Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-05 | CVE-2024-12187 | SQL Injection vulnerability in 1000Projects Library Management System 1.0 A vulnerability was found in 1000 Projects Library Management System 1.0. | 9.8 |
| 2024-12-05 | CVE-2024-12188 | SQL Injection vulnerability in 1000Projects Library Management System 1.0 A vulnerability was found in 1000 Projects Library Management System 1.0. | 9.8 |
| 2024-12-03 | CVE-2024-25020 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Cognos Controller 11.0.0/11.0.1 IBM Cognos Controller 11.0.0 and 11.0.1 is vulnerable to malicious file upload by allowing unrestricted filetype attachments in the Journal entry page. | 9.8 |
| 2024-12-03 | CVE-2024-25019 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Cognos Controller 11.0.0/11.0.1 IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not validating the type of file uploaded to Journal entry attachments. | 9.8 |
| 2024-12-03 | CVE-2024-40691 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Cognos Controller 11.0.0/11.0.1 IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. | 9.8 |
| 2024-12-02 | CVE-2018-9418 | Out-of-bounds Write vulnerability in Google Android In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack buffer overflow due to a missing bounds check. | 9.8 |
| 2024-12-02 | CVE-2018-9430 | Out-of-bounds Write vulnerability in Google Android In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. | 9.8 |
| 2024-12-02 | CVE-2024-46909 | Unspecified vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account. | 9.8 |
| 2024-12-01 | CVE-2024-12007 | SQL Injection vulnerability in Code-Projects Farmacia 1.0 A vulnerability, which was classified as critical, was found in code-projects Farmacia 1.0. | 9.8 |
| 2024-11-29 | CVE-2024-49803 | IBM Security Verify Access Appliance 10.0.0 through 10.0.8 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 9.8 |