Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-13	CVE-2024-55956	In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory. network low complexity CWE-77 critical	9.8
2024-12-13	CVE-2024-9290	The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and a missing capability check on the ibk_restore_migrate_check() function in all versions up to, and including, 2.3.3. network low complexity CWE-434 critical	9.8
2024-12-12	CVE-2024-49147	Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to elevate privileges on the website’s webserver. network low complexity CWE-502 critical	9.3
2024-12-12	CVE-2024-10124	The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation due to a missing capability check on the tp_install() function in all versions up to, and including, 1.1.1. network low complexity CWE-284 critical	9.8
2024-12-12	CVE-2024-11015	The Sign In With Google plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.8.0. network low complexity CWE-287 critical	9.8
2024-12-12	CVE-2024-12497	SQL Injection vulnerability in 1000Projects Attendance Tracking Management System 1.0 A vulnerability classified as critical has been found in 1000 Projects Attendance Tracking Management System 1.0. network low complexity 1000projects CWE-89 critical	9.8
2024-12-12	CVE-2024-44241	Unspecified vulnerability in Apple Ipados The issue was addressed with improved bounds checks. network low complexity apple critical	9.8
2024-12-12	CVE-2024-44242	Unspecified vulnerability in Apple Ipados The issue was addressed with improved bounds checks. network low complexity apple critical	9.8
2024-12-12	CVE-2024-44299	Unspecified vulnerability in Apple Ipados The issue was addressed with improved bounds checks. network low complexity apple critical	9.8
2024-12-12	CVE-2024-54465	Unspecified vulnerability in Apple Macos A logic issue was addressed with improved state management. network low complexity apple critical	9.8

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical