Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-10 | CVE-2024-54034 | Unspecified vulnerability in Adobe Connect Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. | 9.3 |
| 2024-12-10 | CVE-2024-54036 | Unspecified vulnerability in Adobe Connect Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 9.3 |
| 2024-12-10 | CVE-2024-11639 | Missing Authentication for Critical Function vulnerability in Ivanti Cloud Services Appliance 4.5/4.6/5.0 An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access | 9.8 |
| 2024-12-10 | CVE-2024-47484 | Unspecified vulnerability in Dell Avamar Server Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. | 9.8 |
| 2024-12-09 | CVE-2024-54920 | SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0 A SQL Injection vulnerability was found in /teacher_signup.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the firstname, lastname, and class_id parameters. | 9.8 |
| 2024-12-09 | CVE-2024-52480 | Unspecified vulnerability in Astoundify Jobify Missing Authorization vulnerability in Astoundify Jobify - Job Board WordPress Theme.This issue affects Jobify - Job Board WordPress Theme: from n/a through 4.2.3. | 9.8 |
| 2024-12-09 | CVE-2024-8259 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eryaz Information Technologies NatraCar B2B Dealer Management Program allows SQL Injection.This issue affects NatraCar B2B Dealer Management Program: through 09.12.2024. NOTE: The vendor was contacted and it was learned that the product is not supported. network low complexity critical | 9.8 |
| 2024-12-09 | CVE-2024-12352 | Out-of-bounds Write vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 A vulnerability classified as problematic was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. | 9.8 |
| 2024-12-08 | CVE-2024-12344 | Out-of-bounds Write vulnerability in Tp-Link Vn020 F3V Firmware 6.2.1021 A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. | 9.8 |
| 2024-12-06 | CVE-2024-38921 | Use After Free vulnerability in Openrobotics Robot Operating System 2 Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. | 9.8 |