Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-08-03 CVE-2024-7441 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Vivotek Sd9364 Firmware
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f.
network
low complexity
vivotek CWE-119
critical
 9.8
9.8
2024-08-03 CVE-2024-7442 Command Injection vulnerability in Vivotek Sd9364 Firmware
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f.
network
low complexity
vivotek CWE-77
critical
 9.8
9.8
2024-08-03 CVE-2024-7440 Command Injection vulnerability in Vivotek Cc8160 Firmware
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d.
network
low complexity
vivotek CWE-77
critical
 9.8
9.8
2024-08-03 CVE-2024-7439 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Vivotek Cc8160 Firmware
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d and classified as critical.
network
low complexity
vivotek CWE-119
critical
 9.8
9.8
2024-08-03 CVE-2024-7257 The YayExtra – WooCommerce Extra Product Options plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_upload_file function in all versions up to, and including, 1.3.7.
network
low complexity
critical
 9.8
9.8
2024-08-02 CVE-2024-38887 OS Command Injection vulnerability in Horizoncloud Caterease
An issue in Horizon Business Services Inc.
network
low complexity
horizoncloud CWE-78
critical
 9.8
9.8
2024-08-02 CVE-2024-38889 SQL Injection vulnerability in Horizoncloud Caterease
An issue in Horizon Business Services Inc.
network
low complexity
horizoncloud CWE-89
critical
 9.8
9.8
2024-08-02 CVE-2024-38886 Unspecified vulnerability in Horizoncloud Caterease
An issue in Horizon Business Services Inc.
network
low complexity
horizoncloud
critical
 9.8
9.8
2024-08-02 CVE-2024-7314 Unspecified vulnerability in Anji-Plus Report
anji-plus AJ-Report is affected by an authentication bypass vulnerability.
network
low complexity
anji-plus
critical
 9.8
9.8
2024-08-02 CVE-2024-41127 Code Injection vulnerability in Monkeytype
Monkeytype is a minimalistic and customizable typing test.
network
low complexity
monkeytype CWE-94
critical
 9.6
9.6