Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-13 | CVE-2024-37635 | Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012 TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg | 9.8 |
| 2024-06-13 | CVE-2024-38281 | Unspecified vulnerability in Motorola Vigilant Fixed LPR Coms BOX Firmware An attacker can access the maintenance console using hard coded credentials for a hidden wireless network on the device. | 9.8 |
| 2024-06-13 | CVE-2024-22441 | Improper Authentication vulnerability in HPE Cray Parallel Application Launch Service HPE Cray Parallel Application Launch Service (PALS) is subject to an authentication bypass. | 9.8 |
| 2024-06-13 | CVE-2024-37849 | SQL Injection vulnerability in Itsourcecode Billing System 1.0 A SQL Injection vulnerability in itsourcecode Billing System 1.0 allows a local attacker to execute arbitrary code in process.php via the username parameter. | 9.8 |
| 2024-06-13 | CVE-2024-30299 | Unspecified vulnerability in Adobe Framemaker Publishing Server 2020/2022 Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. | 9.8 |
| 2024-06-13 | CVE-2024-30300 | Unspecified vulnerability in Adobe Framemaker Publishing Server 2020/2022 Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an Information Exposure vulnerability (CWE-200) that could lead to privilege escalation. | 9.8 |
| 2024-06-13 | CVE-2024-34107 | Unspecified vulnerability in Adobe Commerce and Magento Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. | 9.8 |
| 2024-06-13 | CVE-2024-4371 | Deserialization of Untrusted Data vulnerability in Codexpert Codesigner The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.1 via deserialization of untrusted input from the recently_viewed_products cookie. | 9.8 |
| 2024-06-13 | CVE-2024-26029 | Unspecified vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. | 9.8 |
| 2024-06-13 | CVE-2024-3552 | SQL Injection vulnerability in Salephpscripts web Directory Free The Web Directory Free WordPress plugin before 1.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based. | 9.8 |