Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-41623 | Unspecified vulnerability in D3Dsecurity D8801 Firmware 9.1.17.1.420180428 An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload | 9.8 |
| 2024-08-13 | CVE-2024-6788 | Unspecified vulnerability in Phoenixcontact products A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password. | 9.8 |
| 2024-08-13 | CVE-2024-41940 | Unspecified vulnerability in Siemens Sinec NMS 1.0/1.0.3/2.0 A vulnerability has been identified in SINEC NMS (All versions < V3.0). | 9.1 |
| 2024-08-13 | CVE-2024-33003 | Unspecified vulnerability in SAP Commerce Cloud Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. | 9.1 |
| 2024-08-13 | CVE-2024-41730 | Missing Authorization vulnerability in SAP Business Objects Business Intelligence Platform Enterprise430/Enterprise440 In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint. | 9.8 |
| 2024-08-13 | CVE-2024-7707 | Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware V02.03.01.35 A vulnerability was found in Tenda FH1206 02.03.01.35 and classified as critical. | 9.8 |
| 2024-08-12 | CVE-2024-43360 | SQL Injection vulnerability in Zoneminder ZoneMinder is a free, open source closed-circuit television software application. | 9.8 |
| 2024-08-12 | CVE-2024-42546 | Classic Buffer Overflow vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504 TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password parameter in the loginauth function. | 9.8 |
| 2024-08-12 | CVE-2024-42547 | Classic Buffer Overflow vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504 TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the http_host parameter in the loginauth function. | 9.8 |
| 2024-08-12 | CVE-2024-42543 | Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function. | 9.8 |