Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-15 | CVE-2024-43366 | Infinite Loop vulnerability in Matter-Labs Zkvyper zkvyper is a Vyper compiler. | 9.1 |
| 2024-08-15 | CVE-2024-7839 | SQL Injection vulnerability in Angeljudesuarez Billing System 1.0 A vulnerability classified as critical has been found in itsourcecode Billing System 1.0. | 9.8 |
| 2024-08-15 | CVE-2024-7838 | SQL Injection vulnerability in Kevinwong Online Food Ordering System 1.0 A vulnerability was found in itsourcecode Online Food Ordering System 1.0. | 9.8 |
| 2024-08-15 | CVE-2024-42843 | SQL Injection vulnerability in Projectworlds Online Examination System 1.0 Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php. | 9.8 |
| 2024-08-15 | CVE-2024-42947 | Unspecified vulnerability in Tenda Fh1201 Firmware 1.2.0.14(408) An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows attackers to execute arbitrary commands via a crafted HTTP request. | 9.8 |
| 2024-08-15 | CVE-2024-42966 | Unspecified vulnerability in Totolink N350Rt Firmware 9.3.5U.6139B20201216 Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh. | 9.8 |
| 2024-08-15 | CVE-2024-42967 | Unspecified vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh. | 9.8 |
| 2024-08-15 | CVE-2024-42978 | Unspecified vulnerability in Tenda Fh1206 Firmware V02.03.01.35 An issue in the handler function in /goform/telnet of Tenda FH1206 v02.03.01.35 allows attackers to execute arbitrary commands via a crafted HTTP request. | 9.8 |
| 2024-08-15 | CVE-2024-7833 | Command Injection vulnerability in Dlink Di-8100 Firmware 16.07 A vulnerability was found in D-Link DI-8100 16.07. | 9.8 |
| 2024-08-15 | CVE-2024-7828 | Classic Buffer Overflow vulnerability in Dlink products ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. | 9.8 |