Skip to main content
CVE-2024-0769 CRITICAL POC KEV THREAT Act Now

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Path Traversal Dir 859 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
82.7%
CVE-2024-23744 HIGH POC This Week

An issue was discovered in Mbed TLS 3.5.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Mbed Tls
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2024-0770 HIGH POC This Week

A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID 7.10.3 on Windows. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Iuclid
NVD VulDB
CVSS 3.1
7.1
EPSS
0.3%
CVE-2024-23731 CRITICAL PATCH Act Now

The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Embedchain
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-23730 CRITICAL PATCH Act Now

The OpenAPI and ChatGPT plugin loaders in LlamaHub (aka llama-hub) before 0.0.67 allow attackers to execute arbitrary code because safe_load is not used for YAML. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Llamahub
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-0771 MEDIUM POC This Month

A vulnerability has been found in Nsasoft Product Key Explorer 4.0.9 and classified as problematic. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Product Key Explorer
NVD VulDB
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-23726 HIGH This Week

Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ddw365 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-23732 HIGH PATCH This Week

The JSON loader in Embedchain before 0.1.57 allows a ReDoS (regular expression denial of service) via a long string to json.py. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Embedchain
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2024-23725 MEDIUM PATCH This Month

Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Ghost
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy