Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-27	CVE-2024-11819	SQL Injection vulnerability in 1000Projects Portfolio Management System MCA 1.0 A vulnerability classified as critical was found in 1000 Projects Portfolio Management System MCA 1.0. network low complexity 1000projects CWE-89 critical	9.8
2024-11-26	CVE-2024-11817	SQL Injection vulnerability in PHPgurukul User Registration & Login and User Management System 1.0 A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0. network low complexity phpgurukul CWE-89 critical	9.8
2024-11-26	CVE-2024-53673	Deserialization of Untrusted Data vulnerability in HPE Insight Remote Support 7.12/7.12.0.529/7.12.0.545 A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code. network low complexity hpe CWE-502 critical	9.8
2024-11-26	CVE-2024-11744	SQL Injection vulnerability in 1000Projects Portfolio Management System MCA 1.0 A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. network low complexity 1000projects CWE-89 critical	9.8
2024-11-26	CVE-2024-11745	Out-of-bounds Write vulnerability in Tenda AC8 Firmware 16.03.34.09 A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. network low complexity tenda CWE-787 critical	9.8
2024-11-26	CVE-2024-49035	Unspecified vulnerability in Microsoft Partner Center An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network. network low complexity microsoft critical	9.8
2024-11-26	CVE-2024-49038	Unspecified vulnerability in Microsoft Copilot Studio Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot Studio by an unauthorized attacker leads to elevation of privilege over a network. network low complexity microsoft critical	9.6
2024-11-26	CVE-2024-49052	Unspecified vulnerability in Microsoft Azure Functions Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network. network low complexity microsoft critical	9.8
2024-11-26	CVE-2024-11680	Incorrect Authorization vulnerability in Projectsend ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. network low complexity projectsend CWE-863 critical	9.8
2024-11-26	CVE-2017-11076	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder. network low complexity qualcomm CWE-119 critical	9.8

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical