Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-02-07 CVE-2023-32328 Unspecified vulnerability in IBM Security Verify Access
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server.
network
low complexity
ibm
critical
 9.8
9.8
2024-02-07 CVE-2023-32330 Improper Certificate Validation vulnerability in IBM Security Verify Access
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server.
network
low complexity
ibm CWE-295
critical
 9.8
9.8
2024-02-07 CVE-2024-24563 Unspecified vulnerability in Vyperlang Vyper
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine.
network
low complexity
vyperlang
critical
 9.8
9.8
2024-02-07 CVE-2024-24811 Unspecified vulnerability in Zope Sqlalchemyda
SQLAlchemyDA is a generic database adapter for ZSQL methods.
network
low complexity
zope
critical
 9.8
9.8
2024-02-07 CVE-2024-24133 SQL Injection vulnerability in Atmail 6.3.0/6.6.0
Atmail v6.6.0 was discovered to contain a SQL injection vulnerability via the username parameter on the login page.
network
low complexity
atmail CWE-89
critical
 9.8
9.8
2024-02-07 CVE-2024-24186 Out-of-bounds Write vulnerability in Jsish 3.5.0
Jsish v3.5.0 (commit 42c694c) was discovered to contain a stack-overflow via the component IterGetKeysCallback at /jsish/src/jsiValue.c.
network
low complexity
jsish CWE-787
critical
 9.8
9.8
2024-02-07 CVE-2024-24188 Out-of-bounds Write vulnerability in Jsish 3.5.0
Jsish v3.5.0 was discovered to contain a heap-buffer-overflow in ./src/jsiUtils.c.
network
low complexity
jsish CWE-787
critical
 9.8
9.8
2024-02-07 CVE-2024-24189 Use After Free vulnerability in Jsish 3.5.0
Jsish v3.5.0 (commit 42c694c) was discovered to contain a use-after-free via the SplitChar at ./src/jsiUtils.c.
network
low complexity
jsish CWE-416
critical
 9.8
9.8
2024-02-07 CVE-2023-46914 SQL Injection vulnerability in Bookingcalendar Project Bookingcalendar 2.7.9
SQL Injection vulnerability in RM bookingcalendar module for PrestaShop versions 2.7.9 and before, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via ics_export.php.
network
low complexity
bookingcalendar-project CWE-89
critical
 9.8
9.8
2024-02-07 CVE-2024-24303 SQL Injection vulnerability in Hipresta Gift Wrapping PRO 1.4.0
SQL Injection vulnerability in HiPresta "Gift Wrapping Pro" (hiadvancedgiftwrapping) module for PrestaShop before version 1.4.1, allows remote attackers to escalate privileges and obtain sensitive information via the HiAdvancedGiftWrappingGiftWrappingModuleFrontController::addGiftWrappingCartValue() method.
network
low complexity
hipresta CWE-89
critical
 9.8
9.8