Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-12	CVE-2024-22122	Command Injection vulnerability in Zabbix Zabbix allows to configure SMS notifications. network low complexity zabbix CWE-77 critical	9.1
2024-08-12	CVE-2024-37023	Command Injection vulnerability in Vonets products Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters. network low complexity vonets CWE-77 critical	9.9
2024-08-12	CVE-2024-38219	Type Confusion vulnerability in Microsoft Edge Chromium Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability network high complexity microsoft CWE-843 critical	9.0
2024-08-12	CVE-2024-39791	Out-of-bounds Write vulnerability in Vonets products Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code. network low complexity vonets CWE-787 critical	9.8
2024-08-12	CVE-2024-40472	SQL Injection vulnerability in Rems Daily Calories Monitoring Tool 1.0 Sourcecodester Daily Calories Monitoring Tool v1.0 is vulnerable to SQL Injection via "delete-calorie.php." network low complexity rems CWE-89 critical	9.8
2024-08-12	CVE-2024-40480	Unspecified vulnerability in Jayesh Online Exam System 1.0 A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator dashboard and delete valid user accounts via the direct URL access. network low complexity jayesh critical	9.8
2024-08-12	CVE-2024-41570	Server-Side Request Forgery (SSRF) vulnerability in Havocframework Havoc An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server. network low complexity havocframework CWE-918 critical	9.8
2024-08-12	CVE-2024-42001	Forced Browsing vulnerability in Vonets products An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafted direct request when another user has an active session. network low complexity vonets CWE-425 critical	9.8
2024-08-12	CVE-2024-42467	Unspecified vulnerability in Openhab web Interface openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. network low complexity openhab critical	10.0
2024-08-12	CVE-2024-42469	Path Traversal vulnerability in Openhab openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. network low complexity openhab CWE-22 critical	9.8

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical