Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-31 | CVE-2024-10601 | SQL Injection vulnerability in Tongda2000 Office Anywhere 2017 A vulnerability has been found in Tongda OA 2017 up to 11.10 and classified as critical. | 9.8 |
2024-10-31 | CVE-2024-10595 | SQL Injection vulnerability in Esafenet CDG 5 A vulnerability was found in ESAFENET CDG 5. | 9.8 |
2024-10-31 | CVE-2024-10597 | SQL Injection vulnerability in Esafenet CDG 5 A vulnerability classified as critical has been found in ESAFENET CDG 5. | 9.8 |
2024-10-31 | CVE-2024-10392 | The AI Power: Complete AI Pack plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_image_upload' function in all versions up to, and including, 1.8.89. | 9.8 |
2024-10-31 | CVE-2024-10561 | SQL Injection vulnerability in Codezips PET Shop Management System 1.0 A vulnerability was found in Codezips Pet Shop Management System 1.0. | 9.8 |
2024-10-31 | CVE-2024-10556 | SQL Injection vulnerability in Codezips PET Shop Management System 1.0 A vulnerability, which was classified as critical, was found in Codezips Pet Shop Management System 1.0. | 9.8 |
2024-10-30 | CVE-2024-31151 | Use of Hard-coded Credentials vulnerability in Level1 Wbr-6012 Firmware R0.40E6 A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. | 9.8 |
2024-10-30 | CVE-2024-10525 | Out-of-bounds Write vulnerability in Eclipse Mosquitto In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. | 9.8 |
2024-10-30 | CVE-2024-8512 | The W3SPEEDSTER plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 7.26 via the 'script' parameter of the hookBeforeStartOptimization() function. | 9.1 |
2024-10-30 | CVE-2024-10507 | SQL Injection vulnerability in Codezips Free Exam Hall Seating Management System 1.0 A vulnerability classified as critical was found in Codezips Free Exam Hall Seating Management System 1.0. | 9.8 |