Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-13 | CVE-2024-37632 | Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012 TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth . | 9.8 |
| 2024-06-13 | CVE-2024-37635 | Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012 TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg | 9.8 |
| 2024-06-13 | CVE-2024-38281 | Unspecified vulnerability in Motorola Vigilant Fixed LPR Coms BOX Firmware An attacker can access the maintenance console using hard coded credentials for a hidden wireless network on the device. | 9.8 |
| 2024-06-13 | CVE-2024-22441 | Improper Authentication vulnerability in HPE Cray Parallel Application Launch Service HPE Cray Parallel Application Launch Service (PALS) is subject to an authentication bypass. | 9.8 |
| 2024-06-13 | CVE-2024-37131 | Incorrect Comparison vulnerability in Dell Policy Manager for Secure Connect Gateway SCG Policy Manager, all versions, contains an overly permissive Cross-Origin Resource Policy (CORP) vulnerability. | 9.8 |
| 2024-06-13 | CVE-2024-37849 | SQL Injection vulnerability in Itsourcecode Billing System 1.0 A SQL Injection vulnerability in itsourcecode Billing System 1.0 allows a local attacker to execute arbitrary code in process.php via the username parameter. | 9.8 |
| 2024-06-13 | CVE-2024-30299 | Unspecified vulnerability in Adobe Framemaker Publishing Server 2020/2022 Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. | 9.8 |
| 2024-06-13 | CVE-2024-30300 | Unspecified vulnerability in Adobe Framemaker Publishing Server 2020/2022 Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an Information Exposure vulnerability (CWE-200) that could lead to privilege escalation. | 9.8 |
| 2024-06-13 | CVE-2024-34107 | Unspecified vulnerability in Adobe Commerce and Magento Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. | 9.8 |
| 2024-06-13 | CVE-2024-4371 | Deserialization of Untrusted Data vulnerability in Codexpert Codesigner The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.1 via deserialization of untrusted input from the recently_viewed_products cookie. | 9.8 |