Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-25 | CVE-2024-5805 | Improper Authentication vulnerability in Progress Moveit Gateway 2024.0 Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0. | 9.1 |
2024-06-25 | CVE-2024-5806 | Unspecified vulnerability in Progress Moveit Transfer Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2. | 9.8 |
2024-06-25 | CVE-2024-4641 | Use of Externally-Controlled Format String vulnerability in Moxa products OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to accepting a format string from an external source as an argument. | 9.8 |
2024-06-25 | CVE-2024-4196 | Unspecified vulnerability in Avaya IP Office An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. | 9.8 |
2024-06-25 | CVE-2024-4197 | Unrestricted Upload of File with Dangerous Type vulnerability in Avaya IP Office An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. | 9.8 |
2024-06-24 | CVE-2024-33879 | Path Traversal vulnerability in Virtosoftware Sharepoint Bulk File Download 5.5.44 An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. | 9.8 |
2024-06-24 | CVE-2024-37228 | Unspecified vulnerability in Instawp Connect Improper Control of Generation of Code ('Code Injection') vulnerability in InstaWP Team InstaWP Connect allows Code Injection.This issue affects InstaWP Connect: from n/a through 0.1.0.38. | 9.8 |
2024-06-24 | CVE-2024-37231 | Unspecified vulnerability in Salonbookingsystem Salon Booking System Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through 9.9. | 9.1 |
2024-06-24 | CVE-2024-37089 | Unspecified vulnerability in Stylemixthemes Consulting Elementor Widgets Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0. | 9.8 |
2024-06-24 | CVE-2024-6280 | Unspecified vulnerability in Oretnom23 Simple Online Bidding System 1.0 A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. | 9.8 |