Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-02 | CVE-2024-36243 | Out-of-bounds Write vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds read and write. | 9.8 |
| 2024-07-02 | CVE-2024-36260 | Out-of-bounds Write vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | 9.8 |
| 2024-07-02 | CVE-2024-37030 | Use After Free vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through use after free. | 9.8 |
| 2024-07-02 | CVE-2024-37077 | Out-of-bounds Write vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | 9.8 |
| 2024-07-02 | CVE-2024-37185 | Out-of-bounds Write vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | 9.8 |
| 2024-07-02 | CVE-2023-41919 | Use of Hard-coded Credentials vulnerability in Kiloview P1 Firmware and P2 Firmware Hardcoded credentials are discovered within the application's source code, creating a potential security risk for unauthorized access. | 9.8 |
| 2024-07-02 | CVE-2024-6172 | SQL Injection vulnerability in Icegram Email Subscribers & Newsletters The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the db parameter in all versions up to, and including, 5.7.25 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.8 |
| 2024-07-01 | CVE-2024-28200 | Improper Authentication vulnerability in N-Able N-Central 2023.4/2023.6/2023.7 The N-central server is vulnerable to an authentication bypass of the user interface. | 9.8 |
| 2024-07-01 | CVE-2024-38366 | Injection vulnerability in Cocoapods Trunk.Cocoapods.Org trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. | 10.0 |
| 2024-07-01 | CVE-2024-38367 | Unspecified vulnerability in Cocoapods Trunk.Cocoapods.Org trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. | 9.6 |