Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-07-18 CVE-2024-40628 Path Traversal vulnerability in Fit2Cloud Jumpserver
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser.
network
low complexity
fit2cloud CWE-22
critical
 9.1
9.1
2024-07-18 CVE-2024-40629 Path Traversal vulnerability in Fit2Cloud Jumpserver
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser.
network
low complexity
fit2cloud CWE-22
critical
 9.8
9.8
2024-07-18 CVE-2024-39907 SQL Injection vulnerability in Fit2Cloud 1Panel 1.10.10Lts/1.10.9Lts
1Panel is a web-based linux server management control panel.
network
low complexity
fit2cloud CWE-89
critical
 9.8
9.8
2024-07-18 CVE-2024-39911 SQL Injection vulnerability in Fit2Cloud 1Panel 1.10.10Lts
1Panel is a web-based linux server management control panel.
network
low complexity
fit2cloud CWE-89
critical
 9.8
9.8
2024-07-18 CVE-2024-6164 Path Traversal vulnerability in Ymc-22 Filter & Grids
The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter.
network
low complexity
ymc-22 CWE-22
critical
 9.8
9.8
2024-07-17 CVE-2024-23465 Improper Authentication vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability.
network
low complexity
solarwinds CWE-287
critical
 9.8
9.8
2024-07-17 CVE-2024-23466 Unspecified vulnerability in Solarwinds Access Rights Manager
SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code Execution vulnerability.
network
low complexity
solarwinds
critical
 9.8
9.8
2024-07-17 CVE-2024-23467 Unspecified vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability.
network
low complexity
solarwinds
critical
 9.8
9.8
2024-07-17 CVE-2024-23468 Unspecified vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability.
network
low complexity
solarwinds
critical
 9.4
9.4
2024-07-17 CVE-2024-23469 Unspecified vulnerability in Solarwinds Access Rights Manager
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability.
network
low complexity
solarwinds
critical
 9.8
9.8