Skip to main content
CVE-2024-0941 CRITICAL POC Act Now

A vulnerability was found in Novel-Plus 4.3.0-RC1 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Novel Plus
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-0939 CRITICAL POC THREAT Act Now

A vulnerability has been found in Byzoro Smart S210 Management Platform up to 20240117 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Smart S210 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
43.8%
CVE-2024-0938 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Office Anywhere
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-0937 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in van_der_Schaar LAB synthcity 0.2.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Temporai
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-0932 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0931 CRITICAL POC Act Now

A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0930 CRITICAL POC THREAT Act Now

A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
15.2%
CVE-2024-0929 CRITICAL POC Act Now

A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-0928 CRITICAL POC Act Now

A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-0927 CRITICAL POC Act Now

A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-0926 CRITICAL POC Act Now

A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0925 CRITICAL POC Act Now

A vulnerability has been found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0924 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0923 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0922 CRITICAL POC Act Now

A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0921 CRITICAL POC THREAT Act Now

A vulnerability has been found in D-Link DIR-816 A2 1.10CNB04 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 816 A2 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
37.6%
CVE-2024-20253 CRITICAL Act Now

A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE Cisco Unified Communications Manager Unified Communications Manager Im And Presence Service +3
NVD
CVSS 3.1
10.0
EPSS
2.1%
CVE-2024-0402 CRITICAL Act Now

An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Path Traversal
NVD
CVSS 3.1
9.9
EPSS
3.3%
CVE-2024-0946 CRITICAL Act Now

A vulnerability classified as critical was found in 60IndexPage up to 1.8.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF PHP 60Indexpage
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-0945 CRITICAL Act Now

A vulnerability classified as critical has been found in 60IndexPage up to 1.8.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF PHP 60Indexpage
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-0933 CRITICAL Act Now

A vulnerability was found in Niushop B2B2C V5 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload B2B2C Multi Business
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-23625 CRITICAL Act Now

A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dap 1650 Firmware
NVD
CVSS 3.1
9.8
EPSS
22.8%
CVE-2024-23624 CRITICAL Act Now

A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dap 1650 Firmware
NVD
CVSS 3.1
9.8
EPSS
26.0%
CVE-2024-23622 CRITICAL Act Now

A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM RCE Buffer Overflow Merge Efilm Workstation
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2024-23621 CRITICAL Act Now

A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM RCE Buffer Overflow Merge Efilm Workstation
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2024-23619 CRITICAL Act Now

A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Information Disclosure IBM Merge Efilm Workstation
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2024-23618 CRITICAL Act Now

An arbitrary code execution vulnerability exists in Arris SURFboard SGB6950AC2 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Arris Surfboard Sbg6950Ac2 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-23616 CRITICAL Act Now

A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Symantec Server Management Suite
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2024-23615 CRITICAL Act Now

A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Symantec Messaging Gateway
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2024-23614 CRITICAL Act Now

A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Symantec Messaging Gateway
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2024-23613 CRITICAL Act Now

A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Symantec Deployment Solutions
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2024-21326 CRITICAL PATCH Act Now

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Microsoft Memory Corruption Information Disclosure +1
NVD
CVSS 3.1
9.6
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy