Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-25 | CVE-2024-37845 | OS Command Injection vulnerability in Radixiot Mango MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Process Command feature. | 7.2 |
| 2024-10-25 | CVE-2024-37847 | Path Traversal vulnerability in Radixiot Mango and Mangoapi An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file. | 8.8 |
| 2024-10-25 | CVE-2022-30357 | Unspecified vulnerability in Ovaledge OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to /profile/updateProfile via the userId and email parameters. | 8.8 |
| 2024-10-25 | CVE-2022-30358 | Incorrect Authorization vulnerability in Ovaledge OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to /user/updatePassword via the userId and newPsw parameters. | 8.8 |
| 2024-10-25 | CVE-2024-10387 | Unspecified vulnerability in Rockwellautomation Thinmanager CVE-2024-10387 IMPACT A Denial-of-Service vulnerability exists in the affected product. | 7.5 |
| 2024-10-25 | CVE-2024-49381 | Path Traversal vulnerability in Plenti Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. | 7.5 |
| 2024-10-25 | CVE-2024-10380 | SQL Injection vulnerability in Mayurik Petrol Pump Management 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. | 7.5 |
| 2024-10-25 | CVE-2024-49376 | Incorrect Authorization vulnerability in Autolabproject Autolab 3.0.0 Autolab, a course management service that enables auto-graded programming assignments, has misconfigured reset password permissions in version 3.0.0. | 8.8 |
| 2024-10-25 | CVE-2024-10379 | Path Traversal vulnerability in Esafenet CDG 5 A vulnerability classified as problematic was found in ESAFENET CDG 5. | 7.5 |
| 2024-10-25 | CVE-2024-44100 | Unspecified vulnerability in Google Android Android before 2024-10-05 on Google Pixel devices allows information disclosure in the modem component, A-299774545. | 7.5 |