VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Critical
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-11-10
CVE-2024-46613
Integer Overflow or Wraparound vulnerability in Weechat
WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list.
network
low complexity
weechat
CWE-190
critical
9.8
9.8
2024-11-10
CVE-2024-11057
SQL Injection vulnerability in Codezips Hospital Appointment System 1.0
A vulnerability has been found in Codezips Hospital Appointment System 1.0 and classified as critical.
network
low complexity
codezips
CWE-89
critical
9.8
9.8
2024-11-10
CVE-2024-11055
SQL Injection vulnerability in 1000Projects Beauty Parlour Management System 1.0
A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0.
network
low complexity
1000projects
CWE-89
critical
9.8
9.8
2024-11-10
CVE-2024-11054
Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Simple Music Cloud Community System 1.0
A vulnerability classified as critical was found in SourceCodester Simple Music Cloud Community System 1.0.
network
low complexity
oretnom23
CWE-434
critical
9.8
9.8
2024-11-10
CVE-2024-11047
Stack-based Buffer Overflow vulnerability in Dlink Di-8003 Firmware 16.07.16A1
A vulnerability was found in D-Link DI-8003 16.07.16A1.
network
low complexity
dlink
CWE-121
critical
9.8
9.8
2024-11-10
CVE-2024-11048
Stack-based Buffer Overflow vulnerability in Dlink Di-8003 Firmware 16.07.16A1
A vulnerability was found in D-Link DI-8003 16.07.16A1.
network
low complexity
dlink
CWE-121
critical
9.8
9.8
2024-11-10
CVE-2024-11046
Command Injection vulnerability in Dlink Di-8003 Firmware 16.07.16A1
A vulnerability was found in D-Link DI-8003 16.07.16A1.
network
low complexity
dlink
CWE-77
critical
9.8
9.8
2024-11-09
CVE-2024-10508
The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0.2.6.
network
low complexity
CWE-230
critical
9.8
9.8
2024-11-09
CVE-2024-10547
The WP Membership plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the user_profile_image_upload() function in all versions up to, and including, 1.6.2.
network
low complexity
CWE-434
critical
9.8
9.8
2024-11-09
CVE-2024-10589
The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the import_settings() function in all versions up to, and including, 3.1.1.
network
low complexity
CWE-862
critical
9.8
9.8
«
Previous
1
2
...
18
19
20
(current)
21
22
...
2454
2455
»
Next