Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-23 | CVE-2024-1824 | Unspecified vulnerability in Codeastro House Rental Management System 1.0 A vulnerability, which was classified as critical, has been found in CodeAstro House Rental Management System 1.0. | 9.8 |
| 2024-02-23 | CVE-2024-1817 | Unspecified vulnerability in Demososo DM Enterprise Website Building System A vulnerability has been found in Demososo DM Enterprise Website Building System up to 2022.8 and classified as critical. | 9.8 |
| 2024-02-22 | CVE-2023-51388 | Injection vulnerability in Apache Hertzbeat Hertzbeat is a real-time monitoring system. | 9.8 |
| 2024-02-22 | CVE-2023-51389 | Deserialization of Untrusted Data vulnerability in Apache Hertzbeat Hertzbeat is a real-time monitoring system. | 9.8 |
| 2024-02-22 | CVE-2023-51653 | Injection vulnerability in Apache Hertzbeat Hertzbeat is a real-time monitoring system. | 9.8 |
| 2024-02-21 | CVE-2024-1212 | OS Command Injection vulnerability in Progress Loadmaster Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution. | 9.8 |
| 2024-02-21 | CVE-2024-1709 | Unspecified vulnerability in Connectwise Screenconnect 22.7/23.8.4/23.8.5 ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems. | 10.0 |
| 2024-02-20 | CVE-2024-1297 | OS Command Injection vulnerability in Loomio 2.22.0 Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to OS Command Injection. | 9.8 |
| 2024-02-19 | CVE-2024-1638 | Unspecified vulnerability in Zephyrproject Zephyr The documentation specifies that the BT_GATT_PERM_READ_LESC and BT_GATT_PERM_WRITE_LESC defines for a Bluetooth characteristic: Attribute read/write permission with LE Secure Connection encryption. | 9.1 |
| 2024-02-19 | CVE-2024-1597 | SQL Injection vulnerability in multiple products pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. | 9.8 |