Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-18 | CVE-2024-52434 | Code Injection vulnerability in Supsystic Popup Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic Popup by Supsystic allows Command Injection.This issue affects Popup by Supsystic: from n/a through 1.10.29. | 9.1 |
2024-11-18 | CVE-2024-42383 | Unspecified vulnerability in Cesanta Mongoose Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field. | 9.8 |
2024-11-15 | CVE-2024-11256 | SQL Injection vulnerability in 1000Projects Portfolio Management System MCA 1.0 A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. | 9.8 |
2024-11-15 | CVE-2024-11257 | SQL Injection vulnerability in 1000Projects Beauty Parlour Management System 1.0 A vulnerability classified as critical has been found in 1000 Projects Beauty Parlour Management System 1.0. | 9.8 |
2024-11-15 | CVE-2024-11258 | SQL Injection vulnerability in 1000Projects Beauty Parlour Management System 1.0 A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. | 9.8 |
2024-11-15 | CVE-2024-11250 | SQL Injection vulnerability in Code-Projects Inventory Management 1.0 A vulnerability was found in code-projects Inventory Management up to 1.0. | 9.8 |
2024-11-15 | CVE-2024-11244 | SQL Injection vulnerability in Anisha Farmacia 1.0 A vulnerability classified as critical was found in code-projects Farmacia 1.0. | 9.8 |
2024-11-15 | CVE-2024-11237 | Out-of-bounds Write vulnerability in Tp-Link Vn020-F3V(T) Firmware Ttv6.2.1021 A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. | 9.8 |
2024-11-15 | CVE-2021-3838 | Unspecified vulnerability in Dompdf Project Dompdf DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the file_get_contents() function. | 9.8 |
2024-11-15 | CVE-2021-3902 | Unspecified vulnerability in Dompdf Project Dompdf An improper restriction of external entities (XXE) vulnerability in dompdf/dompdf's SVG parser allows for Server-Side Request Forgery (SSRF) and deserialization attacks. | 9.8 |