Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-10 | CVE-2024-11639 | Missing Authentication for Critical Function vulnerability in Ivanti Cloud Services Appliance 4.5/4.6/5.0 An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access | 9.8 |
| 2024-12-10 | CVE-2024-47484 | Unspecified vulnerability in Dell Avamar Server Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. | 9.8 |
| 2024-12-09 | CVE-2024-54920 | SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0 A SQL Injection vulnerability was found in /teacher_signup.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the firstname, lastname, and class_id parameters. | 9.8 |
| 2024-12-09 | CVE-2024-52480 | Unspecified vulnerability in Astoundify Jobify Missing Authorization vulnerability in Astoundify Jobify - Job Board WordPress Theme.This issue affects Jobify - Job Board WordPress Theme: from n/a through 4.2.3. | 9.8 |
| 2024-12-09 | CVE-2024-8259 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eryaz Information Technologies NatraCar B2B Dealer Management Program allows SQL Injection.This issue affects NatraCar B2B Dealer Management Program: through 09.12.2024. NOTE: The vendor was contacted and it was learned that the product is not supported. network low complexity critical | 9.8 |
| 2024-12-09 | CVE-2023-22701 | Unspecified vulnerability in Shopfiles Ebook Store Missing Authorization vulnerability in Shopfiles Ltd Ebook Store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ebook Store: from n/a through 5.775. | 9.8 |
| 2024-12-09 | CVE-2023-23834 | Missing Authorization vulnerability in Brainstormforce Spectra Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0. | 9.8 |
| 2024-12-09 | CVE-2023-47805 | Unspecified vulnerability in Themewinter Wpcafe Missing Authorization vulnerability in Themewinter WPCafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCafe: from n/a through 2.2.22. | 9.8 |
| 2024-12-09 | CVE-2023-50903 | Unspecified vulnerability in Wpmet Metform Elementor Contact Form Builder Missing Authorization vulnerability in Wpmet Metform Elementor Contact Form Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Metform Elementor Contact Form Builder: from n/a through 3.4.0. | 9.8 |
| 2024-12-09 | CVE-2023-51353 | Unspecified vulnerability in Supsystic Popup Missing Authorization vulnerability in supsystic.com Popup by Supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup by Supsystic: from n/a through 1.10.19. | 9.8 |