Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-03 | CVE-2024-7257 | The YayExtra – WooCommerce Extra Product Options plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_upload_file function in all versions up to, and including, 1.3.7. network low complexity critical | 9.8 |
| 2024-08-02 | CVE-2024-38887 | OS Command Injection vulnerability in Horizoncloud Caterease An issue in Horizon Business Services Inc. | 9.8 |
| 2024-08-02 | CVE-2024-38889 | SQL Injection vulnerability in Horizoncloud Caterease An issue in Horizon Business Services Inc. | 9.8 |
| 2024-08-02 | CVE-2024-38886 | Unspecified vulnerability in Horizoncloud Caterease An issue in Horizon Business Services Inc. | 9.8 |
| 2024-08-02 | CVE-2024-7314 | Unspecified vulnerability in Anji-Plus Report anji-plus AJ-Report is affected by an authentication bypass vulnerability. | 9.8 |
| 2024-08-02 | CVE-2024-41127 | Code Injection vulnerability in Monkeytype Monkeytype is a minimalistic and customizable typing test. | 9.6 |
| 2024-08-02 | CVE-2024-7029 | Command Injection vulnerability in Avtech Avm1203 Firmware Commands can be injected over the network and executed without authentication. | 9.8 |
| 2024-08-02 | CVE-2024-38879 | Unspecified vulnerability in Siemens Omnivise T3000 Application Server 8.2/9.2 A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). | 9.8 |
| 2024-08-02 | CVE-2024-36268 | Unspecified vulnerability in Apache Inlong 1.10.0/1.11.0/1.12.0 Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong. This issue affects Apache InLong: from 1.10.0 through 1.12.0, which could lead to Remote Code Execution. | 9.8 |
| 2024-08-02 | CVE-2024-42461 | Improper Verification of Cryptographic Signature vulnerability in Elliptic Project Elliptic 6.5.6 In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed. | 9.1 |