Skip to main content
CVE-2024-30867 CRITICAL POC Act Now

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_virtual_site_info.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-30858 CRITICAL POC Act Now

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_fire_wall.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection PHP RCE SQLi Ns Asg Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-30865 CRITICAL POC Act Now

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_user_login.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-30868 CRITICAL POC Act Now

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/add_getlogin.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection PHP RCE SQLi Ns Asg Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-30862 HIGH POC This Week

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/index.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-30860 HIGH POC This Week

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/export_excel_user.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-30859 HIGH POC This Week

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/config_ISCGroupSSLCert.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-30871 HIGH POC This Week

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /WebPages/applyhardware.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-30870 HIGH POC This Week

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/address_interpret.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-28232 HIGH POC PATCH This Week

Go package IceWhaleTech/CasaOS-UserService provides user management functionalities to CasaOS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Casaos Userservice
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-3135 MEDIUM POC This Month

A Cross-Site Request Forgery (CSRF) vulnerability exists in the mudler/localai application, allowing attackers to craft malicious webpages that, when visited by a victim, perform unauthorized actions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Localai
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2024-3131 MEDIUM POC This Month

A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Computer Laboratory Management System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-3129 MEDIUM POC This Month

A vulnerability was found in SourceCodester Image Accordion Gallery App 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Image Accordion Gallery App
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.7%
CVE-2024-30863 MEDIUM POC This Month

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /WebPages/history.php. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
6.3
EPSS
0.4%
CVE-2024-30864 MEDIUM POC This Month

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/config_ISCGroupTimePolicy.php. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
6.3
EPSS
0.3%
CVE-2024-2278 MEDIUM POC This Month

Themify WordPress plugin before 1.4.4 does not sanitise and escape some of its Filters settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Woocommerce Product Filter
NVD WPScan
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-1863 CRITICAL Act Now

Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi RCE Sante Pacs Server
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2024-29433 CRITICAL Act Now

A deserialization vulnerability in the FASTJSON component of Alldata v0.4.6 allows attackers to execute arbitrary commands via supplying crafted data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Alldata
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-25574 CRITICAL Act Now

SQL injection vulnerability exists in GetDIAE_usListParameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
8.8%
CVE-2024-21473 CRITICAL Act Now

Memory corruption while redirecting log file to any file location with any file name. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Fastconnect 6900 Firmware +123
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-21463 CRITICAL Act Now

Memory corruption while processing Codec2 during v13k decoder pitch synthesis. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +101
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-3140 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in SourceCodester Computer Laboratory Management System 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Computer Laboratory Management System
NVD VulDB GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2024-3139 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Computer Laboratory Management System
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2024-30866 MEDIUM POC This Month

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/menu.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-30861 MEDIUM POC This Month

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/configguide/ipsec_guide_1.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-1526 MEDIUM POC This Month

The Hubbub Lite WordPress plugin before 1.33.1 does not ensure that user have access to password protected post before displaying its content in a meta tag. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Information Disclosure Social Pug
NVD WPScan
CVSS 3.1
5.3
EPSS
0.5%
CVE-2024-30872 MEDIUM POC This Month

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /include/authrp.php. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
5.1
EPSS
0.3%
CVE-2024-23119 HIGH PATCH This Week

Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

SQLi RCE Centreon Web
NVD
CVSS 3.0
8.8
EPSS
1.4%
CVE-2024-1179 HIGH This Week

TP-Link Omada ER605 DHCPv6 Client Options Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow TP-Link RCE Omada Er605 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2024-0637 HIGH PATCH This Week

Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

SQLi RCE Centreon Web
NVD
CVSS 3.0
8.8
EPSS
72.3%
CVE-2024-31099 HIGH This Week

Missing Authorization vulnerability in Averta Shortcodes and extra features for Phlox theme auxin-elements.15.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Shortcodes And Extra Features For Phlox Theme
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-2263 MEDIUM POC This Month

Themify WordPress plugin before 1.4.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Woocommerce Product Filter
NVD WPScan
CVSS 3.1
4.8
EPSS
0.4%
CVE-2024-20040 HIGH This Week

In wlan firmware, there is a possible out of bounds write due to improper input validation. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Yocto Rdk B +3
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-20039 HIGH This Week

In modem protocol, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Lr12a Lr13 +3
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2024-2262 MEDIUM POC This Month

Themify WordPress plugin before 1.4.4 does not have CSRF check in its bulk action, which could allow attackers to make logged in users delete arbitrary filters via CSRF attack, granted they know the. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Woocommerce Product Filter
NVD WPScan
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-20053 HIGH This Week

In flashc, there is a possible out of bounds write due to an uncaught exception. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Yocto Rdk B +2
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2024-27327 HIGH This Week

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Pdf Tools Pdf Xchange Editor
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-21472 HIGH PATCH This Week

Memory corruption in Kernel while handling GPU operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Fastconnect 6900 Firmware Fastconnect 7800 Firmware +37
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21470 HIGH This Week

Memory corruption while allocating memory for graphics. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +29
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21468 HIGH PATCH This Week

Memory corruption when there is failed unmap operation in GPU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +223
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-26653 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: usb: misc: ljca: Fix double free in error handling path When auxiliary_device_add() returns error and then calls. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-27323 HIGH This Week

PDF-XChange Editor Updater Improper Certificate Validation Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

RCE Pdf Tools Pdf Xchange Editor
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-21454 HIGH This Week

Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure C V2x 9150 Firmware Auto 5G Modem Rf Firmware Auto 4G Modem Firmware
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-21453 HIGH This Week

Transient DOS while decoding message of size that exceeds the available system memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure C V2x 9150 Firmware Qcs410 Firmware Qcs610 Firmware Video Collaboration Vc1 Platform Firmware +9
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-21452 HIGH This Week

Transient DOS while decoding an ASN.1 OER message containing a SEQUENCE of unknown extensions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure C V2x 9150 Firmware Qca6584au Firmware Qca6698aq Firmware Snapdragon Auto 5g Modem Rf Firmware +2
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-23118 HIGH PATCH This Week

Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

SQLi RCE Centreon Web
NVD
CVSS 3.0
7.2
EPSS
53.4%
CVE-2024-23117 HIGH PATCH This Week

Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

SQLi RCE Centreon Web
NVD
CVSS 3.0
7.2
EPSS
53.4%
CVE-2024-23116 HIGH PATCH This Week

Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

SQLi RCE Centreon Web
NVD
CVSS 3.0
7.2
EPSS
53.4%
CVE-2024-23115 HIGH PATCH This Week

Centreon updateGroups SQL Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

SQLi RCE Centreon Web
NVD
CVSS 3.1
7.2
EPSS
67.5%
CVE-2024-26654 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard->timer could schedule the spu_dma_work and the. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel +1
NVD
CVSS 3.1
7.0
EPSS
0.3%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy