Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-06-30 CVE-2024-6416 Unspecified vulnerability in Seacms 12.9
A vulnerability was found in SeaCMS 12.9.
network
low complexity
seacms
critical
9.8
2024-06-29 CVE-2024-25943 Unspecified vulnerability in Dell Idrac9
iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th Generations, contains a session hijacking vulnerability in IPMI.
network
low complexity
dell
critical
9.8
2024-06-28 CVE-2024-37371 In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.
network
low complexity
mit debian
critical
9.1
2024-06-28 CVE-2024-6402 Out-of-bounds Write vulnerability in Tendacn A301 Firmware 15.13.08.12
A vulnerability classified as critical was found in Tenda A301 15.13.08.12.
network
low complexity
tendacn CWE-787
critical
9.8
2024-06-28 CVE-2024-6403 Out-of-bounds Write vulnerability in Tendacn A301 Firmware 15.13.08.12
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12.
network
low complexity
tendacn CWE-787
critical
9.8
2024-06-28 CVE-2024-39704 Injection vulnerability in Unknown-Corp Melty Blood Actress Again Current Code
Soft Circle French-Bread Melty Blood: Actress Again: Current Code through 1.07 Rev.
network
low complexity
unknown-corp CWE-74
critical
9.8
2024-06-28 CVE-2024-3816 SQL Injection vulnerability in Conceptintermedia S@M CMS
Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to a blind SQL Injection executed using the search bar.  Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears.
network
low complexity
conceptintermedia CWE-89
critical
9.8
2024-06-28 CVE-2024-39349 Classic Buffer Overflow vulnerability in Synology Bc500 Firmware and Tc500 Firmware
A vulnerability regarding buffer copy without checking size of input ('Classic Buffer Overflow') is found in the libjansson component and it does not affect the upstream library.
network
low complexity
synology CWE-120
critical
9.8
2024-06-27 CVE-2024-5751 Unspecified vulnerability in Litellm 1.35.8
BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution.
network
low complexity
litellm
critical
9.8
2024-06-27 CVE-2024-35260 Unspecified vulnerability in Microsoft Power Platform
An authenticated attacker can exploit an untrusted search path vulnerability in Microsoft Dataverse to execute code over a network.
network
low complexity
microsoft
critical
9.8