Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-20 | CVE-2024-9009 | SQL Injection vulnerability in Fabianros Online Quiz Site 1.0 A vulnerability, which was classified as critical, has been found in code-projects Online Quiz Site 1.0. | 9.8 |
| 2024-09-19 | CVE-2023-27584 | Use of Hard-coded Credentials vulnerability in D7Y Dragonfly Dragonfly is an open source P2P-based file distribution and image acceleration system. | 9.8 |
| 2024-09-19 | CVE-2024-46983 | Unspecified vulnerability in Antfin Sofa-Hessian sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. | 9.8 |
| 2024-09-19 | CVE-2024-46984 | XXE vulnerability in Gematik Reference Validator The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. | 9.8 |
| 2024-09-19 | CVE-2024-9008 | SQL Injection vulnerability in Best Online News Portal Project Best Online News Portal 1.0 A vulnerability classified as critical was found in SourceCodester Best Online News Portal 1.0. | 9.8 |
| 2024-09-19 | CVE-2024-9004 | OS Command Injection vulnerability in Dlink Dar-7000 Firmware A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. | 9.8 |
| 2024-09-19 | CVE-2024-33109 | Path Traversal vulnerability in multiple products Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function. | 9.8 |
| 2024-09-19 | CVE-2024-40125 | Unrestricted Upload of File with Dangerous Type vulnerability in Closed-Loop Cless Server 4.5.2 An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to execute arbitrary code via uploading a crafted PHP file to the upload endpoint. | 9.8 |
| 2024-09-19 | CVE-2024-8963 | Path Traversal vulnerability in Ivanti Endpoint Manager Cloud Services Appliance 4.6 Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. | 9.1 |
| 2024-09-19 | CVE-2024-31570 | Out-of-bounds Write vulnerability in Freeimage Project Freeimage libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file. | 9.8 |