Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-07-02 CVE-2024-4708 Use of Hard-coded Credentials vulnerability in Myscada Mypro
mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code on the affected device.
network
low complexity
myscada CWE-798
critical
9.8
2024-07-02 CVE-2024-6439 Unspecified vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0
A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and classified as critical.
network
low complexity
home-owners-collection-management-system-project
critical
9.8
2024-07-02 CVE-2024-6440 Unspecified vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0
A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0.
network
low complexity
home-owners-collection-management-system-project
critical
9.8
2024-07-02 CVE-2024-36243 Out-of-bounds Write vulnerability in Openatom Openharmony
in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds read and write.
network
low complexity
openatom CWE-787
critical
9.8
2024-07-02 CVE-2024-36260 Out-of-bounds Write vulnerability in Openatom Openharmony
in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.
network
low complexity
openatom CWE-787
critical
9.8
2024-07-02 CVE-2024-37030 Use After Free vulnerability in Openatom Openharmony
in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through use after free.
network
low complexity
openatom CWE-416
critical
9.8
2024-07-02 CVE-2024-37077 Out-of-bounds Write vulnerability in Openatom Openharmony
in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.
network
low complexity
openatom CWE-787
critical
9.8
2024-07-02 CVE-2024-37185 Out-of-bounds Write vulnerability in Openatom Openharmony
in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.
network
low complexity
openatom CWE-787
critical
9.8
2024-07-02 CVE-2023-41919 Use of Hard-coded Credentials vulnerability in Kiloview P1 Firmware and P2 Firmware
Hardcoded credentials are discovered within the application's source code, creating a potential security risk for unauthorized access.
network
low complexity
kiloview CWE-798
critical
9.8
2024-07-02 CVE-2024-6172 SQL Injection vulnerability in Icegram Email Subscribers & Newsletters
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the db parameter in all versions up to, and including, 5.7.25 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
icegram CWE-89
critical
9.8