Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-05 | CVE-2024-38856 | Unspecified vulnerability in Apache Ofbiz Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through 18.12.14. Users are recommended to upgrade to version 18.12.15, which fixes the issue. Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don't explicitly check user's permissions because they rely on the configuration of their endpoints). | 9.8 |
| 2024-08-05 | CVE-2024-42447 | Unspecified vulnerability in Apache Apache-Airflow-Providers-Fab 1.2.0/1.2.1 Insufficient Session Expiration vulnerability in Apache Airflow Providers FAB. This issue affects Apache Airflow Providers FAB: 1.2.1 (when used with Apache Airflow 2.9.3) and FAB 1.2.0 for all Airflow versions. | 9.8 |
| 2024-08-05 | CVE-2024-41889 | Unspecified vulnerability in Pimax Pitool and Play Multiple Pimax products accept WebSocket connections from unintended endpoints. | 9.8 |
| 2024-08-05 | CVE-2024-6118 | Insufficiently Protected Credentials vulnerability in Hamastar Meetinghub Paperless Meetings 2021 A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub Paperless Meetings 2021 allows remote attackers to obtain the other users’ credentials and gain access to the product via an XML file. | 9.1 |
| 2024-08-05 | CVE-2024-7469 | OS Command Injection vulnerability in Raisecom products A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. | 9.8 |
| 2024-08-05 | CVE-2024-7470 | OS Command Injection vulnerability in Raisecom products A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. | 9.8 |
| 2024-08-05 | CVE-2024-7467 | OS Command Injection vulnerability in Raisecom products A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 and classified as critical. | 9.8 |
| 2024-08-05 | CVE-2024-7468 | OS Command Injection vulnerability in Raisecom products A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. | 9.8 |
| 2024-08-05 | CVE-2024-7465 | Classic Buffer Overflow vulnerability in Totolink Cp450 Firmware 4.1.0Cu.747B20191224 A vulnerability, which was classified as critical, was found in TOTOLINK CP450 4.1.0cu.747_B20191224. | 9.8 |
| 2024-08-05 | CVE-2024-7463 | Classic Buffer Overflow vulnerability in Totolink Cp900 Firmware 6.3C.566 A vulnerability classified as critical was found in TOTOLINK CP900 6.3c.566. | 9.8 |