Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-10-10 CVE-2024-47167 Server-Side Request Forgery (SSRF) vulnerability in Gradio Project Gradio
Gradio is an open-source Python package designed for quick prototyping.
network
low complexity
gradio-project CWE-918
critical
 9.8
9.8
2024-10-10 CVE-2024-9487 Improper Verification of Cryptographic Signature vulnerability in Github Enterprise Server
An improper verification of cryptographic signature vulnerability was identified in GitHub Enterprise Server that allowed SAML SSO authentication to be bypassed resulting in unauthorized provisioning of users and access to the instance.
network
low complexity
github CWE-347
critical
 9.1
9.1
2024-10-10 CVE-2024-9814 SQL Injection vulnerability in Codezips Pharmacy Management System 1.0
A vulnerability, which was classified as critical, was found in Codezips Pharmacy Management System 1.0.
network
low complexity
codezips CWE-89
critical
 9.8
9.8
2024-10-10 CVE-2024-9811 SQL Injection vulnerability in Code-Projects Restaurant Reservation System 1.0
A vulnerability classified as critical has been found in code-projects Restaurant Reservation System 1.0.
network
low complexity
code-projects CWE-89
critical
 9.8
9.8
2024-10-10 CVE-2024-9812 SQL Injection vulnerability in Code-Projects Crud Operation System 1.0
A vulnerability classified as critical was found in code-projects Crud Operation System 1.0.
network
low complexity
code-projects CWE-89
critical
 9.8
9.8
2024-10-10 CVE-2024-9813 SQL Injection vulnerability in Codezips Pharmacy Management System 1.0
A vulnerability, which was classified as critical, has been found in Codezips Pharmacy Management System 1.0.
network
low complexity
codezips CWE-89
critical
 9.8
9.8
2024-10-10 CVE-2024-47636 Deserialization of Untrusted Data vulnerability in Eyecix Jobsearch WP JOB Board
Deserialization of Untrusted Data vulnerability in Eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.9.
network
low complexity
eyecix CWE-502
critical
 9.8
9.8
2024-10-10 CVE-2024-9793 OS Command Injection vulnerability in Tenda Ac1206 Firmware 15.03.06.23
A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2024-10-10 CVE-2024-9794 Unrestricted Upload of File with Dangerous Type vulnerability in Codezips Online Shopping Portal 1.0
A vulnerability, which was classified as critical, has been found in Codezips Online Shopping Portal 1.0.
network
low complexity
codezips CWE-434
critical
 9.8
9.8
2024-10-10 CVE-2024-9201 SQL Injection vulnerability in Seur
The SEUR plugin, in its versions prior to 2.5.11, is vulnerable to time-based SQL injection through the use of the ‘id_order’ parameter of the ‘/modules/seur/ajax/saveCodFee.php’ endpoint.
network
low complexity
seur CWE-89
critical
 9.8
9.8