Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-18 | CVE-2023-52378 | Unspecified vulnerability in Huawei Emui and Harmonyos Vulnerability of incorrect service logic in the WindowManagerServices module.Successful exploitation of this vulnerability may cause features to perform abnormally. | 9.8 |
| 2024-02-18 | CVE-2023-52369 | Out-of-bounds Write vulnerability in Huawei Emui and Harmonyos Stack overflow vulnerability in the NFC module.Successful exploitation of this vulnerability may affect service availability and integrity. | 9.1 |
| 2024-02-16 | CVE-2024-24377 | Command Injection vulnerability in Idocv Idocview An issue in idocv v.14.1.3_20231228 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script. | 9.8 |
| 2024-02-16 | CVE-2024-0031 | Out-of-bounds Write vulnerability in Google Android In attp_build_read_by_type_value_cmd of att_protocol.cc , there is a possible out of bounds write due to improper input validation. | 9.8 |
| 2024-02-16 | CVE-2024-25414 | Unrestricted Upload of File with Dangerous Type vulnerability in Cszcms CSZ CMS 1.3.0 An arbitrary file upload vulnerability in /admin/upgrade of CSZ CMS v1.3.0 allows attackers to execute arbitrary code via uploading a crafted Zip file. | 9.8 |
| 2024-02-15 | CVE-2024-23477 | Path Traversal vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. | 9.6 |
| 2024-02-15 | CVE-2024-20719 | Cross-site Scripting vulnerability in Adobe Commerce 2.4.4/2.4.5/2.4.6 Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into every admin page. | 9.1 |
| 2024-02-15 | CVE-2024-23113 | Unspecified vulnerability in Fortinet products A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets. | 9.8 |
| 2024-02-14 | CVE-2024-25209 | SQL Injection vulnerability in Rems Barangay Population Monitoring System 1.0 Barangay Population Monitoring System 1.0 was discovered to contain a SQL injection vulnerability via the resident parameter at /endpoint/delete-resident.php. | 9.8 |
| 2024-02-14 | CVE-2024-25210 | SQL Injection vulnerability in Rems Simple Expense Tracker APP 1.0 Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the expense parameter at /endpoint/delete_expense.php. | 9.8 |