Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-09 | CVE-2024-30534 | Unspecified vulnerability in Typps Calendarista Missing Authorization vulnerability in typps Calendarista Basic Edition.This issue affects Calendarista Basic Edition: from n/a through 3.0.5. | 9.8 |
| 2024-06-09 | CVE-2024-30538 | Unspecified vulnerability in Delucks SEO Missing Authorization vulnerability in DELUCKS GmbH DELUCKS SEO.This issue affects DELUCKS SEO: from n/a through 2.5.4. | 9.8 |
| 2024-06-09 | CVE-2024-30539 | Unspecified vulnerability in Getawesomesupport Awesome Support Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.7. | 9.8 |
| 2024-06-09 | CVE-2024-5774 | Unspecified vulnerability in Warrendaloyan Stock Management System 1.0 A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. | 9.8 |
| 2024-06-08 | CVE-2024-4146 | Incorrect Authorization vulnerability in Lunary 1.2.13 In lunary-ai/lunary version v1.2.13, an incorrect authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. | 9.8 |
| 2024-06-08 | CVE-2024-37407 | Out-of-bounds Read vulnerability in Libarchive Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. | 9.1 |
| 2024-06-07 | CVE-2024-37388 | XXE vulnerability in Dnkorpushov Ebookmeta An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function of lxml before v4.9.1 allows attackers to access sensitive information or cause a Denial of Service (DoS) via crafted XML input. | 9.1 |
| 2024-06-07 | CVE-2024-5745 | Unspecified vulnerability in Bakery Online Ordering System Project Bakery Online Ordering System 1.0 A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. | 9.8 |
| 2024-06-07 | CVE-2024-30163 | SQL Injection vulnerability in Invisioncommunity Invision Community before 4.7.16 allow SQL injection via the applications/nexus/modules/front/store/store.php IPS\nexus\modules\front\store\_store::_categoryView() method, where user input passed through the filter request parameter is not properly sanitized before being used to execute SQL queries. | 9.8 |
| 2024-06-07 | CVE-2024-36673 | SQL Injection vulnerability in Pharmacy/Medical Store Point of Sale System Project Pharmacy/Medical Store Point of Sale System 1.0 Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable SQL Injection via login.php. | 9.8 |