Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-01-01 CVE-2025-0168 SQL Injection vulnerability in Anisha JOB Recruitment 1.0
A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0.
network
low complexity
anisha CWE-89
7.5
7.5
2024-12-31 CVE-2024-13079 SQL Injection vulnerability in PHPgurukul Land Record System 1.0
A vulnerability was found in PHPGurukul Land Record System 1.0 and classified as critical.
network
low complexity
phpgurukul CWE-89
8.8
8.8
2024-12-31 CVE-2024-13078 SQL Injection vulnerability in PHPgurukul Land Record System 1.0
A vulnerability has been found in PHPGurukul Land Record System 1.0 and classified as critical.
network
low complexity
phpgurukul CWE-89
8.8
8.8
2024-12-31 CVE-2023-6603 A flaw was found in FFmpeg's HLS playlist parsing.
network
low complexity
CWE-99
7.5
7.5
2024-12-31 CVE-2024-13070 Injection vulnerability in Codeastro Online Food Ordering System 1.0
A vulnerability was found in CodeAstro Online Food Ordering System 1.0.
network
low complexity
codeastro CWE-74
8.8
8.8
2024-12-31 CVE-2024-12106 Missing Authentication for Critical Function vulnerability in Progress Whatsup Gold
In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP settings.
network
low complexity
progress CWE-306
7.5
7.5
2024-12-31 CVE-2024-56225 Missing Authorization vulnerability in Leap13 Premium Addons for Elementor
Missing Authorization vulnerability in Leap13 Premium Addons for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Premium Addons for Elementor: from n/a through 4.10.56.
network
low complexity
leap13 CWE-862
8.8
8.8
2024-12-31 CVE-2024-45497 A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod.
network
low complexity
CWE-732
7.6
7.6
2024-12-31 CVE-2024-12838 The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators.
network
low complexity
CWE-302
8.8
8.8
2024-12-31 CVE-2024-12839 The login mechanism via device authentication of CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability.
network
low complexity
CWE-294
8.8
8.8