Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-24	CVE-2024-41460	Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14 Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/RouteStatic. network low complexity tendacn CWE-787 critical	9.8
2024-07-24	CVE-2024-41461	Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14 Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient. network low complexity tendacn CWE-787 critical	9.8
2024-07-24	CVE-2024-7081	Unspecified vulnerability in Tailoring Management System Project Tailoring Management System 1.0 A vulnerability was found in itsourcecode Tailoring Management System 1.0. network low complexity tailoring-management-system-project critical	9.8
2024-07-24	CVE-2024-41551	SQL Injection vulnerability in Campcodes Supplier Management System 1.0 CampCodes Supplier Management System v1.0 is vulnerable to SQL injection via Supply_Management_System/admin/view_order_items.php?id= . network low complexity campcodes CWE-89 critical	9.8
2024-07-24	CVE-2024-41662	Cross-site Scripting vulnerability in Vnote Project Vnote VNote is a note-taking platform. network low complexity vnote-project CWE-79 critical	9.6
2024-07-24	CVE-2024-40422	Path Traversal vulnerability in Stitionai Devika 1.0 The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is susceptible to a path traversal attack. network low complexity stitionai CWE-22 critical	9.1
2024-07-24	CVE-2024-41914	Cross-site Scripting vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. network low complexity arubanetworks CWE-79 critical	9.0
2024-07-24	CVE-2023-45249	Improper Authentication vulnerability in Acronis Cyber Infrastructure Remote command execution due to use of default passwords. network low complexity acronis CWE-287 critical	9.8
2024-07-24	CVE-2024-6096	Unsafe Reflection vulnerability in Progress Telerik Reporting In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is possible through object injection via an insecure type resolution vulnerability. network low complexity progress CWE-470 critical	9.8
2024-07-24	CVE-2024-6327	Deserialization of Untrusted Data vulnerability in Progress Telerik Report Server In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability. network low complexity progress CWE-502 critical	9.8

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical