Skip to main content
CVE-2024-1800 HIGH POC THREAT Act Now

In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization RCE Telerik Report Server
NVD GitHub
CVSS 3.1
8.8
EPSS
40.4%
CVE-2024-2690 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Online Discussion Forum Site
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-2649 CRITICAL POC Act Now

A vulnerability has been found in Netentsec NS-ASG Application Security Gateway 6.3 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Application Security Gateway
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-2387 MEDIUM This Month

The Advanced Form Integration - Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms plugin for WordPress is vulnerable to SQL Injection via the ‘integration_id’ parameter in. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 36.6% and no vendor patch available.

SQLi Google WordPress
NVD VulDB
CVSS 3.1
6.1
EPSS
36.6%
CVE-2024-29026 CRITICAL POC PATCH Act Now

Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Owncast
NVD GitHub
CVSS 3.1
9.1
EPSS
0.4%
CVE-2024-2711 HIGH POC This Week

A vulnerability was found in Tenda AC10U 15.03.06.48. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-2710 HIGH POC This Week

A vulnerability was found in Tenda AC10U 15.03.06.49. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-2709 HIGH POC This Week

A vulnerability was found in Tenda AC10U 15.03.06.49. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-2708 HIGH POC This Week

A vulnerability was found in Tenda AC10U 15.03.06.49 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-2707 HIGH POC This Week

A vulnerability has been found in Tenda AC10U 15.03.06.49 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
4.6%
CVE-2024-2706 HIGH POC This Week

A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.49. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.7%
CVE-2024-2705 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in Tenda AC10U 1.0/15.03.06.49. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-2704 HIGH POC This Week

A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-2703 HIGH POC This Week

A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-0856 HIGH POC This Week

The Appointment Booking Calendar WordPress plugin before 1.3.83 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Appointment Booking Calendar
NVD WPScan
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-28582 HIGH POC This Week

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the rgbe_RGBEToFloat() function when reading images in HDR format. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Freeimage
NVD GitHub
CVSS 3.1
8.4
EPSS
0.4%
CVE-2024-28581 HIGH POC This Week

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the _assignPixel<>() function when reading images in TARGA format. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Freeimage
NVD GitHub
CVSS 3.1
8.4
EPSS
0.4%
CVE-2024-28580 HIGH POC This Week

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the ReadData() function when reading images in RAS format. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Freeimage
NVD GitHub
CVSS 3.1
8.4
EPSS
0.4%
CVE-2024-28578 HIGH POC This Week

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Load() function when reading images in RAS format. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure RCE Freeimage
NVD GitHub
CVSS 3.1
8.4
EPSS
0.4%
CVE-2024-28566 HIGH POC This Week

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the AssignPixel() function when reading images in TIFF format. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow RCE Freeimage
NVD GitHub
CVSS 3.1
8.4
EPSS
0.4%
CVE-2024-28735 HIGH POC This Week

Unit4 Financials by Coda versions prior to 2023Q4 suffer from an incorrect access control authorization bypass vulnerability which allows an authenticated user to modify the password of any user of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Financials By Coda
NVD VulDB
CVSS 3.1
8.1
EPSS
0.7%
CVE-2024-29032 HIGH POC PATCH This Week

Qiskit IBM Runtime is an environment that streamlines quantum computations and provides optimal implementations of the Qiskit quantum computing SDK. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Deserialization RCE IBM Qiskit Ibm Runtime
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-28583 HIGH POC This Week

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the readLine() function when reading images in XPM format. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Freeimage
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-28569 HIGH POC This Week

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Imf_2_2::Xdr::read() function when reading images in EXR format. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Freeimage
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-28231 HIGH POC PATCH This Week

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Heap Overflow Buffer Overflow Fast Dds
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2024-1983 HIGH POC This Week

The Simple Ajax Chat WordPress plugin before 20240223 does not prevent visitors from using malicious Names when using the chat, which will be reflected unsanitized to other users. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Information Disclosure Simple Ajax Chat
NVD WPScan
CVSS 3.1
7.1
EPSS
0.5%
CVE-2024-28562 MEDIUM POC This Month

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Imf_2_2::copyIntoFrameBuffer() component when reading images in EXR. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Freeimage
NVD GitHub
CVSS 3.1
6.8
EPSS
0.5%
CVE-2024-2714 MEDIUM POC This Month

A vulnerability has been found in Campcodes Complete Online DJ Booking System 1.0 and classified as critical. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Complete Online Dj Booking System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-2687 MEDIUM POC This Month

A vulnerability was found in Campcodes Online Job Finder System 1.0 and classified as critical.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Job Finder System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-2678 MEDIUM POC This Month

A vulnerability was found in Campcodes Online Job Finder System 1.0 and classified as critical. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Job Finder System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-2677 MEDIUM POC This Month

A vulnerability has been found in Campcodes Online Job Finder System 1.0 and classified as critical. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Job Finder System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-2676 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in Campcodes Online Job Finder System 1.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Job Finder System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-2675 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in Campcodes Online Job Finder System 1.0.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Job Finder System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-2674 MEDIUM POC This Month

A vulnerability classified as critical was found in Campcodes Online Job Finder System 1.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Job Finder System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-2673 MEDIUM POC This Month

A vulnerability classified as critical has been found in Campcodes Online Job Finder System 1.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Job Finder System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-2672 MEDIUM POC This Month

A vulnerability was found in Campcodes Online Job Finder System 1.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Job Finder System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-2671 MEDIUM POC This Month

A vulnerability was found in Campcodes Online Job Finder System 1.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Job Finder System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-2670 MEDIUM POC This Month

A vulnerability was found in Campcodes Online Job Finder System 1.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Job Finder System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-2669 MEDIUM POC This Month

A vulnerability was found in Campcodes Online Job Finder System 1.0 and classified as critical.php of the component GET Parameter Handler. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Job Finder System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-2668 MEDIUM POC This Month

A vulnerability has been found in Campcodes Online Job Finder System 1.0 and classified as critical. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Job Finder System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-28579 MEDIUM POC This Month

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_Unload() function when reading images in HDR. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service Freeimage
NVD GitHub
CVSS 3.1
6.2
EPSS
0.3%
CVE-2024-28575 MEDIUM POC This Month

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the opj_j2k_read_mct() function when reading images in J2K. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Denial Of Service Freeimage
NVD GitHub
CVSS 3.1
6.2
EPSS
0.3%
CVE-2024-28574 MEDIUM POC This Month

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the opj_j2k_copy_default_tcp_and_create_tcd() function when. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Denial Of Service Freeimage
NVD GitHub
CVSS 3.1
6.2
EPSS
0.3%
CVE-2024-28573 MEDIUM POC This Month

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the jpeg_read_exif_profile() function when reading images in. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Denial Of Service Freeimage
NVD GitHub
CVSS 3.1
6.2
EPSS
0.3%
CVE-2024-28572 MEDIUM POC This Month

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_SetTagValue() function when reading images in JPEG. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service Freeimage
NVD GitHub
CVSS 3.1
6.2
EPSS
0.3%
CVE-2024-28568 MEDIUM POC This Month

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the read_iptc_profile() function when reading images in TIFF. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Denial Of Service Freeimage
NVD GitHub
CVSS 3.1
6.2
EPSS
0.3%
CVE-2024-28567 MEDIUM POC This Month

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_CreateICCProfile() function when reading images in. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Denial Of Service Freeimage
NVD GitHub
CVSS 3.1
6.2
EPSS
0.3%
CVE-2024-28564 MEDIUM POC This Month

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the Imf_2_2::CharPtrIO::readChars() function when reading images. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Freeimage
NVD GitHub
CVSS 3.1
6.2
EPSS
0.5%
CVE-2024-2720 MEDIUM POC This Month

A vulnerability classified as problematic was found in Campcodes Complete Online DJ Booking System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Complete Online Dj Booking System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2024-2719 MEDIUM POC This Month

A vulnerability classified as problematic has been found in Campcodes Complete Online DJ Booking System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Complete Online Dj Booking System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy