Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-05 | CVE-2024-29319 | Server-Side Request Forgery (SSRF) vulnerability in Personal-Management-System Personal Management System 1.4.64 Volmarg Personal Management System 1.4.64 is vulnerable to SSRF (Server Side Request Forgery) via uploading a SVG file. | 9.8 |
| 2024-07-05 | CVE-2024-37768 | Unspecified vulnerability in B1Ackc4T 14Finger 1.1 14Finger v1.1 was discovered to contain an arbitrary user deletion vulnerability via the component /api/admin/user?id. | 9.1 |
| 2024-07-05 | CVE-2024-38346 | Unspecified vulnerability in Apache Cloudstack The CloudStack cluster service runs on unauthenticated port (default 9090) that can be misused to run arbitrary commands on targeted hypervisors and CloudStack management server hosts. | 9.8 |
| 2024-07-05 | CVE-2024-39028 | Unspecified vulnerability in Seacms An issue was discovered in SeaCMS <=12.9 which allows remote attackers to execute arbitrary code via admin_ping.php. | 9.8 |
| 2024-07-05 | CVE-2024-39864 | Unspecified vulnerability in Apache Cloudstack The CloudStack integration API service allows running its unauthenticated API server (usually on port 8096 when configured and enabled via integration.api.port global setting) for internal portal integrations and for testing purposes. | 9.8 |
| 2024-07-05 | CVE-2024-6298 | Improper Validation of Specified Type of Input vulnerability in ABB products Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to execute arbitrary code remotely | 9.8 |
| 2024-07-02 | CVE-2024-4708 | Use of Hard-coded Credentials vulnerability in Myscada Mypro mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code on the affected device. | 9.8 |
| 2024-07-02 | CVE-2024-6439 | Unspecified vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and classified as critical. | 9.8 |
| 2024-07-02 | CVE-2024-6440 | Unspecified vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0. | 9.8 |
| 2024-07-02 | CVE-2024-36243 | Out-of-bounds Write vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds read and write. | 9.8 |