Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-10-25 CVE-2024-10370 SQL Injection vulnerability in Codezips Sales Management System 1.0
A vulnerability was found in Codezips Sales Management System 1.0.
network
low complexity
codezips CWE-89
critical
 9.8
9.8
2024-10-25 CVE-2024-10371 Classic Buffer Overflow vulnerability in Razormist Payroll Management System 1.0
A vulnerability classified as critical has been found in SourceCodester Payroll Management System 1.0.
network
low complexity
razormist CWE-120
critical
 9.8
9.8
2024-10-24 CVE-2024-10350 SQL Injection vulnerability in Fabianros Hospital Management System 1.0
A vulnerability was found in code-projects Hospital Management System 1.0.
network
low complexity
fabianros CWE-89
critical
 9.8
9.8
2024-10-24 CVE-2024-10349 SQL Injection vulnerability in Mayurik Best House Rental Management System 1.0
A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as critical.
network
low complexity
mayurik CWE-89
critical
 9.8
9.8
2024-10-24 CVE-2024-47883 Path Traversal vulnerability in Openrefine Butterfly
The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework.
network
low complexity
openrefine CWE-22
critical
 9.1
9.1
2024-10-24 CVE-2024-10335 SQL Injection vulnerability in Sadat Garbage Collection Management System 1.0
A vulnerability was found in SourceCodester Garbage Collection Management System 1.0.
network
low complexity
sadat CWE-89
critical
 9.8
9.8
2024-10-24 CVE-2024-10336 SQL Injection vulnerability in Clothes Recommendation System Project Clothes Recommendation System 1.0
A vulnerability was found in SourceCodeHero Clothes Recommendation System 1.0.
network
low complexity
clothes-recommendation-system-project CWE-89
critical
 9.8
9.8
2024-10-24 CVE-2024-44206 Unspecified vulnerability in Apple products
An issue in the handling of URL protocols was addressed with improved logic.
network
low complexity
apple
critical
 9.3
9.3
2024-10-23 CVE-2024-48963 OS Command Injection vulnerability in Snyk CLI
The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project.
network
low complexity
snyk CWE-78
critical
 9.8
9.8
2024-10-23 CVE-2024-20424 OS Command Injection vulnerability in Cisco Secure Firewall Management Center
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to insufficient input validation of certain HTTP requests.
network
low complexity
cisco CWE-78
critical
 9.9
9.9