Skip to main content
CVE-2024-23739 CRITICAL POC Act Now

An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple RCE Discord
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2024-23738 CRITICAL POC Act Now

An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple RCE Postman
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2024-23740 CRITICAL Act Now

An issue in Kap for macOS version 3.6.0 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Kap
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2024-23742 CRITICAL Act Now

An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Apple Loom
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2024-23741 CRITICAL Act Now

An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Apple Hyper
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2024-0841 HIGH This Week

A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Linux Linux Kernel Enterprise Linux
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-23743 LOW POC Monitor

Notion through 3.1.0 on macOS might allow code execution because of RunAsNode and enableNodeClilnspectArguments. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Apple Node.js RCE Notion
NVD GitHub
CVSS 3.1
3.3
EPSS
0.4%
CVE-2024-23782 MEDIUM This Month

Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS A Blog Cms
NVD
CVSS 3.1
5.4
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy