Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-07-01 CVE-2024-21456 Out-of-bounds Read vulnerability in Qualcomm products
Information Disclosure while parsing beacon frame in STA.
network
low complexity
qualcomm CWE-125
critical
9.1
2024-07-01 CVE-2024-6376 Code Injection vulnerability in Mongodb Compass
MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling.
network
low complexity
mongodb CWE-94
critical
9.8
2024-07-01 CVE-2024-6419 Unspecified vulnerability in Oretnom23 Medicine Tracker System 1.0
A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0.
network
low complexity
oretnom23
critical
9.8
2024-06-29 CVE-2024-25943 Unspecified vulnerability in Dell Idrac9
iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th Generations, contains a session hijacking vulnerability in IPMI.
network
low complexity
dell
critical
9.8
2024-06-28 CVE-2024-37371 In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.
network
low complexity
mit debian
critical
9.1
2024-06-28 CVE-2024-6402 Out-of-bounds Write vulnerability in Tendacn A301 Firmware 15.13.08.12
A vulnerability classified as critical was found in Tenda A301 15.13.08.12.
network
low complexity
tendacn CWE-787
critical
9.8
2024-06-28 CVE-2024-6403 Out-of-bounds Write vulnerability in Tendacn A301 Firmware 15.13.08.12
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12.
network
low complexity
tendacn CWE-787
critical
9.8
2024-06-28 CVE-2024-39704 Injection vulnerability in Unknown-Corp Melty Blood Actress Again Current Code
Soft Circle French-Bread Melty Blood: Actress Again: Current Code through 1.07 Rev.
network
low complexity
unknown-corp CWE-74
critical
9.8
2024-06-28 CVE-2024-3816 SQL Injection vulnerability in Conceptintermedia S@M CMS
Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to a blind SQL Injection executed using the search bar.  Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears.
network
low complexity
conceptintermedia CWE-89
critical
9.8
2024-06-27 CVE-2024-5751 Unspecified vulnerability in Litellm 1.35.8
BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution.
network
low complexity
litellm
critical
9.8