Skip to main content
CVE-2024-23689 HIGH POC PATCH This Week

Exposure of sensitive information in exceptions in ClichHouse's clickhouse-r2dbc, com.clickhouse:clickhouse-jdbc, and com.clickhouse:clickhouse-client versions less than 0.4.6 allows unauthorized. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Java Libraries
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-22424 HIGH POC PATCH This Week

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

CSRF Kubernetes Argo Cd
NVD GitHub
CVSS 3.1
8.3
EPSS
0.4%
CVE-2024-23683 HIGH POC PATCH This Week

Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. Public exploit code available.

RCE Java Artemis Java Test Sandbox
NVD GitHub VulDB
CVSS 3.1
8.2
EPSS
0.4%
CVE-2024-23682 HIGH POC PATCH This Week

Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Java Artemis Java Test Sandbox
NVD GitHub VulDB
CVSS 3.1
8.2
EPSS
0.4%
CVE-2024-23681 HIGH POC PATCH This Week

Artemis Java Test Sandbox versions before 1.11.2 are vulnerable to a sandbox escape when an attacker loads untrusted libraries using System.load or System.loadLibrary. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Java Artemis Java Test Sandbox
NVD GitHub VulDB
CVSS 3.1
8.2
EPSS
0.3%
CVE-2024-22956 HIGH POC This Week

swftools 0.9.2 was discovered to contain a heap-use-after-free vulnerability via the function removeFromTo at swftools/src/swfc.c:838. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Memory Corruption Swftools
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-22955 HIGH POC This Week

swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability via the function parseExpression at swftools/src/swfc.c:2576. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Swftools
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-22919 HIGH POC This Week

swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/swfc.c:2587. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Swftools
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-22915 HIGH POC This Week

A heap-use-after-free was found in SWFTools v0.9.2, in the function swf_DeleteTag at rfxswf.c:1193. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free RCE Memory Corruption Swftools
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-22913 HIGH POC This Week

A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Swftools
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-22912 HIGH POC This Week

A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Swftools
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-22911 HIGH POC This Week

A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Swftools
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-22920 HIGH POC This Week

swftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Memory Corruption Swftools
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-22562 HIGH POC This Week

swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dict_foreach_keyvalue at swftools/lib/q.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Swftools
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-0737 HIGH POC This Week

A vulnerability classified as problematic was found in Xlightftpd Xlight FTP Server 1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Xlight Ftp Server
NVD VulDB Exploit-DB
CVSS 3.1
7.5
EPSS
4.2%
CVE-2024-23331 HIGH POC PATCH This Week

Vite is a frontend tooling framework for javascript. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Microsoft Vite
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2024-0732 HIGH POC This Week

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as problematic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Pcman Ftp Server
NVD VulDB
CVSS 3.1
7.5
EPSS
1.1%
CVE-2024-0731 HIGH POC This Week

A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as problematic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Pcman Ftp Server
NVD VulDB
CVSS 3.1
7.5
EPSS
1.1%
CVE-2024-0725 HIGH POC This Week

A vulnerability was found in ProSSHD 1.2 on Windows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Microsoft Prosshd
NVD VulDB Exploit-DB
CVSS 3.1
7.5
EPSS
3.6%
CVE-2024-0723 HIGH POC This Week

A vulnerability was found in freeSSHd 1.0.9 on Windows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Microsoft Freesshd
NVD VulDB Exploit-DB
CVSS 3.1
7.5
EPSS
3.6%
CVE-2024-22422 HIGH POC PATCH This Week

AnythingLLM is an application that turns any document, resource, or piece of content into context that any LLM can use as references during chatting. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Denial Of Service Anythingllm
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-40700 HIGH This Week

Server-Side Request Forgery (SSRF) vulnerability in Montonio Montonio for WooCommerce, Wpopal Wpopal Core Features, AMO for WP - Membership Management ArcStone wp-amo, Long Watch Studio. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF WordPress Admin Css Mu Amp Toolbox Confirm Data +12
NVD
CVSS 3.1
8.2
EPSS
0.7%
CVE-2024-23684 HIGH PATCH This Week

Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation (CBOR) versions 4.0.0 to 4.5.1 allows an attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Denial Of Service Cbor
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.9%
CVE-2024-0736 HIGH This Week

A vulnerability classified as problematic has been found in EFS Easy File Sharing FTP 3.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Easy File Sharing Ftp Server
NVD VulDB
CVSS 3.1
7.5
EPSS
1.0%
CVE-2024-22563 HIGH This Week

openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Openvswitch
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy