Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2025-04-08	CVE-2025-24447	Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025 ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user resulting in a High impact to Confidentiality and Integrity. network low complexity adobe critical	9.1
2025-04-08	CVE-2025-30281	ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. network low complexity CWE-284 critical	9.1
2025-04-08	CVE-2025-30282	Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025 ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Authentication vulnerability that could result in arbitrary code execution in the context of the current user. network low complexity adobe critical	9.1
2025-04-08	CVE-2025-22466	Cross-site Scripting vulnerability in Ivanti Endpoint Manager Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to obtain admin privileges. network low complexity ivanti CWE-79 critical	9.6
2025-04-08	CVE-2024-41788	A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). network low complexity CWE-78 critical	9.1
2025-04-08	CVE-2024-41789	A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). network low complexity CWE-78 critical	9.1
2025-04-08	CVE-2024-41790	A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). network low complexity CWE-78 critical	9.1
2025-04-08	CVE-2024-41794	A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). network low complexity CWE-798 critical	10.0
2025-04-08	CVE-2024-54092	A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 (All versions), Industrial Edge Device Kit - arm64 V1.18 (All versions), Industrial Edge Device Kit - arm64 V1.19 (All versions), Industrial Edge Device Kit - arm64 V1.20 (All versions < V1.20.2-1), Industrial Edge Device Kit - arm64 V1.21 (All versions < V1.21.1-1), Industrial Edge Device Kit - x86-64 V1.17 (All versions), Industrial Edge Device Kit - x86-64 V1.18 (All versions), Industrial Edge Device Kit - x86-64 V1.19 (All versions), Industrial Edge Device Kit - x86-64 V1.20 (All versions < V1.20.2-1), Industrial Edge Device Kit - x86-64 V1.21 (All versions < V1.21.1-1), Industrial Edge Own Device (IEOD) (All versions < V1.21.1-1-a), Industrial Edge Virtual Device (All versions < V1.21.1-1-a), SCALANCE LPE9413 (6GK5998-3GS01-2AC2) (All versions), SIMATIC IPC BX-39A Industrial Edge Device (All versions < V3.0), SIMATIC IPC BX-59A Industrial Edge Device (All versions < V3.0), SIMATIC IPC127E Industrial Edge Device (All versions < V3.0), SIMATIC IPC227E Industrial Edge Device (All versions < V3.0), SIMATIC IPC427E Industrial Edge Device (All versions < V3.0), SIMATIC IPC847E Industrial Edge Device (All versions < V3.0). network low complexity critical	9.8
2025-04-08	CVE-2025-27429	SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. network low complexity CWE-94 critical	9.9

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical