Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-13 | CVE-2024-23810 | Unspecified vulnerability in Siemens Sinec NMS 1.0/1.0.3/2.0 A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). | 9.8 |
| 2024-02-13 | CVE-2024-23813 | Improper Authentication vulnerability in Siemens Polarion ALM 21.0/2304.0 A vulnerability has been identified in Polarion ALM (All versions < V2404.0). | 9.8 |
| 2024-02-13 | CVE-2024-23816 | Unspecified vulnerability in Siemens Location Intelligence A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0) (All versions < V4.3), Location Intelligence Perpetual Medium (9DE5110-8CA12-1AX0) (All versions < V4.3), Location Intelligence Perpetual Non-Prod (9DE5110-8CA10-1AX0) (All versions < V4.3), Location Intelligence Perpetual Small (9DE5110-8CA11-1AX0) (All versions < V4.3), Location Intelligence SUS Large (9DE5110-8CA13-1BX0) (All versions < V4.3), Location Intelligence SUS Medium (9DE5110-8CA12-1BX0) (All versions < V4.3), Location Intelligence SUS Non-Prod (9DE5110-8CA10-1BX0) (All versions < V4.3), Location Intelligence SUS Small (9DE5110-8CA11-1BX0) (All versions < V4.3). | 9.8 |
| 2024-02-13 | CVE-2022-48623 | Out-of-bounds Read vulnerability in Rurban Cpanel::Json::Xs The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service. | 9.1 |
| 2024-02-13 | CVE-2023-42374 | Code Injection vulnerability in Mystenlabs SUI 1.2.1 An issue in mystenlabs Sui Blockchain before v.1.6.3 allow a remote attacker to execute arbitrary code and cause a denial of service via a crafted compressed script to the Sui node component. | 9.8 |
| 2024-02-12 | CVE-2024-23759 | Unrestricted Upload of File with Dangerous Type vulnerability in Gambio 4.9.2.0 Deserialization of Untrusted Data in Gambio through 4.9.2.0 allows attackers to run arbitrary code via "search" parameter of the Parcelshopfinder/AddAddressBookEntry" function. | 9.8 |
| 2024-02-12 | CVE-2024-23761 | Server-Side Request Forgery (SSRF) vulnerability in Gambio 4.9.2.0 Server Side Template Injection in Gambio 4.9.2.0 allows attackers to run arbitrary code via crafted smarty email template. | 9.8 |
| 2024-02-12 | CVE-2024-23763 | SQL Injection vulnerability in Gambio 4.9.2.0 SQL Injection vulnerability in Gambio through 4.9.2.0 allows attackers to run arbitrary SQL commands via crafted GET request using modifiers[attribute][] parameter. | 9.8 |
| 2024-02-12 | CVE-2023-6036 | Incorrect Authorization vulnerability in Miniorange Web3 - Crypto Wallet Login & NFT Token Gating The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handle_auth_request' and 'hadle_login_request'. | 9.8 |
| 2024-02-12 | CVE-2023-46615 | Unspecified vulnerability in Kallidan KD Coming Soon Deserialization of Untrusted Data vulnerability in Kalli Dan. | 9.8 |