cyber·news

CRITICAL

CVE-2024-6917 (CVSS 9.8) — Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerabi...

NVD CVE-2024-6917 662d ago

CRITICAL

CVE-2024-6699 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2024-6699 675d ago

CRITICAL

CVE-2023-6191 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-6191 798d ago

CRITICAL

CVE-2023-6436 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-6436 885d ago

CRITICAL

CVE-2023-2889 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-2889 926d ago

CRITICAL

CVE-2023-47359 (CVSS 9.8) — Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Bu...

NVD CVE-2023-47359 941d ago

CRITICAL

CVE-2023-5807 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-5807 952d ago

CRITICAL

CVE-2023-45199 (CVSS 9.8) — Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution...

NVD CVE-2023-45199 973d ago

CRITICAL

CVE-2023-4833 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-4833 994d ago

CRITICAL

CVE-2023-4669 (CVSS 9.8) — Authentication Bypass by Assumed-Immutable Data vulnerability in Exagate SYSGuard 3001 allows Authen...

NVD CVE-2023-4669 995d ago

CRITICAL

CVE-2023-3616 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-3616 1004d ago

CRITICAL

CVE-2023-3651 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-3651 1032d ago

CRITICAL

CVE-2023-1050 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-1050 1170d ago

CRITICAL

CVE-2023-1153 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-1153 1172d ago

CRITICAL

CVE-2023-1152 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-1152 1176d ago

CRITICAL

CVE-2023-28531 (CVSS 9.8) — ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destinat...

NVD CVE-2023-28531 1177d ago

CRITICAL

CVE-2023-1198 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-1198 1183d ago

CRITICAL

CVE-2023-1091 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-1091 1183d ago

CRITICAL

CVE-2023-1251 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-1251 1184d ago

CRITICAL

CVE-2023-1267 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-1267 1185d ago

CRITICAL

CVE-2022-3760 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2022-3760 1186d ago

CRITICAL

CVE-2023-1064 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-1064 1192d ago

CRITICAL

CVE-2022-2504 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2022-2504 1198d ago

CRITICAL

CVE-2023-0939 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...

NVD CVE-2023-0939 1198d ago

CRITICAL

CVE-2022-46393 (CVSS 9.8) — An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-ba...

NVD CVE-2022-46393 1268d ago

CRITICAL

CVE-2021-41556 (CVSS 10) — sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core ...

NVD CVE-2021-41556 1408d ago

CRITICAL

CVE-2022-35409 (CVSS 9.1) — An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an u...

NVD CVE-2022-35409 1421d ago

CRITICAL

CVE-2022-0715 (CVSS 9.1) — A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily ...

NVD CVE-2022-0715 1549d ago

CRITICAL

CVE-2022-23305 (CVSS 9.8) — By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter whe...

NVD CVE-2022-23305 1599d ago

CRITICAL

CVE-2021-44732 (CVSS 9.8) — Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an m...

NVD CVE-2021-44732 1628d ago

CRITICAL

CVE-2019-25052 (CVSS 9.1) — In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call updat...

NVD CVE-2019-25052 1759d ago

CRITICAL

CVE-2021-33485 (CVSS 9.8) — CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.

NVD CVE-2021-33485 1767d ago

CRITICAL

CVE-2021-22779 (CVSS 9.1) — Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions p...

NVD CVE-2021-22779 1787d ago

CRITICAL

CVE-2021-22768 (CVSS 9.8) — A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and ne...

NVD CVE-2021-22768CVE-2021-22767 1820d ago

CRITICAL

CVE-2021-22767 (CVSS 9.8) — A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and ne...

NVD CVE-2021-22767CVE-2021-2276 1820d ago

CRITICAL

CVE-2021-22765 (CVSS 9.8) — A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and ne...

NVD CVE-2021-22765 1820d ago

CRITICAL

CVE-2021-22763 (CVSS 9.8) — A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogi...

NVD CVE-2021-22763 1820d ago

CRITICAL

CVE-2020-15782 (CVSS 9.8) — A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMA...

NVD CVE-2020-15782 1834d ago

CRITICAL

CVE-2021-27384 (CVSS 9.8) — A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPL...

NVD CVE-2021-27384 1850d ago

CRITICAL

CVE-2020-15798 (CVSS 9.8) — A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versi...

NVD CVE-2020-15798 1942d ago

CRITICAL

CVE-2020-27285 (CVSS 9.1) — The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user to be able...

NVD CVE-2020-27285 1976d ago

CRITICAL

CVE-2020-28271 (CVSS 9.8) — Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause...

NVD CVE-2020-28271 2031d ago

CRITICAL

CVE-2020-15786 (CVSS 9.8) — A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variant...

NVD CVE-2020-15786 2095d ago

CRITICAL

CVE-2020-7489 (CVSS 9.8) — A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Inj...

NVD CVE-2020-7489 2235d ago

CRITICAL

CVE-2020-6990 (CVSS 9.8) — Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, ...

NVD CVE-2020-6990 2272d ago

CRITICAL

CVE-2019-17571 (CVSS 9.8) — Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted dat...

NVD CVE-2019-17571 2359d ago

CRITICAL

CVE-2019-18269 (CVSS 9.8) — Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability.

NVD CVE-2019-18269 2363d ago

CRITICAL

CVE-2019-1010292 (CVSS 9.8) — Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: Boundary checks. The impact is: This co...

NVD CVE-2019-1010292 2516d ago

CRITICAL

CVE-2019-1010298 (CVSS 9.8) — Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code executio...

NVD CVE-2019-1010298 2517d ago

CRITICAL

CVE-2019-1010297 (CVSS 9.8) — Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Execution of ...

NVD CVE-2019-1010297 2517d ago

Prev Page 6 / 7 Next

CRITICAL NVD Mon, 12 Aug 2024 15:15:21 UTC

CVE-2024-6917 (CVSS 9.8) — Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerabi...

https://nvd.nist.gov/vuln/detail/CVE-2024-6917

TL;DR

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Veribilim Software Veribase Order Management allows OS Command Injection. This issue affects Veribase Order Management: before v4.010.2.

CVE-2024-6917

Read full story ↗