Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-14 | CVE-2024-7794 | SQL Injection vulnerability in Adrianmercurio Vehicle Management System 1.0 A vulnerability was found in itsourcecode Vehicle Management System 1.0. | 9.8 |
| 2024-08-14 | CVE-2024-42360 | Command Injection vulnerability in Wurmlab Sequenceserver SequenceServer lets you rapidly set up a BLAST+ server with an intuitive user interface for personal or group use. | 9.8 |
| 2024-08-14 | CVE-2024-5914 | Command Injection vulnerability in Paloaltonetworks Cortex Xsoar Commonscripts A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container. | 9.8 |
| 2024-08-14 | CVE-2024-39397 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. | 9.0 |
| 2024-08-14 | CVE-2024-7731 | SQL Injection vulnerability in Secom Dr.Id Access Control 3.3.2 Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents. | 9.8 |
| 2024-08-14 | CVE-2024-7732 | SQL Injection vulnerability in Secom Dr.Id Attendance System 3.3.0.320160517/3.4.0.0.3.11 Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents. | 9.8 |
| 2024-08-14 | CVE-2024-38652 | Path Traversal vulnerability in Ivanti Avalanche Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion. | 9.1 |
| 2024-08-13 | CVE-2024-28986 | Deserialization of Untrusted Data vulnerability in Solarwinds web Help Desk SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. | 9.8 |
| 2024-08-13 | CVE-2024-7748 | Unspecified vulnerability in Remyandrade Accounts Manager APP 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Accounts Manager App 1.0. | 9.8 |
| 2024-08-13 | CVE-2024-7742 | Server-Side Request Forgery (SSRF) vulnerability in Ltcms 1.0.20 A vulnerability was found in wanglongcn ltcms 1.0.20. | 9.8 |