Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-03 | CVE-2024-25019 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Cognos Controller 11.0.0/11.0.1 IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not validating the type of file uploaded to Journal entry attachments. | 9.8 |
| 2024-12-03 | CVE-2024-40691 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Cognos Controller 11.0.0/11.0.1 IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. | 9.8 |
| 2024-12-03 | CVE-2024-49415 | Out-of-bounds Write vulnerability in Samsung Android 12.0/13.0 Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code. | 9.8 |
| 2024-12-02 | CVE-2018-9418 | Out-of-bounds Write vulnerability in Google Android In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack buffer overflow due to a missing bounds check. | 9.8 |
| 2024-12-02 | CVE-2018-9430 | Out-of-bounds Write vulnerability in Google Android In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. | 9.8 |
| 2024-12-02 | CVE-2024-46909 | Unspecified vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account. | 9.8 |
| 2024-12-01 | CVE-2024-12007 | SQL Injection vulnerability in Code-Projects Farmacia 1.0 A vulnerability, which was classified as critical, was found in code-projects Farmacia 1.0. | 9.8 |
| 2024-11-29 | CVE-2024-49805 | Use of Hard-coded Credentials vulnerability in IBM Security Verify Access IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2024-11-29 | CVE-2024-49806 | Use of Hard-coded Credentials vulnerability in IBM Security Verify Access IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2024-11-28 | CVE-2024-11970 | SQL Injection vulnerability in Anisha Concert Ticket Ordering System 1.0 A vulnerability classified as critical has been found in code-projects Concert Ticket Ordering System 1.0. | 9.8 |