VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Critical
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-12-13
CVE-2024-48007
Use of Hard-coded Credentials vulnerability in Dell Recoverpoint for Virtual Machines 6.0
Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability.
network
low complexity
dell
CWE-798
critical
9.8
9.8
2024-12-13
CVE-2024-9290
The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and a missing capability check on the ibk_restore_migrate_check() function in all versions up to, and including, 2.3.3.
network
low complexity
CWE-434
critical
9.8
9.8
2024-12-12
CVE-2024-49147
Deserialization of Untrusted Data vulnerability in Microsoft Update Catalog
Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to elevate privileges on the website’s webserver.
network
low complexity
microsoft
CWE-502
critical
9.8
9.8
2024-12-12
CVE-2024-55663
Unspecified vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki
critical
9.8
9.8
2024-12-12
CVE-2024-10124
The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation due to a missing capability check on the tp_install() function in all versions up to, and including, 1.1.1.
network
low complexity
CWE-284
critical
9.8
9.8
2024-12-12
CVE-2024-11015
The Sign In With Google plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.8.0.
network
low complexity
CWE-287
critical
9.8
9.8
2024-12-12
CVE-2024-12490
SQL Injection vulnerability in Code-Projects Online Class and Exam Scheduling System 1.0
A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0.
network
low complexity
code-projects
CWE-89
critical
9.8
9.8
2024-12-12
CVE-2024-12497
SQL Injection vulnerability in 1000Projects Attendance Tracking Management System 1.0
A vulnerability classified as critical has been found in 1000 Projects Attendance Tracking Management System 1.0.
network
low complexity
1000projects
CWE-89
critical
9.8
9.8
2024-12-12
CVE-2024-44241
Unspecified vulnerability in Apple Ipados
The issue was addressed with improved bounds checks.
network
low complexity
apple
critical
9.8
9.8
2024-12-12
CVE-2024-44242
Unspecified vulnerability in Apple Ipados
The issue was addressed with improved bounds checks.
network
low complexity
apple
critical
9.8
9.8
«
Previous
1
2
...
122
123
124
(current)
125
126
...
2633
2634
»
Next