Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-24 | CVE-2024-44206 | Unspecified vulnerability in Apple products An issue in the handling of URL protocols was addressed with improved logic. | 9.3 |
| 2024-10-23 | CVE-2024-48963 | OS Command Injection vulnerability in Snyk CLI The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. | 9.8 |
| 2024-10-23 | CVE-2024-20424 | OS Command Injection vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to insufficient input validation of certain HTTP requests. | 9.9 |
| 2024-10-23 | CVE-2024-10291 | SQL Injection vulnerability in Zzcms 2023 A vulnerability has been found in ZZCMS 2023 and classified as critical. | 9.8 |
| 2024-10-23 | CVE-2024-10292 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023 A vulnerability was found in ZZCMS 2023 and classified as critical. | 9.8 |
| 2024-10-23 | CVE-2024-10293 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023 A vulnerability was found in ZZCMS 2023. | 9.8 |
| 2024-10-23 | CVE-2024-47575 | Missing Authentication for Critical Function vulnerability in Fortinet Fortimanager and Fortimanager Cloud A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests. | 9.8 |
| 2024-10-23 | CVE-2024-47901 | OS Command Injection vulnerability in Siemens products A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). | 9.8 |
| 2024-10-23 | CVE-2024-47902 | Missing Authentication for Critical Function vulnerability in Siemens products A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). | 9.8 |
| 2024-10-23 | CVE-2024-47903 | Unspecified vulnerability in Siemens products A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). | 9.1 |