds Write vulnerability in multiple products
There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack.
network
low complexity
hp arubanetworks CWE-787
critical
 9.8
9.8