Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-11 | CVE-2024-27114 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Soplanning A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. | 9.8 |
| 2024-09-11 | CVE-2024-27115 | Unrestricted Upload of File with Dangerous Type vulnerability in Soplanning A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. | 9.8 |
| 2024-09-11 | CVE-2024-45790 | Improper Restriction of Excessive Authentication Attempts vulnerability in Reedos Aim-Star 2.0.1 This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing restrictions for excessive failed authentication attempts on its API based login. | 9.8 |
| 2024-09-11 | CVE-2024-6091 | OS Command Injection vulnerability in Agpt Autogpt 0.5.1 A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. | 9.8 |
| 2024-09-11 | CVE-2024-8277 | Missing Authentication for Critical Function vulnerability in Villatheme Woocommerce Photo Reviews The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2. | 9.8 |
| 2024-09-10 | CVE-2024-8191 | SQL Injection vulnerability in Ivanti Endpoint Manager SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution. | 9.8 |
| 2024-09-10 | CVE-2024-45409 | The Ruby SAML library is for implementing the client side of a SAML authorization. | 9.8 |
| 2024-09-10 | CVE-2024-21416 | Unspecified vulnerability in Microsoft products Windows TCP/IP Remote Code Execution Vulnerability | 9.8 |
| 2024-09-10 | CVE-2024-37341 | Unspecified vulnerability in Microsoft products Microsoft SQL Server Elevation of Privilege Vulnerability | 9.8 |
| 2024-09-10 | CVE-2024-37980 | Unspecified vulnerability in Microsoft products Microsoft SQL Server Elevation of Privilege Vulnerability | 9.8 |