Skip to main content
CVE-2024-24561 CRITICAL POC PATCH Act Now

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Vyper
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-24754 CRITICAL POC PATCH Act Now

Bref enable serverless PHP on AWS Lambda. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP Information Disclosure Bref
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-1039 CRITICAL Act Now

Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Web Master Firmware
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-23832 CRITICAL PATCH Act Now

Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Mastodon
NVD GitHub
CVSS 3.1
9.8
EPSS
2.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy