Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-20 | CVE-2024-6800 | Improper Verification of Cryptographic Signature vulnerability in Github Enterprise Server An XML signature wrapping vulnerability was present in GitHub Enterprise Server (GHES) when using SAML authentication with specific identity providers utilizing publicly exposed signed federation metadata XML. | 9.8 |
2024-08-20 | CVE-2024-38175 | An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra allows an authenticated attacker to elevate privileges over a network. | 9.6 |
2024-08-20 | CVE-2024-30949 | Integer Overflow or Wraparound vulnerability in Newlib Project Newlib 4.3.0 An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the _gettimeofday function. | 9.8 |
2024-08-20 | CVE-2024-35540 | Cross-site Scripting vulnerability in Typecho A stored cross-site scripting (XSS) vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 9.0 |
2024-08-20 | CVE-2024-43404 | Code Injection vulnerability in Megacord Megabot MEGABOT is a fully customized Discord bot for learning and fun. | 9.8 |
2024-08-20 | CVE-2024-8003 | Deserialization of Untrusted Data vulnerability in Gotribe Gotribe-Admin 1.0 A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. | 9.8 |
2024-08-20 | CVE-2024-8005 | Use of Hard-coded Credentials vulnerability in Demozx GF CMS A vulnerability was found in demozx gf_cms 1.0/1.0.1. | 9.8 |
2024-08-20 | CVE-2024-42336 | Improper Authentication vulnerability in Servision IVG Webmax 1.0.57 Servision - CWE-287: Improper Authentication | 9.8 |
2024-08-20 | CVE-2024-42566 | SQL Injection vulnerability in Arajajyothibabu School Management System School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the password parameter at login.php | 9.8 |
2024-08-20 | CVE-2024-42567 | SQL Injection vulnerability in Arajajyothibabu School Management System School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the sid parameter at /search.php?action=2. | 9.8 |