Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-22	CVE-2024-8807	Unspecified vulnerability in Cohesive Vns3 Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. network low complexity cohesive critical	9.8
2024-11-22	CVE-2023-51638	Unspecified vulnerability in Alltena Allegra Allegra Hard-coded Credentials Authentication Bypass Vulnerability. network low complexity alltena critical	9.8
2024-11-22	CVE-2023-51639	Unspecified vulnerability in Alltena Allegra Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. network low complexity alltena critical	9.8
2024-11-22	CVE-2024-53438	SQL Injection vulnerability in Churchcrm 5.7.0 EventAttendance.php in ChurchCRM 5.7.0 is vulnerable to SQL injection. network low complexity churchcrm CWE-89 critical	9.8
2024-11-22	CVE-2021-38135	Unspecified vulnerability in Microfocus Imanager Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000. network low complexity microfocus critical	9.8
2024-11-22	CVE-2023-24466	Unspecified vulnerability in Microfocus Imanager Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200. network low complexity microfocus critical	9.8
2024-11-22	CVE-2023-24467	Unspecified vulnerability in Microfocus Imanager Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000. network low complexity microfocus critical	9.8
2024-11-22	CVE-2024-52723	OS Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.1041B20240224 In TOTOLINK X6000R V9.4.0cu.1041_B20240224 in the shttpd file, the Uci_Set Str function is used without strict parameter filtering. network low complexity totolink CWE-78 critical	9.8
2024-11-22	CVE-2024-41779	IBM Engineering Systems Design Rhapsody - Model Manager 7.0.2 and 7.0.3 could allow a remote attacker to bypass security restrictions, caused by a race condition. network low complexity CWE-367 critical	9.8
2024-11-21	CVE-2024-52053	Unspecified vulnerability in Wowza Streaming Engine Stored Cross-Site Scripting in the Manager component of Wowza Streaming Engine below 4.9.1 allows an unauthenticated attacker to inject client-side JavaScript into the web dashboard to automatically hijack admin accounts. network low complexity wowza critical	9.6

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical