Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-26 | CVE-2024-41112 | Unspecified vulnerability in Opengeos Streamlit-Geospatial streamlit-geospatial is a streamlit multipage app for geospatial applications. | 9.8 |
| 2024-07-26 | CVE-2024-41113 | Unspecified vulnerability in Opengeos Streamlit-Geospatial streamlit-geospatial is a streamlit multipage app for geospatial applications. | 9.8 |
| 2024-07-26 | CVE-2024-40689 | Unspecified vulnerability in IBM products IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. | 9.8 |
| 2024-07-26 | CVE-2024-7120 | Unspecified vulnerability in Raisecom products A vulnerability, which was classified as critical, was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. | 9.8 |
| 2024-07-25 | CVE-2024-24621 | Incorrect Comparison vulnerability in Softaculous Webuzo Softaculous Webuzo contains an authentication bypass vulnerability through the password reset functionality. | 9.8 |
| 2024-07-25 | CVE-2024-41468 | OS Command Injection vulnerability in Tendacn Fh1201 Firmware 1.2.0.14 Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand | 9.8 |
| 2024-07-25 | CVE-2024-41473 | OS Command Injection vulnerability in Tendacn Fh1201 Firmware 1.2.0.14 Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac | 9.8 |
| 2024-07-25 | CVE-2024-38287 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Rhubcom Turbomeeting The password-reset mechanism in the Forgot Password functionality in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to force the application into resetting the administrator's password to a random insecure 8-digit value. | 9.8 |
| 2024-07-25 | CVE-2024-38289 | SQL Injection vulnerability in Rhubcom Turbomeeting A boolean-based SQL injection issue in the Virtual Meeting Password (VMP) endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to extract hashed passwords from the database, and authenticate to the application, via crafted SQL input. | 9.8 |
| 2024-07-25 | CVE-2024-7007 | Missing Authentication for Critical Function vulnerability in Positron Tra7005 Firmware 1.20 Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass exploit that could allow an attacker to have unauthorized access to protected areas of the application. | 9.8 |