Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-22 | CVE-2024-6968 | SQL Injection vulnerability in Clinics Patient Management System Project Clinics Patient Management System 1.0 A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. | 7.5 |
2024-07-22 | CVE-2024-6964 | Out-of-bounds Write vulnerability in Tenda O3 Firmware1.0.0.10(2478) A vulnerability, which was classified as critical, was found in Tenda O3 1.0.0.10. | 8.8 |
2024-07-22 | CVE-2024-6965 | Out-of-bounds Write vulnerability in Tenda O3 Firmware1.0.0.10(2478) A vulnerability has been found in Tenda O3 1.0.0.10 and classified as critical. | 8.8 |
2024-07-22 | CVE-2024-6962 | Out-of-bounds Write vulnerability in Tenda O3 Firmware1.0.0.10(2478) A vulnerability classified as critical was found in Tenda O3 1.0.0.10. | 8.8 |
2024-07-22 | CVE-2024-6963 | Out-of-bounds Write vulnerability in Tenda O3 Firmware1.0.0.10(2478) A vulnerability, which was classified as critical, has been found in Tenda O3 1.0.0.10. | 8.8 |
2024-07-20 | CVE-2024-6497 | The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 12.3.19 due to insufficient input sanitization and output escaping. network low complexity | 8.8 |
2024-07-20 | CVE-2024-6635 | The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.3. network low complexity | 7.3 |
2024-07-20 | CVE-2024-6637 | The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthenticated privilege escalation in all versions up to, and including, 2.7.3. network low complexity | 7.3 |
2024-07-19 | CVE-2024-32007 | Unspecified vulnerability in Apache CXF An improper input validation of the p2c parameter in the Apache CXF JOSE code before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token. | 7.5 |
2024-07-19 | CVE-2024-6338 | SQL Injection vulnerability in Foliovision FV Flowplayer Video Player The FV Flowplayer Video Player plugin for WordPress is vulnerable to time-based SQL Injection via the ‘exclude’ parameter in all versions up to, and including, 7.5.46.7212 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 8.8 |