Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-11 | CVE-2024-45790 | Improper Restriction of Excessive Authentication Attempts vulnerability in Reedos Aim-Star 2.0.1 This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing restrictions for excessive failed authentication attempts on its API based login. | 9.8 |
| 2024-09-11 | CVE-2024-6091 | OS Command Injection vulnerability in Agpt Autogpt 0.5.1 A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. | 9.8 |
| 2024-09-11 | CVE-2024-8277 | Missing Authentication for Critical Function vulnerability in Villatheme Woocommerce Photo Reviews The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2. | 9.8 |
| 2024-09-10 | CVE-2024-8191 | SQL Injection vulnerability in Ivanti Endpoint Manager SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution. | 9.8 |
| 2024-09-10 | CVE-2024-45409 | Improper Verification of Cryptographic Signature vulnerability in multiple products The Ruby SAML library is for implementing the client side of a SAML authorization. | 9.8 |
| 2024-09-10 | CVE-2024-21416 | Unspecified vulnerability in Microsoft products Windows TCP/IP Remote Code Execution Vulnerability | 9.8 |
| 2024-09-10 | CVE-2024-37341 | Unspecified vulnerability in Microsoft products Microsoft SQL Server Elevation of Privilege Vulnerability | 9.8 |
| 2024-09-10 | CVE-2024-38194 | Unspecified vulnerability in Microsoft Azure web Apps An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network. | 9.9 |
| 2024-09-10 | CVE-2024-38216 | Unspecified vulnerability in Microsoft Azure Stack HUB Azure Stack Hub Elevation of Privilege Vulnerability | 9.0 |
| 2024-09-10 | CVE-2024-38220 | Unspecified vulnerability in Microsoft Azure Stack HUB Azure Stack Hub Elevation of Privilege Vulnerability | 9.0 |