Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-10-23 CVE-2024-10291 SQL Injection vulnerability in Zzcms 2023
A vulnerability has been found in ZZCMS 2023 and classified as critical.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8
2024-10-23 CVE-2024-10292 Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023
A vulnerability was found in ZZCMS 2023 and classified as critical.
network
low complexity
zzcms CWE-434
critical
 9.8
9.8
2024-10-23 CVE-2024-10293 Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023
A vulnerability was found in ZZCMS 2023.
network
low complexity
zzcms CWE-434
critical
 9.8
9.8
2024-10-23 CVE-2024-47575 Missing Authentication for Critical Function vulnerability in Fortinet Fortimanager and Fortimanager Cloud
A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests.
network
low complexity
fortinet CWE-306
critical
 9.8
9.8
2024-10-23 CVE-2024-47901 OS Command Injection vulnerability in Siemens products
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)).
network
low complexity
siemens CWE-78
critical
 9.8
9.8
2024-10-23 CVE-2024-47902 Missing Authentication for Critical Function vulnerability in Siemens products
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)).
network
low complexity
siemens CWE-306
critical
 9.8
9.8
2024-10-23 CVE-2024-47903 Unspecified vulnerability in Siemens products
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)).
network
low complexity
siemens
critical
 9.1
9.1
2024-10-23 CVE-2024-10278 SQL Injection vulnerability in Esafenet CDG 5
A vulnerability was found in ESAFENET CDG 5.
network
low complexity
esafenet CWE-89
critical
 9.8
9.8
2024-10-23 CVE-2024-10279 SQL Injection vulnerability in Esafenet CDG 5
A vulnerability was found in ESAFENET CDG 5.
network
low complexity
esafenet CWE-89
critical
 9.8
9.8
2024-10-23 CVE-2024-10277 SQL Injection vulnerability in Esafenet CDG 5
A vulnerability was found in ESAFENET CDG 5 and classified as critical.
network
low complexity
esafenet CWE-89
critical
 9.8
9.8