Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-16 | CVE-2024-38468 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Guoxinled Synthesis Image System Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API. | 9.8 |
| 2024-06-16 | CVE-2024-38439 | Out-of-bounds Write vulnerability in Netatalk Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[PASSWDLEN] to '\0' in FPLoginExt in login in etc/uams/uams_pam.c. | 9.8 |
| 2024-06-16 | CVE-2024-38428 | Interpretation Conflict vulnerability in GNU Wget url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent. | 9.1 |
| 2024-06-15 | CVE-2024-6016 | Unspecified vulnerability in Itsourcecode Laundry Management System Project in PHP With Source Code 1.0 A vulnerability, which was classified as critical, has been found in itsourcecode Online Laundry Management System 1.0. | 9.8 |
| 2024-06-15 | CVE-2024-6014 | Unspecified vulnerability in Itsourcecode Document Management System Project in PHP With Source Code 1.0 A vulnerability classified as critical has been found in itsourcecode Document Management System 1.0. | 9.8 |
| 2024-06-15 | CVE-2024-6015 | Unspecified vulnerability in Itsourcecode Online House Rental System Project in PHP With Source Code 1.0 A vulnerability classified as critical was found in itsourcecode Online House Rental System 1.0. | 9.8 |
| 2024-06-15 | CVE-2024-6009 | Unspecified vulnerability in Itsourcecode Learning Management System Project in PHP With Source Code 1.0 A vulnerability has been found in itsourcecode Event Calendar 1.0 and classified as critical. | 9.8 |
| 2024-06-15 | CVE-2024-6013 | Unspecified vulnerability in Itsourcecode Online Book Store Project in PHP and Mysql With Source Code 1.0 A vulnerability was found in itsourcecode Online Book Store 1.0. | 9.8 |
| 2024-06-14 | CVE-2024-37831 | SQL Injection vulnerability in Itsourcecode Payroll Management System 1.0 Itsourcecode Payroll Management System 1.0 is vulnerable to SQL Injection in payroll_items.php via the ID parameter. | 9.8 |
| 2024-06-14 | CVE-2024-4404 | Server-Side Request Forgery (SSRF) vulnerability in Wpmet Elementskit The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.6.2 via the 'render_raw' function. | 9.6 |