Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-09-14 CVE-2024-8862 Deserialization of Untrusted Data vulnerability in H2O 3.46.0.4
A vulnerability, which was classified as critical, has been found in h2oai h2o-3 3.46.0.4.
network
low complexity
h2o CWE-502
critical
 9.8
9.8
2024-09-13 CVE-2024-44430 SQL Injection vulnerability in Mayurik Best Free LAW Office Management 1.0
SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker to execute arbitrary code and obtain sensitive information via a crafted payload to the kortex_lite/control/register_case.php interface
network
low complexity
mayurik CWE-89
critical
 9.8
9.8
2024-09-13 CVE-2024-8782 Path Traversal vulnerability in Heyewei Jfinalcms
A vulnerability was found in JFinalCMS up to 1.0.
network
low complexity
heyewei CWE-22
critical
 9.8
9.8
2024-09-13 CVE-2024-46044 Out-of-bounds Write vulnerability in Tenda Ch22 Firmware 1.0.0.6(468)
CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-09-13 CVE-2024-46045 Out-of-bounds Write vulnerability in Tenda Ch22 Firmware 1.0.0.6(468)
Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-09-13 CVE-2024-46046 Out-of-bounds Write vulnerability in Tenda Fh451 Firmware 1.0.0.9
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-09-13 CVE-2024-46048 Command Injection vulnerability in Tenda Fh451 Firmware 1.0.0.9
Tenda FH451 v1.0.0.9 has a command injection vulnerability in the formexeCommand function i
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2024-09-13 CVE-2024-46049 Out-of-bounds Write vulnerability in Tenda O6 Firmware 1.0.0.7(2054)
Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability in the formexeCommand function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-09-13 CVE-2024-41874 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 2021/2023
ColdFusion versions 2023.9, 2021.15 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2024-09-13 CVE-2024-6656 Use of Hard-coded Credentials vulnerability in Tnbmobil Cockpit
Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable.This issue affects Cockpit Software: before v2.13.
network
low complexity
tnbmobil CWE-798
critical
 9.8
9.8