Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-14 | CVE-2024-1485 | Path Traversal vulnerability in multiple products A flaw was found in the decompression function of registry-support. | 9.3 |
| 2024-02-14 | CVE-2024-24691 | Unspecified vulnerability in Zoom products Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access. | 9.8 |
| 2024-02-13 | CVE-2024-24142 | SQL Injection vulnerability in Rems School Task Manager 1.0 Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter. | 9.8 |
| 2024-02-13 | CVE-2024-1355 | Command Injection vulnerability in Github Enterprise Server A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the actions-console docker container while setting a service URL. | 9.1 |
| 2024-02-13 | CVE-2024-1359 | Command Injection vulnerability in Github Enterprise Server A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting up an HTTP proxy. | 9.1 |
| 2024-02-13 | CVE-2024-1369 | Command Injection vulnerability in Github Enterprise Server A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting the username and password for collectd configurations. | 9.1 |
| 2024-02-13 | CVE-2024-1372 | Command Injection vulnerability in Github Enterprise Server A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring SAML settings. | 9.1 |
| 2024-02-13 | CVE-2024-1374 | Command Injection vulnerability in Github Enterprise Server A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring audit log forwarding. | 9.1 |
| 2024-02-13 | CVE-2024-1378 | Command Injection vulnerability in Github Enterprise Server A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring SMTP options. | 9.1 |
| 2024-02-13 | CVE-2024-22923 | SQL Injection vulnerability in Advradius ADV Radius 2.2.5 SQL injection vulnerability in adv radius v.2.2.5 allows a local attacker to execute arbitrary code via a crafted script. | 9.8 |