Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-15 | CVE-2024-39736 | Improper Encoding or Escaping of Output vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 9.8 |
2024-07-14 | CVE-2024-6728 | Unspecified vulnerability in Angeljudesuarez Tailoring Management System 1.0 A vulnerability was found in itsourcecode Tailoring Management System 1.0. | 9.8 |
2024-07-12 | CVE-2024-39917 | Improper Restriction of Excessive Authentication Attempts vulnerability in Neutrinolabs Xrdp xrdp is an open source RDP server. | 9.8 |
2024-07-12 | CVE-2024-40539 | SQL Injection vulnerability in Codermy My-Springsecurity-Plus my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/user. | 9.8 |
2024-07-12 | CVE-2024-40540 | SQL Injection vulnerability in Codermy My-Springsecurity-Plus my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept. | 9.8 |
2024-07-12 | CVE-2024-40541 | SQL Injection vulnerability in Codermy My-Springsecurity-Plus my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept/build. | 9.8 |
2024-07-12 | CVE-2024-40542 | SQL Injection vulnerability in Codermy My-Springsecurity-Plus my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/role?offset. | 9.8 |
2024-07-11 | CVE-2024-6385 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows an attacker to trigger a pipeline as another user under certain circumstances. | 9.8 |
2024-07-10 | CVE-2024-5910 | Missing Authentication for Critical Function vulnerability in Paloaltonetworks Expedition Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. | 9.8 |
2024-07-10 | CVE-2024-4879 | Unspecified vulnerability in Servicenow Utah/Vancouver ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. | 9.8 |