Skip to main content
CVE-2024-24563 CRITICAL POC PATCH Act Now

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Vyper
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2024-24188 CRITICAL POC Act Now

Jsish v3.5.0 was discovered to contain a heap-buffer-overflow in ./src/jsiUtils.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Jsish
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-24186 CRITICAL POC Act Now

Jsish v3.5.0 (commit 42c694c) was discovered to contain a stack-overflow via the component IterGetKeysCallback at /jsish/src/jsiValue.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Jsish
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-24004 CRITICAL POC Act Now

jshERP v3.3 is vulnerable to SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jsherp
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-24002 CRITICAL POC Act Now

jshERP v3.3 is vulnerable to SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jsherp
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-24001 CRITICAL POC Act Now

jshERP v3.3 is vulnerable to SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jsherp
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-24811 CRITICAL PATCH Act Now

SQLAlchemyDA is a generic database adapter for ZSQL methods. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Sqlalchemyda
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-24189 CRITICAL Act Now

Jsish v3.5.0 (commit 42c694c) was discovered to contain a use-after-free via the SplitChar at ./src/jsiUtils.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Jsish
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-24133 CRITICAL Act Now

Atmail v6.6.0 was discovered to contain a SQL injection vulnerability via the username parameter on the login page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Atmail
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-24303 CRITICAL Act Now

SQL Injection vulnerability in HiPresta "Gift Wrapping Pro" (hiadvancedgiftwrapping) module for PrestaShop before version 1.4.1, allows remote attackers to escalate privileges and obtain sensitive. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Gift Wrapping Pro
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-1268 CRITICAL Act Now

A vulnerability, which was classified as critical, was found in CodeAstro Restaurant POS System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload Restaurant Pos System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-24019 CRITICAL Act Now

A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Novel Plus
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-1264 CRITICAL Act Now

A vulnerability has been found in Juanpao JPShop up to 1.5.02 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload Jpshop
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-24822 CRITICAL PATCH Act Now

Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Admin Classic Bundle
NVD GitHub
CVSS 3.1
9.1
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy