VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Critical
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-02-20
CVE-2024-1297
Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to OS Command Injection.
network
low complexity
CWE-94
critical
10.0
10
2024-02-20
CVE-2024-1644
Suite CRM version 7.14.2 allows including local php files.
network
low complexity
CWE-434
critical
9.9
9.9
2024-02-20
CVE-2024-1651
Torrentpier version 2.4.1 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to insecure deserialization.
network
low complexity
CWE-502
critical
10.0
10
2024-02-19
CVE-2024-1597
SQL Injection vulnerability in multiple products
pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE.
network
low complexity
postgresql
fedoraproject
CWE-89
critical
9.8
9.8
2024-02-15
CVE-2023-40057
Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability.
low complexity
solarwinds
CWE-502
critical
9.0
9.0
2024-02-15
CVE-2024-23476
Path Traversal vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability.
low complexity
solarwinds
CWE-22
critical
9.6
9.6
2024-02-15
CVE-2024-23477
Path Traversal vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability.
low complexity
solarwinds
CWE-22
critical
9.6
9.6
2024-02-15
CVE-2024-23479
Path Traversal vulnerability in Solarwinds Access Rights Manager
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability.
low complexity
solarwinds
CWE-22
critical
9.6
9.6
2024-02-15
CVE-2023-5155
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Utarit Information Technologies SoliPay Mobile App allows SQL Injection.This issue affects SoliPay Mobile App: before 5.0.8.
network
low complexity
CWE-89
critical
9.8
9.8
2024-02-15
CVE-2023-7081
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSTAHSIL Online Payment System allows SQL Injection.This issue affects Online Payment System: before 14.02.2024.
network
low complexity
CWE-89
critical
9.8
9.8
«
Previous
1
2
...
7
8
9
(current)
10
11
...
2687
2688
»
Next