Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-11-21 CVE-2024-11592 SQL Injection vulnerability in 1000Projects Beauty Parlour Management System 1.0
A vulnerability has been found in 1000 Projects Beauty Parlour Management System 1.0 and classified as critical.
network
low complexity
1000projects CWE-89
critical
9.8
2024-11-21 CVE-2024-11591 SQL Injection vulnerability in 1000Projects Beauty Parlour Management System 1.0
A vulnerability, which was classified as critical, was found in 1000 Projects Beauty Parlour Management System 1.0.
network
low complexity
1000projects CWE-89
critical
9.8
2024-11-21 CVE-2024-11590 SQL Injection vulnerability in 1000Projects Bookstore Management System 1.0
A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0.
network
low complexity
1000projects CWE-89
critical
9.8
2024-11-21 CVE-2024-11320 Command Injection vulnerability in Pandorafms Pandora FMS
Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism.
network
low complexity
pandorafms CWE-77
critical
9.8
2024-11-21 CVE-2024-51151 Command Injection vulnerability in Dlink Di-8200 Firmware 16.07.26A1
D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm function via the flag parameter and cmd parameter.
network
low complexity
dlink CWE-77
critical
9.8
2024-11-20 CVE-2024-52677 Unrestricted Upload of File with Dangerous Type vulnerability in Hkcms
HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common/library/Upload.php.
network
low complexity
hkcms CWE-434
critical
9.8
2024-11-20 CVE-2024-52765 Unspecified vulnerability in H3C Gr-1800Ax Firmware Minigrw1B0V100R007
H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter.
network
low complexity
h3c
critical
9.8
2024-11-20 CVE-2018-9478 Out-of-bounds Write vulnerability in Google Android
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check.
network
low complexity
google CWE-787
critical
9.8
2024-11-20 CVE-2018-9479 Out-of-bounds Write vulnerability in Google Android
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check.
network
low complexity
google CWE-787
critical
9.8
2024-11-20 CVE-2024-10094 Code Injection vulnerability in Pega Infinity
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code
network
low complexity
pega CWE-94
critical
9.8