cyber
·
news
News
Deep Dives
Settings
Sign in
895 items
Unread (4642)
All
Dismissed
All
Critical
High
Supply Chain
Ransomware
Breaches
Zero-Day
CVEs
CRITICAL
CVE-2024-7078 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2024-7078
652d ago
CRITICAL
CVE-2024-7076 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2024-7076
652d ago
CRITICAL
CVE-2024-4259 (CVSS 9.8) — Missing Authorization vulnerability in SAMPAŞ Holding AKOS (AkosCepVatandasService), SAMPAŞ Holding ...
NVD
CVE-2024-4259
653d ago
CRITICAL
CVE-2024-6919 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2024-6919
654d ago
CRITICAL
CVE-2024-4428 (CVSS 9.8) — Missing Authentication for Critical Function, Missing Authorization vulnerability in Menulux Informa...
NVD
CVE-2024-4428
659d ago
CRITICAL
CVE-2024-7071 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 564 - SQ...
NVD
CVE-2024-7071
660d ago
CRITICAL
CVE-2024-7593 (CVSS 9.8) — Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or ...
NVD
CVE-2024-7593
674d ago
CRITICAL
CVE-2024-6917 (CVSS 9.8) — Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerabi...
NVD
CVE-2024-6917
675d ago
CRITICAL
CVE-2024-39011 (CVSS 9.8) — Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or c...
NVD
CVE-2024-39011
688d ago
CRITICAL
CVE-2024-6699 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2024-6699
688d ago
CRITICAL
CVE-2024-3166 (CVSS 9.6) — A Cross-Site Scripting (XSS) vulnerability exists in mintplex-labs/anything-llm, affecting both the ...
NVD
CVE-2024-3166
742d ago
CRITICAL
CVE-2024-4406 (CVSS 9.6) — Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability....
NVD
CVE-2024-4406
777d ago
CRITICAL
CVE-2024-4405 (CVSS 9.6) — Xiaomi Pro 13 mimarket manual-upgrade Cross-Site Scripting Remote Code Execution Vulnerability. This...
NVD
CVE-2024-4405
777d ago
CRITICAL
CVE-2024-33553 (CVSS 9) — Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore Core...
NVD
CVE-2024-33553
781d ago
CRITICAL
CVE-2024-3191 (CVSS 9.8) — A vulnerability, which was classified as critical, has been found in MailCleaner up to 2023.03.14. T...
NVD
CVE-2024-3191
781d ago
CRITICAL
CVE-2024-33551 (CVSS 9.3) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2024-33551
781d ago
CRITICAL
CVE-2024-32659 (CVSS 9.8) — FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to vers...
NVD
CVE-2024-32659
786d ago
CRITICAL
CVE-2024-32658 (CVSS 9.8) — FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to vers...
NVD
CVE-2024-32658
786d ago
CRITICAL
CVE-2024-4040 (CVSS 9.8) — A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 ...
NVD
CVE-2024-4040
787d ago
CRITICAL
CVE-2024-32644 (CVSS 9.1) — Evmos is a scalable, high-throughput Proof-of-Stake EVM blockchain that is fully compatible and inte...
NVD
CVE-2024-32644
790d ago
CRITICAL
CVE-2024-3863 (CVSS 9.8) — The executable file warning was not presented when downloading .xrm-ms files. *Note: This issue on...
NVD
CVE-2024-3863
793d ago
CRITICAL
CVE-2024-3573 (CVSS 9.3) — mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing ...
NVD
CVE-2024-3573
794d ago
CRITICAL
CVE-2024-3781 (CVSS 9.1) — Command injection vulnerability in the operating system. Improper neutralisation of special elements...
NVD
CVE-2024-3781
794d ago
CRITICAL
CVE-2024-3777 (CVSS 9.8) — The password reset feature of Ai3 QbiBot lacks proper access control, allowing unauthenticated remot...
NVD
CVE-2024-3777
795d ago
CRITICAL
CVE-2024-3400 (CVSS 10) — A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect featur...
NVD
CVE-2024-3400
798d ago
CRITICAL
CVE-2024-3157 (CVSS 9.6) — Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote...
NVD
CVE-2024-3157
799d ago
CRITICAL
CVE-2024-3568 (CVSS 9.6) — The huggingface/transformers library is vulnerable to arbitrary code execution through deserializati...
NVD
CVE-2024-3568
799d ago
CRITICAL
CVE-2024-3566 (CVSS 9.8) — A command inject vulnerability allows an attacker to perform command injection on Windows applicatio...
NVD
CVE-2024-3566
799d ago
CRITICAL
CVE-2024-3120 (CVSS 9) — A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due...
NVD
CVE-2024-3120
800d ago
CRITICAL
CVE-2024-3119 (CVSS 9) — A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handl...
NVD
CVE-2024-3119
800d ago
CRITICAL
CVE-2024-3272 (CVSS 9.8) — ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been fou...
NVD
CVE-2024-3272
806d ago
CRITICAL
CVE-2024-3094 (CVSS 10) — Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through...
NVD
CVE-2024-3094
811d ago
CRITICAL
CVE-2023-6191 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2023-6191
812d ago
CRITICAL
CVE-2023-6436 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2023-6436
898d ago
CRITICAL
CVE-2023-2889 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2023-2889
939d ago
CRITICAL
CVE-2023-47359 (CVSS 9.8) — Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Bu...
NVD
CVE-2023-47359
954d ago
CRITICAL
CVE-2023-36263 (CVSS 9.8) — Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. OpartlimitquantityAle...
NVD
CVE-2023-36263
962d ago
CRITICAL
CVE-2023-5807 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2023-5807
965d ago
CRITICAL
CVE-2023-45199 (CVSS 9.8) — Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution...
NVD
CVE-2023-45199
986d ago
CRITICAL
CVE-2023-34576 (CVSS 9.8) — SQL injection vulnerability in updatepos.php in PrestaShop opartfaq through 1.0.3 allows remote atta...
NVD
CVE-2023-34576
1001d ago
CRITICAL
CVE-2023-34575 (CVSS 9.8) — SQL injection vulnerability in PrestaShop opartsavecart through 2.0.7 allows remote attackers to run...
NVD
CVE-2023-34575
1002d ago
CRITICAL
CVE-2023-4833 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2023-4833
1008d ago
CRITICAL
CVE-2023-4669 (CVSS 9.8) — Authentication Bypass by Assumed-Immutable Data vulnerability in Exagate SYSGuard 3001 allows Authen...
NVD
CVE-2023-4669
1008d ago
CRITICAL
CVE-2023-3616 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2023-3616
1017d ago
CRITICAL
CVE-2023-3651 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2023-3651
1045d ago
CRITICAL
CVE-2023-1050 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2023-1050
1184d ago
CRITICAL
CVE-2023-1153 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2023-1153
1186d ago
CRITICAL
CVE-2023-1152 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2023-1152
1190d ago
CRITICAL
CVE-2023-28531 (CVSS 9.8) — ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destinat...
NVD
CVE-2023-28531
1190d ago
CRITICAL
CVE-2023-1198 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD
CVE-2023-1198
1196d ago
Prev
Page 8 / 18
Next
CRITICAL
NVD
Wed, 04 Sep 2024 15:15:14 UTC
✕ Dismiss
CVE-2024-7078 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
https://nvd.nist.gov/vuln/detail/CVE-2024-7078
TL;DR
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows SQL Injection. This issue affects Semtek Sempos: through 31072024.
CVE-2024-7078
Read full story ↗