Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2024-11-18 CVE-2024-41967 A low privileged remote attacker may modify the boot mode configuration setup of the device, leading to modification of the firmware upgrade process or a denial-of-service attack.
network
low complexity
CWE-306
8.1
8.1
2024-11-18 CVE-2024-41969 A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS.
network
low complexity
CWE-306
8.8
8.8
2024-11-18 CVE-2024-49574 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-11-18 CVE-2024-22067 Unspecified vulnerability in ZTE Nh8091 Firmware Znh8091V1.8
ZTE NH8091 product has an improper permission control vulnerability.
network
low complexity
zte
8.8
8.8
2024-11-17 CVE-2020-25720 A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation.
network
high complexity
CWE-264
7.5
7.5
2024-11-17 CVE-2023-4639 A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests.
network
high complexity
CWE-444
7.4
7.4
2024-11-17 CVE-2024-0793 A flaw was found in kube-controller-manager.
network
low complexity
CWE-20
7.7
7.7
2024-11-15 CVE-2024-11262 Out-of-bounds Write vulnerability in Razormist Student Record Management System 1.0
A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as critical.
local
low complexity
razormist CWE-787
7.8
7.8
2024-11-15 CVE-2017-13310 Incorrect Default Permissions vulnerability in Google Android
In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass.
local
low complexity
google CWE-276
7.8
7.8
2024-11-15 CVE-2017-13312 Unspecified vulnerability in Google Android 8.0
In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to improper input validation.
local
low complexity
google
7.8
7.8