Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-14	CVE-2024-6728	Unspecified vulnerability in Angeljudesuarez Tailoring Management System 1.0 A vulnerability was found in itsourcecode Tailoring Management System 1.0. network low complexity angeljudesuarez critical	9.8
2024-07-12	CVE-2024-39917	Improper Restriction of Excessive Authentication Attempts vulnerability in Neutrinolabs Xrdp xrdp is an open source RDP server. network low complexity neutrinolabs CWE-307 critical	9.8
2024-07-12	CVE-2024-40539	SQL Injection vulnerability in Codermy My-Springsecurity-Plus my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/user. network low complexity codermy CWE-89 critical	9.8
2024-07-12	CVE-2024-40540	SQL Injection vulnerability in Codermy My-Springsecurity-Plus my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept. network low complexity codermy CWE-89 critical	9.8
2024-07-12	CVE-2024-40541	SQL Injection vulnerability in Codermy My-Springsecurity-Plus my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept/build. network low complexity codermy CWE-89 critical	9.8
2024-07-12	CVE-2024-40542	SQL Injection vulnerability in Codermy My-Springsecurity-Plus my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/role?offset. network low complexity codermy CWE-89 critical	9.8
2024-07-11	CVE-2024-6385	Unspecified vulnerability in Gitlab An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows an attacker to trigger a pipeline as another user under certain circumstances. network low complexity gitlab critical	9.8
2024-07-10	CVE-2024-5910	Missing Authentication for Critical Function vulnerability in Paloaltonetworks Expedition Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. network low complexity paloaltonetworks CWE-306 critical	9.8
2024-07-10	CVE-2024-4879	Unspecified vulnerability in Servicenow Utah/Vancouver/Washingtondc ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. network low complexity servicenow critical	9.8
2024-07-10	CVE-2024-5217	Incorrect Comparison vulnerability in Servicenow Utah/Vancouver/Washingtondc ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. network low complexity servicenow CWE-697 critical	9.8

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical