Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-17 | CVE-2024-8956 | Improper Authentication vulnerability in Ptzoptics Pt30X-Ndi-Xx-G2 Firmware and Pt30X-Sdi Firmware PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. | 9.1 |
| 2024-09-17 | CVE-2024-38812 | Out-of-bounds Write vulnerability in VMWare Vcenter Server 7.0/8.0 The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution. | 9.8 |
| 2024-09-17 | CVE-2024-38813 | Improper Check for Dropped Privileges vulnerability in VMWare Vcenter Server 7.0/8.0 The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet. | 9.8 |
| 2024-09-17 | CVE-2024-45682 | OS Command Injection vulnerability in Millbeck Proroute H685T-W Firmware 3.2.334 There is a command injection vulnerability that may allow an attacker to inject malicious input on the device's operating system. | 9.8 |
| 2024-09-17 | CVE-2024-8944 | SQL Injection vulnerability in Fabianros Hospital Management System 1.0 A vulnerability, which was classified as critical, was found in code-projects Hospital Management System 1.0. | 9.8 |
| 2024-09-17 | CVE-2021-27915 | Cross-site Scripting vulnerability in Acquia Mautic Prior to the patched version, there is an XSS vulnerability in the description fields within the Mautic application which could be exploited by a logged in user of Mautic with the appropriate permissions. This could lead to the user having elevated access to the system. | 9.0 |
| 2024-09-17 | CVE-2024-44146 | Unspecified vulnerability in Apple Macos A logic issue was addressed with improved file handling. | 10.0 |
| 2024-09-17 | CVE-2024-44148 | Unspecified vulnerability in Apple Macos This issue was addressed with improved validation of file attributes. | 10.0 |
| 2024-09-16 | CVE-2024-44623 | Code Injection vulnerability in SPX Graphics Controller An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function. | 9.8 |
| 2024-09-16 | CVE-2024-6401 | SQL Injection vulnerability in SFS Insuree GL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting InsureE GL allows SQL Injection.This issue affects InsureE GL: before 4.6.2. | 9.8 |