Skip to main content
CVE-2024-2855 CRITICAL POC Act Now

A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.05.19/15.03.20. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-2854 CRITICAL POC Act Now

A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac18 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
3.9%
CVE-2024-2853 CRITICAL POC Act Now

A vulnerability was found in Tenda AC10U 15.03.06.48/15.03.06.49. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac10U Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
4.0%
CVE-2024-2852 CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-2851 CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
4.0%
CVE-2024-2850 CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.05.18 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-29194 HIGH POC PATCH This Week

OneUptime is a solution for monitoring and managing online services. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Oneuptime
NVD GitHub
CVSS 3.1
8.3
EPSS
0.7%
CVE-2024-2856 CRITICAL Act Now

A vulnerability, which was classified as critical, has been found in Tenda AC10 16.03.10.13/16.03.10.20. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-29188 HIGH PATCH This Week

WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft
NVD GitHub
CVSS 3.1
7.9
EPSS
0.2%
CVE-2024-30156 HIGH This Week

Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaustion for an HTTP/2 connection control flow window, aka a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service
NVD
CVSS 3.1
7.5
EPSS
3.7%
CVE-2024-29187 HIGH PATCH This Week

WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft
NVD GitHub
CVSS 3.1
7.3
EPSS
0.5%
CVE-2024-30161 MEDIUM PATCH This Month

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly (wasm). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Qt
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-29034 MEDIUM PATCH This Month

CarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Carrierwave
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy