Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-13	CVE-2024-7569	Unspecified vulnerability in Ivanti Neurons for Itsm 2023.2/2023.3/2023.4 An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information. network low complexity ivanti critical	9.8
2024-08-13	CVE-2024-7593	Improper Authentication vulnerability in Ivanti Virtual Traffic Management Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel. network low complexity ivanti CWE-287 critical	9.8
2024-08-13	CVE-2024-38063	Unspecified vulnerability in Microsoft products Windows TCP/IP Remote Code Execution Vulnerability network low complexity microsoft critical	9.8
2024-08-13	CVE-2024-38108	Cross-site Scripting vulnerability in Microsoft Azure Stack HUB Azure Stack Hub Spoofing Vulnerability network low complexity microsoft CWE-79 critical	9.3
2024-08-13	CVE-2024-38159	Unspecified vulnerability in Microsoft Windows 10 1607 and Windows Server 2016 Windows Network Virtualization Remote Code Execution Vulnerability network low complexity microsoft critical	9.1
2024-08-13	CVE-2024-38160	Unspecified vulnerability in Microsoft Windows 10 1607 and Windows Server 2016 Windows Network Virtualization Remote Code Execution Vulnerability network low complexity microsoft critical	9.1
2024-08-13	CVE-2024-38199	Unspecified vulnerability in Microsoft products Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability network low complexity microsoft critical	9.8
2024-08-13	CVE-2023-20591	Improper Initialization vulnerability in AMD products Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in loss of confidentiality, integrity, and availability. network low complexity amd CWE-665 critical	10.0
2024-08-13	CVE-2023-26211	Cross-site Scripting vulnerability in Fortinet Fortisoar An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSOAR 7.3.0 through 7.3.2 allows an authenticated, remote attacker to inject arbitrary web script or HTML via the Communications module. network low complexity fortinet CWE-79 critical	9.0
2024-08-13	CVE-2024-7746	Improper Authentication vulnerability in Traccar Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication mechanism. These transactions could have an impact on any sensitive aspect of the platform, including Confidentiality, Integrity and Availability. network low complexity traccar CWE-287 critical	9.8

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical