Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-26 | CVE-2024-23624 | Command Injection vulnerability in Dlink Dap-1650 Firmware A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. | 9.8 |
| 2024-01-26 | CVE-2024-23625 | Command Injection vulnerability in Dlink Dap-1650 Firmware A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. | 9.8 |
| 2024-01-25 | CVE-2024-0890 | Unspecified vulnerability in Hongmaple Octopus 1.0 A vulnerability was found in hongmaple octopus 1.0. | 9.8 |
| 2024-01-25 | CVE-2024-22922 | Improper Privilege Management vulnerability in Projectworlds Visitor Management System in PHP 1.0 An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php | 9.8 |
| 2024-01-25 | CVE-2024-0884 | Unspecified vulnerability in Mayurik Online Tours &Travels Management System 1.0 A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. | 9.8 |
| 2024-01-25 | CVE-2024-22638 | Unspecified vulnerability in Livesite 2019.1 liveSite v2019.1 was discovered to contain a remote code execution (RCE) vulenrabiity via the component /livesite/edit_designer_region.php or /livesite/add_email_campaign.php. | 9.8 |
| 2024-01-25 | CVE-2023-6267 | Deserialization of Untrusted Data vulnerability in Quarkus A flaw was found in the json payload. | 9.8 |
| 2024-01-25 | CVE-2023-7227 | Command Injection vulnerability in Systemk-Corp products SystemK NVR 504/508/516 versions 2.3.5SK.30084998 and prior are vulnerable to a command injection vulnerability in the dynamic domain name system (DDNS) settings that could allow an attacker to execute arbitrary commands with root privileges. | 9.8 |
| 2024-01-25 | CVE-2024-0883 | Unspecified vulnerability in Mayurik Online Tours & Travels Management System 1.0 A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. | 9.8 |
| 2024-01-25 | CVE-2024-22529 | Command Injection vulnerability in Totolink X2000R Firmware 2.0.0B20230727.10434 TOTOLINK X2000R_V2 V2.0.0-B20230727.10434 has a command injection vulnerability in the sub_449040 (handle function of formUploadFile) of /bin/boa. | 9.8 |