Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-25140 | Improper Certificate Validation vulnerability in Rustdesk 1.2.3 A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing (1.3.6.1.5.5.7.3.3), valid from 2023 until 2033. | 9.8 |
| 2024-02-06 | CVE-2024-22433 | Unspecified vulnerability in Dell Data Protection Search Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.get_ldap_info in DP Search. | 9.8 |
| 2024-02-06 | CVE-2023-43518 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in video while parsing invalid mp2 clip. | 9.8 |
| 2024-02-06 | CVE-2023-43519 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size. | 9.8 |
| 2024-02-06 | CVE-2023-43520 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE. | 9.8 |
| 2024-02-06 | CVE-2023-43534 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. | 9.8 |
| 2024-02-06 | CVE-2023-33058 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure in Modem while processing SIB5. | 9.1 |
| 2024-02-06 | CVE-2024-22852 | Out-of-bounds Write vulnerability in Dlink Go-Rt-Ac750 Firmware 101B03 D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. | 9.8 |
| 2024-02-06 | CVE-2024-22853 | Use of Hard-coded Credentials vulnerability in Dlink Go-Rt-Ac750 Firmware 101B03 D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session. | 9.8 |
| 2024-02-06 | CVE-2023-46359 | OS Command Injection vulnerability in Hardy-Barth Cph2 Echarge Firmware An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature. | 9.8 |