Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-11-03 CVE-2024-10731 SQL Injection vulnerability in Tongda2000 Office Anywhere 11.10
A vulnerability, which was classified as critical, was found in Tongda OA up to 11.10.
network
low complexity
tongda2000 CWE-89
critical
9.8
2024-11-03 CVE-2024-10730 SQL Injection vulnerability in Tongda2000 Office Anywhere
A vulnerability, which was classified as critical, has been found in Tongda OA up to 11.6.
network
low complexity
tongda2000 CWE-89
critical
9.8
2024-11-02 CVE-2024-10702 SQL Injection vulnerability in Fabinros Simple CAR Rental System 1.0
A vulnerability classified as critical has been found in code-projects Simple Car Rental System 1.0.
network
low complexity
fabinros CWE-89
critical
9.8
2024-11-02 CVE-2024-10700 SQL Injection vulnerability in Anisha University Event Management System 1.0
A vulnerability was found in code-projects University Event Management System 1.0.
network
low complexity
anisha CWE-89
critical
9.8
2024-11-02 CVE-2024-10699 SQL Injection vulnerability in Anisha Wazifa System 1.0
A vulnerability was found in code-projects Wazifa System 1.0.
network
low complexity
anisha CWE-89
critical
9.8
2024-11-02 CVE-2024-10698 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.19
A vulnerability was found in Tenda AC6 15.03.05.19 and classified as critical.
network
low complexity
tenda CWE-787
critical
9.8
2024-11-02 CVE-2024-10697 Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.19
A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical.
network
low complexity
tenda CWE-77
critical
9.8
2024-11-01 CVE-2024-51252 OS Command Injection vulnerability in Draytek Vigor3900 Firmware 1.5.1.3
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the restore function.
network
low complexity
draytek CWE-78
critical
9.8
2024-11-01 CVE-2024-51431 Use of Hard-coded Credentials vulnerability in Lb-Link Bl-Wr1300H Firmware 1.0.4
LB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials stored in /etc/shadow which are easily guessable.
network
low complexity
lb-link CWE-798
critical
9.8
2024-11-01 CVE-2024-10659 SQL Injection vulnerability in Esafenet CDG 5
A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5.
network
low complexity
esafenet CWE-89
critical
9.8