Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-27 | CVE-2024-9369 | Improper Validation of Specified Quantity in Input vulnerability in Google Chrome Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. | 9.6 |
| 2024-11-27 | CVE-2024-11667 | Path Traversal vulnerability in Zyxel ZLD A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL. | 9.8 |
| 2024-11-27 | CVE-2024-53676 | Path Traversal vulnerability in HPE Insight Remote Support A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may allow remote code execution. | 9.8 |
| 2024-11-27 | CVE-2024-11818 | SQL Injection vulnerability in PHPgurukul User Registration & Login and User Management System 1.0 A vulnerability classified as critical has been found in PHPGurukul User Registration & Login and User Management System 1.0. | 9.8 |
| 2024-11-27 | CVE-2024-11819 | SQL Injection vulnerability in 1000Projects Portfolio Management System MCA 1.0 A vulnerability classified as critical was found in 1000 Projects Portfolio Management System MCA 1.0. | 9.8 |
| 2024-11-26 | CVE-2024-11817 | SQL Injection vulnerability in PHPgurukul User Registration & Login and User Management System 1.0 A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0. | 9.8 |
| 2024-11-26 | CVE-2024-53673 | Deserialization of Untrusted Data vulnerability in HPE Insight Remote Support 7.12/7.12.0.529/7.12.0.545 A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code. | 9.8 |
| 2024-11-26 | CVE-2024-11744 | SQL Injection vulnerability in 1000Projects Portfolio Management System MCA 1.0 A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. | 9.8 |
| 2024-11-26 | CVE-2024-11745 | Out-of-bounds Write vulnerability in Tenda AC8 Firmware 16.03.34.09 A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. | 9.8 |
| 2024-11-26 | CVE-2024-49035 | Unspecified vulnerability in Microsoft Partner Center An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network. | 9.8 |