Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-17 | CVE-2024-43976 | SQL Injection vulnerability in Superstorefinder Super Store Finder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder allows SQL Injection.This issue affects Super Store Finder: from n/a through 6.9.7. | 9.8 |
| 2024-09-17 | CVE-2024-43978 | SQL Injection vulnerability in Superstorefinder Super Store Finder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder allows SQL Injection.This issue affects Super Store Finder: from n/a before 6.9.8. | 9.8 |
| 2024-09-17 | CVE-2024-44004 | SQL Injection vulnerability in Wptaskforce Track & Trace Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPTaskForce WPCargo Track & Trace allows SQL Injection.This issue affects WPCargo Track & Trace: from n/a through 7.0.6. | 9.8 |
| 2024-09-17 | CVE-2024-8957 | OS Command Injection vulnerability in Ptzoptics Pt30X-Ndi-Xx-G2 Firmware and Pt30X-Sdi Firmware PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. | 9.8 |
| 2024-09-17 | CVE-2024-8956 | Improper Authentication vulnerability in Ptzoptics Pt30X-Ndi-Xx-G2 Firmware and Pt30X-Sdi Firmware PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. | 9.1 |
| 2024-09-17 | CVE-2024-38183 | Unspecified vulnerability in Microsoft Groupme An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network. | 9.8 |
| 2024-09-17 | CVE-2024-38812 | Out-of-bounds Write vulnerability in VMWare Vcenter Server 7.0/8.0 The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution. | 9.8 |
| 2024-09-17 | CVE-2024-38813 | Improper Check for Dropped Privileges vulnerability in VMWare Vcenter Server 7.0/8.0 The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet. | 9.8 |
| 2024-09-17 | CVE-2024-45682 | OS Command Injection vulnerability in Millbeck Proroute H685T-W Firmware 3.2.334 There is a command injection vulnerability that may allow an attacker to inject malicious input on the device's operating system. | 9.8 |
| 2024-09-17 | CVE-2024-8944 | SQL Injection vulnerability in Fabianros Hospital Management System 1.0 A vulnerability, which was classified as critical, was found in code-projects Hospital Management System 1.0. | 9.8 |