Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-02 | CVE-2023-47143 | Improper Encoding or Escaping of Output vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 9.8 |
| 2024-02-02 | CVE-2023-50488 | Code Injection vulnerability in Blurams Lumi Security Camera A31C Firmware 23.0406.435.412 An issue in Blurams Lumi Security Camera (A31C) v23.0406.435.4120 allows attackers to execute arbitrary code. | 9.8 |
| 2024-02-02 | CVE-2024-0338 | Classic Buffer Overflow vulnerability in Apachefriends Xampp A buffer overflow vulnerability has been found in XAMPP affecting version 8.2.4 and earlier. | 9.8 |
| 2024-02-02 | CVE-2024-23978 | Out-of-bounds Write vulnerability in Kddi Home Spot Cube 2 Firmware V102 Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. | 9.8 |
| 2024-02-02 | CVE-2024-0685 | SQL Injection vulnerability in Ninjaforms Ninja Forms The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Second Order SQL Injection via the email address value submitted through forms in all versions up to, and including, 3.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.8 |
| 2024-02-02 | CVE-2024-24482 | Path Traversal vulnerability in Apktool Aprktool before 2.9.3 on Windows allows ../ and /.. | 9.8 |
| 2024-02-02 | CVE-2024-22319 | Unspecified vulnerability in IBM Operational Decision Manager IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, 8.11.1 and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. | 9.8 |
| 2024-02-02 | CVE-2024-22533 | Code Injection vulnerability in Xiandafu Beetl 3.15.12 Before Beetl v3.15.12, the rendering template has a server-side template injection (SSTI) vulnerability. | 9.8 |
| 2024-02-02 | CVE-2023-32333 | Unspecified vulnerability in IBM Maximo Asset Management 7.6.1.3 IBM Maximo Asset Management 7.6.1.3 could allow a remote attacker to log into the admin panel due to improper access controls. | 9.8 |
| 2024-02-02 | CVE-2023-48792 | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zoho ManageEngine ADAudit Plus through 7250 is vulnerable to SQL Injection in the report export option. | 9.8 |