Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-03-21 | CVE-2024-1202 | Authentication Bypass by Primary Weakness vulnerability in XPodas Octopod allows Authentication Bypass.This issue affects Octopod: before v1. NOTE: The vendor was contacted and it was learned that the product is not supported. network low complexity critical | 9.8 |
2024-03-13 | CVE-2024-2413 | Intumit SmartRobot uses a fixed encryption key for authentication. | 9.8 |
2024-03-12 | CVE-2024-21334 | Open Management Infrastructure (OMI) Remote Code Execution Vulnerability network low complexity critical | 9.8 |
2024-03-12 | CVE-2024-21400 | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability network high complexity critical | 9.0 |
2024-03-12 | CVE-2023-36554 | Improper Access Control vulnerability in Fortinet Fortimanager A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests. | 9.8 |
2024-03-12 | CVE-2023-42789 | Out-of-bounds Write vulnerability in Fortinet Fortios and Fortiproxy A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests. | 9.8 |
2024-03-12 | CVE-2023-48788 | SQL Injection vulnerability in Fortinet Forticlient Enterprise Management Server A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets. | 9.8 |
2024-03-12 | CVE-2024-28535 | Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.05 Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function. | 9.8 |
2024-03-12 | CVE-2024-28553 | Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.05 Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the entrys parameter fromAddressNat function. | 9.8 |
2024-03-12 | CVE-2022-32257 | Improper Access Control vulnerability in Siemens Sinema Remote Connect Server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). | 9.8 |