Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-11 | CVE-2024-8277 | Missing Authentication for Critical Function vulnerability in Villatheme Woocommerce Photo Reviews The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2. | 9.8 |
| 2024-09-10 | CVE-2024-8191 | SQL Injection vulnerability in Ivanti Endpoint Manager SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution. | 9.8 |
| 2024-09-10 | CVE-2024-45409 | The Ruby SAML library is for implementing the client side of a SAML authorization. | 9.8 |
| 2024-09-10 | CVE-2024-21416 | Unspecified vulnerability in Microsoft products Windows TCP/IP Remote Code Execution Vulnerability | 9.8 |
| 2024-09-10 | CVE-2024-37341 | Unspecified vulnerability in Microsoft products Microsoft SQL Server Elevation of Privilege Vulnerability | 9.8 |
| 2024-09-10 | CVE-2024-37980 | Unspecified vulnerability in Microsoft products Microsoft SQL Server Elevation of Privilege Vulnerability | 9.8 |
| 2024-09-10 | CVE-2024-38194 | Unspecified vulnerability in Microsoft Azure web Apps An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network. | 9.9 |
| 2024-09-10 | CVE-2024-38216 | Unspecified vulnerability in Microsoft Azure Stack HUB Azure Stack Hub Elevation of Privilege Vulnerability | 9.0 |
| 2024-09-10 | CVE-2024-38220 | Unspecified vulnerability in Microsoft Azure Stack HUB Azure Stack Hub Elevation of Privilege Vulnerability | 9.0 |
| 2024-09-10 | CVE-2024-38225 | Unspecified vulnerability in Microsoft Dynamics 365 Business Central 2023/2024 Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability | 9.8 |