Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-18 | CVE-2024-7907 | Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.852B20230719 A vulnerability, which was classified as critical, has been found in TOTOLINK X6000R 9.4.0cu.852_20230719. | 9.8 |
| 2024-08-17 | CVE-2024-7898 | Unspecified vulnerability in Tosei-Corporation Online Store Management System 4.0.2/4.0.3/4.0.4 A vulnerability classified as critical was found in Tosei Online Store Management System ??????????? 4.02/4.03/4.04. | 9.8 |
| 2024-08-17 | CVE-2023-0714 | Unspecified vulnerability in Wpmet Metform Elementor Contact Form Builder The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload due to insufficient file type validation in versions up to, and including, 3.2.4. | 9.8 |
| 2024-08-17 | CVE-2024-6500 | The InPost for WooCommerce plugin and InPost PL plugin for WordPress are vulnerable to unauthorized access and deletion of data due to a missing capability check on the 'parse_request' function in all versions up to, and including, 1.4.0 (for InPost for WooCommerce) as well as 1.4.4 (for InPost PL). network low complexity critical | 10.0 |
| 2024-08-16 | CVE-2024-43042 | Improper Restriction of Excessive Authentication Attempts vulnerability in Pluck-Cms Pluck 4.7.18 Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack. | 9.8 |
| 2024-08-16 | CVE-2022-33162 | Unspecified vulnerability in IBM products IBM Security Directory Integrator 7.2.0 and Security Verify Directory Integrator 10.0.0 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources, at the privilege level of a standard unprivileged user. | 9.8 |
| 2024-08-16 | CVE-2024-42638 | Use of Hard-coded Credentials vulnerability in H3C Magic B1St Firmware 100R012 H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. | 9.8 |
| 2024-08-16 | CVE-2024-42462 | Improper Authentication vulnerability in Upkeeper Manager Improper Authentication vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Bypass.This issue affects upKeeper Manager: through 5.1.9. | 9.8 |
| 2024-08-16 | CVE-2024-42465 | Improper Restriction of Excessive Authentication Attempts vulnerability in Upkeeper Manager Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9. | 9.8 |
| 2024-08-16 | CVE-2024-42466 | Improper Restriction of Excessive Authentication Attempts vulnerability in Upkeeper Manager Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9. | 9.8 |