Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-10-21 CVE-2024-43689 Out-of-bounds Write vulnerability in Elecom Wab-I1750-Ps Firmware and Wab-S1167-Ps Firmware
Stack-based buffer overflow vulnerability exists in ELECOM wireless access points.
network
low complexity
elecom CWE-787
critical
9.8
2024-10-21 CVE-2024-10196 SQL Injection vulnerability in Code-Projects Pharmacy Management System 1.0
A vulnerability was found in code-projects Pharmacy Management System 1.0 and classified as critical.
network
low complexity
code-projects CWE-89
critical
9.8
2024-10-20 CVE-2024-44000 Insufficiently Protected Credentials vulnerability in Litespeedtech Litespeed Cache
Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a before 6.5.0.1.
network
low complexity
litespeedtech CWE-522
critical
9.8
2024-10-20 CVE-2024-47634 Cross-Site Request Forgery (CSRF) vulnerability in Majas-Lapu-Izstrade Cartbounty
Cross-Site Request Forgery (CSRF) vulnerability in Streamline.Lv CartBounty – Save and recover abandoned carts for WooCommerce allows Cross Site Request Forgery.This issue affects CartBounty – Save and recover abandoned carts for WooCommerce: from n/a through 8.2.
network
low complexity
majas-lapu-izstrade CWE-352
critical
9.8
2024-10-20 CVE-2024-10195 SQL Injection vulnerability in Tecno-Mobile 4G Portable Wifi Tr118 Firmware V00820220830
A vulnerability was found in Tecno 4G Portable WiFi TR118 V008-20220830.
network
low complexity
tecno-mobile CWE-89
critical
9.8
2024-10-20 CVE-2024-49324 Unrestricted Upload of File with Dangerous Type vulnerability in Sovratec Case Management
Unrestricted Upload of File with Dangerous Type vulnerability in Sovratec Sovratec Case Management allows Upload a Web Shell to a Web Server.This issue affects Sovratec Case Management: from n/a through 1.0.0.
network
low complexity
sovratec CWE-434
critical
9.8
2024-10-20 CVE-2024-49326 Unrestricted Upload of File with Dangerous Type vulnerability in Vasiliskerasiotis Affiliator
Unrestricted Upload of File with Dangerous Type vulnerability in Vasilis Kerasiotis Affiliator allows Upload a Web Shell to a Web Server.This issue affects Affiliator: from n/a through 2.1.3.
network
low complexity
vasiliskerasiotis CWE-434
critical
9.8
2024-10-20 CVE-2024-49327 Unrestricted Upload of File with Dangerous Type vulnerability in Asepbagjapriandana Woostagram Connect
Unrestricted Upload of File with Dangerous Type vulnerability in Asep Bagja Priandana Woostagram Connect allows Upload a Web Shell to a Web Server.This issue affects Woostagram Connect: from n/a through 1.0.2.
network
low complexity
asepbagjapriandana CWE-434
critical
9.8
2024-10-20 CVE-2024-49329 Unrestricted Upload of File with Dangerous Type vulnerability in Vivektamrakar WP Rest API FNS
Unrestricted Upload of File with Dangerous Type vulnerability in Vivek Tamrakar WP REST API FNS allows Upload a Web Shell to a Web Server.This issue affects WP REST API FNS: from n/a through 1.0.0.
network
low complexity
vivektamrakar CWE-434
critical
9.8
2024-10-20 CVE-2024-49330 Unrestricted Upload of File with Dangerous Type vulnerability in Brx8R Nice Backgrounds
Unrestricted Upload of File with Dangerous Type vulnerability in brx8r Nice Backgrounds allows Upload a Web Shell to a Web Server.This issue affects Nice Backgrounds: from n/a through 1.0.
network
low complexity
brx8r CWE-434
critical
9.8