Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-15	CVE-2024-9986	SQL Injection vulnerability in Fabianros Blood Bank Management System 1.0 A vulnerability was found in code-projects Blood Bank Management System 1.0. network low complexity fabianros CWE-89 critical	9.8
2024-10-15	CVE-2024-45275	The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices. network low complexity mbconnectline helmholz critical	9.8
2024-10-15	CVE-2024-49388	Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 16 Sensitive information manipulation due to improper authorization. network low complexity acronis CWE-639 critical	9.1
2024-10-15	CVE-2024-9976	SQL Injection vulnerability in Code-Projects Pharmacy Management System 1.0 A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. network low complexity code-projects CWE-89 critical	9.8
2024-10-15	CVE-2024-47945	Insufficient Entropy vulnerability in Rittal products The devices are vulnerable to session hijacking due to insufficient entropy in its session ID generation algorithm. network low complexity rittal CWE-331 critical	9.8
2024-10-15	CVE-2024-9973	SQL Injection vulnerability in Oretnom23 Online Eyewear Shop 1.0 A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. network low complexity oretnom23 CWE-89 critical	9.8
2024-10-15	CVE-2024-9974	SQL Injection vulnerability in Oretnom23 Online Eyewear Shop 1.0 A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. network low complexity oretnom23 CWE-89 critical	9.8
2024-10-15	CVE-2024-9925	SQL Injection vulnerability in Taismartfactory Qplant SF 1.0 SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. network low complexity taismartfactory CWE-89 critical	9.8
2024-10-15	CVE-2024-9984	Missing Authentication for Critical Function vulnerability in Ragic Enterprise Cloud Database Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie. network low complexity ragic CWE-306 critical	9.8
2024-10-15	CVE-2024-9985	Unrestricted Upload of File with Dangerous Type vulnerability in Ragic Enterprise Cloud Database Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. network low complexity ragic CWE-434 critical	9.8

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical