Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-16 | CVE-2025-0457 | The airPASS from NetVision Information has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands. | 8.8 |
| 2025-01-15 | CVE-2024-57727 | Path Traversal vulnerability in Simple-Help Simplehelp SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. | 7.5 |
| 2025-01-15 | CVE-2024-57728 | Link Following vulnerability in Simple-Help Simplehelp SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. | 7.2 |
| 2025-01-15 | CVE-2024-27856 | Code Injection vulnerability in Apple products The issue was addressed with improved checks. | 7.8 |
| 2025-01-15 | CVE-2024-40771 | Unspecified vulnerability in Apple products The issue was addressed with improved memory handling. | 7.8 |
| 2025-01-15 | CVE-2025-0484 | Unspecified vulnerability in Fanli2012 Native-PHP-Cms 1.0 A vulnerability was found in Fanli2012 native-php-cms 1.0 and classified as critical. | 7.5 |
| 2025-01-15 | CVE-2020-8094 | Untrusted Search Path vulnerability in Bitdefender Antivirus 2020 1.0.15.138 An untrusted search path vulnerability in testinitsigs.exe as used in Bitdefender Antivirus Free 2020 allows a low-privilege attacker to execute code as SYSTEM via a specially crafted DLL file. | 7.8 |
| 2025-01-15 | CVE-2024-57011 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313 TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "minute" parameters in setScheduleCfg. | 8.8 |
| 2025-01-15 | CVE-2024-57012 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313 TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "week" parameter in setScheduleCfg. | 8.8 |
| 2025-01-15 | CVE-2024-57013 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313 TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "switch" parameter in setScheduleCfg. | 8.8 |