Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-11 | CVE-2024-2013 | Missing Authentication for Critical Function vulnerability in Hitachienergy Foxman-Un and Unem An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway component that if exploited allows attackers without any access to interact with the services and the post-authentication attack surface. | 10.0 |
| 2024-06-11 | CVE-2024-5695 | Out-of-bounds Write vulnerability in Mozilla Firefox If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred. | 9.8 |
| 2024-06-10 | CVE-2024-32167 | Unspecified vulnerability in Oretnom23 Online Medicine Ordering System 1.0 Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion vulnerability as the backend settings have the function of deleting pictures to delete any files. | 9.1 |
| 2024-06-10 | CVE-2024-36412 | SQL Injection vulnerability in Salesagility Suitecrm SuiteCRM is an open-source Customer Relationship Management (CRM) software application. | 9.8 |
| 2024-06-10 | CVE-2024-36417 | Cross-site Scripting vulnerability in Salesagility Suitecrm SuiteCRM is an open-source Customer Relationship Management (CRM) software application. | 9.0 |
| 2024-06-10 | CVE-2024-37014 | Unspecified vulnerability in Langflow Langflow through 0.6.19 allows remote code execution if untrusted users are able to reach the "POST /api/v1/custom_component" endpoint and provide a Python script. | 9.8 |
| 2024-06-10 | CVE-2024-31611 | Unspecified vulnerability in Seacms 12.9 SeaCMS 12.9 has a file deletion vulnerability via admin_template.php. | 9.1 |
| 2024-06-10 | CVE-2024-35746 | Unspecified vulnerability in Buddypress Cover Project Buddypress Cover 2.1.4.2 Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress Cover allows Code Injection.This issue affects BuddyPress Cover: from n/a through 2.1.4.2. | 9.8 |
| 2024-06-10 | CVE-2024-5597 | Unspecified vulnerability in Fujielectric Monitouch V-Sft 5.4.42.0/6.1.6.0 Fuji Electric Monitouch V-SFT is vulnerable to a type confusion, which could cause a crash or code execution. | 9.8 |
| 2024-06-10 | CVE-2024-35658 | Unspecified vulnerability in Themehigh Checkout Field Editor for Woocommerce Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeHigh Checkout Field Editor for WooCommerce (Pro) allows Functionality Misuse, File Manipulation.This issue affects Checkout Field Editor for WooCommerce (Pro): from n/a through 3.6.2. | 9.1 |