Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-01 | CVE-2024-39777 | Unspecified vulnerability in Mattermost Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5 and 9.8.x <= 9.8.1 fail to disallow unsolicited invites to expose access to local channels, when shared channels are enabled, which allows a malicious remote to send an invite with the ID of an existing local channel, and that local channel will then become shared without the consent of the local admin. | 9.6 |
| 2024-08-01 | CVE-2024-7332 | Use of Hard-coded Credentials vulnerability in Totolink Cp450 Firmware 4.1.0Cu.747B20191224 A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. | 9.8 |
| 2024-07-31 | CVE-2024-38182 | Unspecified vulnerability in Microsoft Dynamics 365 7.0 Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network. | 9.8 |
| 2024-07-31 | CVE-2024-7329 | Unrestricted Upload of File with Dangerous Type vulnerability in Youdiancms 7.0 A vulnerability, which was classified as critical, was found in YouDianCMS 7. | 9.8 |
| 2024-07-31 | CVE-2024-7311 | SQL Injection vulnerability in Fabianros Online BUS Reservation Site 1.0 A vulnerability was found in code-projects Online Bus Reservation Site 1.0. | 9.8 |
| 2024-07-31 | CVE-2024-7320 | SQL Injection vulnerability in Adonesevangelista Online Blood Bank Management System 1.0 A vulnerability classified as critical has been found in itsourcecode Online Blood Bank Management System 1.0. | 9.8 |
| 2024-07-31 | CVE-2024-6980 | Server-Side Request Forgery (SSRF) vulnerability in Bitdefender Gravityzone A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise. | 9.8 |
| 2024-07-31 | CVE-2024-39950 | Unspecified vulnerability in Dahuasecurity products A vulnerability has been found in Dahua products. | 9.8 |
| 2024-07-31 | CVE-2024-7286 | SQL Injection vulnerability in Oretnom23 Establishment Billing Management System 1.0 A vulnerability was found in SourceCodester Establishment Billing Management System 1.0 and classified as critical. | 9.8 |
| 2024-07-31 | CVE-2024-7281 | SQL Injection vulnerability in Oretnom23 LOT Reservation Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Lot Reservation Management System 1.0. | 9.8 |