Skip to main content
CVE-2023-50760 HIGH POC This Week

Online Notice Board System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'f' parameter of user/update_profile_pic.php page, allowing an authenticated attacker to obtain Remote. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE PHP Online Notice Board System
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-0241 HIGH POC PATCH This Week

encoded_id-rails versions before 1.0.0.beta2 are affected by an uncontrolled resource consumption vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Encodedid
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-50082 HIGH POC This Week

Aoyun Technology pbootcms V3.1.2 is vulnerable to Incorrect Access Control, allows remote attackers to gain sensitive information via session leakage allows a user to avoid logging into the backend. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pbootcms
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2021-40367 HIGH This Week

A vulnerability has been identified in syngo fastView (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Syngo Fastview
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2021-42028 HIGH This Week

A vulnerability has been identified in syngo fastView (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Syngo Fastview
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2021-45465 HIGH This Week

A vulnerability has been identified in syngo fastView (All versions). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Syngo Fastview
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-22050 HIGH PATCH This Week

Path traversal in the static file service in Iodine less than 0.7.33 allows an unauthenticated, remote attacker to read files outside the public folder via malicious URLs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal Iodine
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-2081 HIGH This Week

A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Rtu520 Firmware Rtu530 Firmware Rtu540 Firmware +1
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-6270 HIGH This Week

A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. Rated high severity (CVSS 7.0). No vendor patch available.

Use After Free Linux Memory Corruption Denial Of Service RCE +3
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2024-21625 HIGH This Month

SideQuest is a place to get virtual reality applications for Oculus Quest. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Sidequest
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2024-0225 HIGH This Month

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Google Denial Of Service Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-0224 HIGH This Month

Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Google Denial Of Service Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-0223 HIGH This Month

Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Google Chrome Fedora
NVD
CVSS 3.1
8.8
EPSS
9.6%
CVE-2024-0222 HIGH This Month

Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Google Denial Of Service Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy