Skip to main content
CVE-2024-0941 CRITICAL POC Act Now

A vulnerability was found in Novel-Plus 4.3.0-RC1 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Novel Plus
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-0939 CRITICAL POC THREAT Act Now

A vulnerability has been found in Byzoro Smart S210 Management Platform up to 20240117 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Smart S210 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
43.8%
CVE-2024-0938 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Office Anywhere
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-0937 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in van_der_Schaar LAB synthcity 0.2.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Temporai
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-0932 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0931 CRITICAL POC Act Now

A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0930 CRITICAL POC THREAT Act Now

A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
15.2%
CVE-2024-0929 CRITICAL POC Act Now

A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-0928 CRITICAL POC Act Now

A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-0927 CRITICAL POC Act Now

A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-0926 CRITICAL POC Act Now

A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0925 CRITICAL POC Act Now

A vulnerability has been found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0924 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0923 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0922 CRITICAL POC Act Now

A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0921 CRITICAL POC THREAT Act Now

A vulnerability has been found in D-Link DIR-816 A2 1.10CNB04 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 816 A2 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
37.6%
CVE-2024-0936 HIGH POC This Week

A vulnerability classified as critical was found in van_der_Schaar LAB TemporAI 0.0.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Temporai
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-22545 HIGH POC This Week

An issue was discovered in TRENDnet TEW-824DRU version 1.04b01, allows unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub_420AE0() function. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Tew 824Dru Firmware
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-0920 HIGH POC This Week

A vulnerability was found in TRENDnet TEW-822DRE 1.03B02. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 822Dre Firmware
NVD VulDB
CVSS 3.1
7.2
EPSS
8.6%
CVE-2024-0919 HIGH POC THREAT This Week

A vulnerability was found in TRENDnet TEW-815DAP 1.0.2.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 815Dap Firmware
NVD VulDB
CVSS 3.1
7.2
EPSS
22.5%
CVE-2024-0918 HIGH POC THREAT This Week

A vulnerability was found in TRENDnet TEW-800MB 1.0.1.0 and classified as critical. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 800Mb Firmware
NVD VulDB
CVSS 3.1
7.2
EPSS
25.4%
CVE-2024-0948 MEDIUM POC This Month

** DISPUTED ** A vulnerability, which was classified as problematic, has been found in NetBox up to 3.7.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Netbox
NVD VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2024-22551 MEDIUM POC This Month

WhatACart v2.0.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /site/default/search. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Whatacart
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-22550 MEDIUM POC This Month

An arbitrary file upload vulnerability in the component /alsdemo/ss/mediam.cgi of ShopSite v14.0 allows attackers to execute arbitrary code via uploading a crafted SVG file. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Shopsite
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2024-20253 CRITICAL Act Now

A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE Cisco Unified Communications Manager Unified Communications Manager Im And Presence Service +3
NVD
CVSS 3.1
10.0
EPSS
2.1%
CVE-2024-0402 CRITICAL Act Now

An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Path Traversal
NVD
CVSS 3.1
9.9
EPSS
3.3%
CVE-2024-0946 CRITICAL Act Now

A vulnerability classified as critical was found in 60IndexPage up to 1.8.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF PHP 60Indexpage
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-0945 CRITICAL Act Now

A vulnerability classified as critical has been found in 60IndexPage up to 1.8.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF PHP 60Indexpage
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-0933 CRITICAL Act Now

A vulnerability was found in Niushop B2B2C V5 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload B2B2C Multi Business
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-23625 CRITICAL Act Now

A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dap 1650 Firmware
NVD
CVSS 3.1
9.8
EPSS
22.8%
CVE-2024-23624 CRITICAL Act Now

A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dap 1650 Firmware
NVD
CVSS 3.1
9.8
EPSS
26.0%
CVE-2024-23622 CRITICAL Act Now

A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM RCE Buffer Overflow Merge Efilm Workstation
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2024-23621 CRITICAL Act Now

A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM RCE Buffer Overflow Merge Efilm Workstation
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2024-23619 CRITICAL Act Now

A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Information Disclosure IBM Merge Efilm Workstation
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2024-23618 CRITICAL Act Now

An arbitrary code execution vulnerability exists in Arris SURFboard SGB6950AC2 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Arris Surfboard Sbg6950Ac2 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-23616 CRITICAL Act Now

A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Symantec Server Management Suite
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2024-23615 CRITICAL Act Now

A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Symantec Messaging Gateway
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2024-23614 CRITICAL Act Now

A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Symantec Messaging Gateway
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2024-23613 CRITICAL Act Now

A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Symantec Deployment Solutions
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2024-21326 CRITICAL PATCH Act Now

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Microsoft Memory Corruption Information Disclosure +1
NVD
CVSS 3.1
9.6
EPSS
1.2%
CVE-2024-23630 HIGH This Week

An arbitrary firmware upload vulnerability exists in the Motorola MR2600. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Mr2600 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-23628 HIGH This Week

A command injection vulnerability exists in the 'SaveStaticRouteIPv6Params' parameter of the Motorola MR2600. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Mr2600 Firmware
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2024-23627 HIGH This Week

A command injection vulnerability exists in the 'SaveStaticRouteIPv4Params' parameter of the Motorola MR2600. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Mr2600 Firmware
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2024-23626 HIGH This Week

A command injection vulnerability exists in the ‘SaveSysLogParams’ parameter of the Motorola MR2600. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Mr2600 Firmware
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2024-23617 HIGH This Week

A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Symantec Data Center Security Server
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2024-0942 MEDIUM POC This Month

A vulnerability was found in Totolink N200RE V5 9.3.5u.6255_B20211224. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure N200Re V5 Firmware
NVD VulDB
CVSS 3.1
4.3
EPSS
0.7%
CVE-2024-21385 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Microsoft Memory Corruption Information Disclosure +1
NVD
CVSS 3.1
8.3
EPSS
1.0%
CVE-2024-23620 HIGH This Week

An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation IBM Merge Efilm Workstation
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-21985 HIGH This Week

ONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 and 9.13.1P4 are susceptible to a vulnerability which could allow an authenticated user with multiple remote accounts with. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Clustered Data Ontap
NVD
CVSS 3.1
7.6
EPSS
0.3%
CVE-2023-6919 HIGH This Week

Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Vg 4C1A Lru Firmware Vg 4C1A Lrpu Firmware Vg 255A Bf Firmware Vg 255 Bv Firmware +5
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy