Skip to main content
CVE-2024-1765 HIGH PATCH This Week

Cloudflare Quiche (through version 0.19.1/0.20.0) was affected by an unlimited resource allocation vulnerability causing rapid increase of memory usage of the system running quiche server or client. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Quiche
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2024-26204 HIGH This Week

Outlook for Android Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Command Injection Google Microsoft Outlook
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2024-21438 HIGH This Week

Microsoft AllJoyn API Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2024-21427 HIGH PATCH This Week

Windows Kerberos Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Microsoft Windows Server 2012 Windows Server 2016 Windows Server 2019 +2
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2024-21421 HIGH This Week

Azure SDK Spoofing Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Azure Software Development Kit
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2024-1301 HIGH This Week

SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Monitool
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2024-1226 HIGH This Week

The software does not neutralize or incorrectly neutralizes certain characters before the data is included in outgoing HTTP headers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-22044 HIGH This Week

A vulnerability has been identified in SENTRON 3KC ATC6 Expansion Module Ethernet (3KC9000-8TL75) (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-22041 HIGH This Week

A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-22040 HIGH This Week

A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2024-26004 HIGH This Week

An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Memory Corruption Charx Sec 3000 Firmware Charx Sec 3050 Firmware Charx Sec 3100 Firmware +1
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2024-26003 HIGH This Week

An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Charx Sec 3000 Firmware Charx Sec 3050 Firmware Charx Sec 3100 Firmware +1
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2024-26000 HIGH This Week

An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Charx Sec 3000 Firmware Charx Sec 3050 Firmware Charx Sec 3100 Firmware +1
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2024-2395 HIGH This Week

The Bulgarisation for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.14. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress CSRF Bulgarisation For Woocommerce
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2024-26203 HIGH This Week

Azure Data Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Azure Data Studio
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2024-21443 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1809 +8
NVD
CVSS 3.1
7.3
EPSS
1.3%
CVE-2024-25998 HIGH This Week

An unauthenticated remote attacker can perform a command injection in the OCPP Service with limited privileges due to improper input validation. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Charx Sec 3000 Firmware Charx Sec 3050 Firmware Charx Sec 3100 Firmware Charx Sec 3150 Firmware
NVD
CVSS 3.1
7.3
EPSS
1.5%
CVE-2024-27121 HIGH This Week

Path traversal vulnerability exists in Machine Automation Controller NJ Series and Machine Automation Controller NX Series. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2024-21390 HIGH PATCH This Week

Microsoft Authenticator Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Microsoft Authenticator
NVD
CVSS 3.1
7.1
EPSS
1.3%
CVE-2024-21445 HIGH This Week

Windows USB Print Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +4
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2024-21439 HIGH This Week

Windows Telephony Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1507 +13
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2024-21433 HIGH PATCH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.0
EPSS
5.1%
CVE-2024-21432 HIGH PATCH This Week

Windows Update Stack Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.0
EPSS
0.7%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy