Skip to main content
CVE-2024-24578 CRITICAL POC Emergency

RaspberryMatic is an open-source operating system for HomeMatic internet-of-things devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Java Raspberrymatic
NVD GitHub
CVSS 3.1
9.8
EPSS
8.7%
CVE-2024-28537 CRITICAL POC Act Now

Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the page parameter of fromNatStaticSetting function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Information Disclosure Ac18 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-21662 CRITICAL POC PATCH Act Now

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Kubernetes Argo Cd
NVD GitHub
CVSS 3.1
9.1
EPSS
0.8%
CVE-2024-2604 CRITICAL Act Now

A vulnerability was found in SourceCodester File Manager App 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload File Manager App
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-21652 CRITICAL PATCH Act Now

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes Denial Of Service Argo Cd
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-2051 CRITICAL Act Now

CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover and unauthorized access to the system when an attacker conducts brute-force. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-27768 CRITICAL Act Now

Unitronics Unistream Unilogic - Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Unilogic
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-27767 CRITICAL Act Now

CWE-287: Improper Authentication may allow Authentication Bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Unilogic
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-28125 CRITICAL Act Now

FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-2577 CRITICAL Act Now

A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass PHP Employee Task Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-2576 CRITICAL Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Employee Task Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass PHP Employee Task Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-2575 CRITICAL Act Now

A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass PHP Employee Task Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-2574 CRITICAL Act Now

A vulnerability classified as critical was found in SourceCodester Employee Task Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass PHP Employee Task Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-2573 CRITICAL Act Now

A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Information Disclosure Employee Task Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-2572 CRITICAL Act Now

A vulnerability was found in SourceCodester Employee Task Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Information Disclosure Employee Task Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-2571 CRITICAL Act Now

A vulnerability was found in SourceCodester Employee Task Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Information Disclosure Employee Task Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-2570 CRITICAL Act Now

A vulnerability was found in SourceCodester Employee Task Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Information Disclosure Employee Task Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-2569 CRITICAL Act Now

A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Information Disclosure Employee Task Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-27098 CRITICAL PATCH Act Now

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Glpi
NVD GitHub
CVSS 3.1
9.6
EPSS
35.7%
CVE-2024-29151 CRITICAL Act Now

Rocket.Chat.Audit through 5ad78e8 depends on filecachetools, which does not exist in PyPI. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
9.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy