Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-30 | CVE-2024-6416 | Unspecified vulnerability in Seacms 12.9 A vulnerability was found in SeaCMS 12.9. | 9.8 |
2024-06-29 | CVE-2024-25943 | Unspecified vulnerability in Dell Idrac9 iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th Generations, contains a session hijacking vulnerability in IPMI. | 9.8 |
2024-06-28 | CVE-2024-37371 | In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. | 9.1 |
2024-06-28 | CVE-2024-6402 | Out-of-bounds Write vulnerability in Tendacn A301 Firmware 15.13.08.12 A vulnerability classified as critical was found in Tenda A301 15.13.08.12. | 9.8 |
2024-06-28 | CVE-2024-6403 | Out-of-bounds Write vulnerability in Tendacn A301 Firmware 15.13.08.12 A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12. | 9.8 |
2024-06-28 | CVE-2024-39704 | Injection vulnerability in Unknown-Corp Melty Blood Actress Again Current Code Soft Circle French-Bread Melty Blood: Actress Again: Current Code through 1.07 Rev. | 9.8 |
2024-06-28 | CVE-2024-3816 | SQL Injection vulnerability in Conceptintermedia S@M CMS Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to a blind SQL Injection executed using the search bar. Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears. | 9.8 |
2024-06-28 | CVE-2024-39349 | Classic Buffer Overflow vulnerability in Synology Bc500 Firmware and Tc500 Firmware A vulnerability regarding buffer copy without checking size of input ('Classic Buffer Overflow') is found in the libjansson component and it does not affect the upstream library. | 9.8 |
2024-06-27 | CVE-2024-5751 | Unspecified vulnerability in Litellm 1.35.8 BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. | 9.8 |
2024-06-27 | CVE-2024-35260 | Unspecified vulnerability in Microsoft Power Platform An authenticated attacker can exploit an untrusted search path vulnerability in Microsoft Dataverse to execute code over a network. | 9.8 |