Skip to main content
CVE-2024-2389 CRITICAL POC THREAT Emergency

In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Flowmon
NVD GitHub
CVSS 3.1
9.8
EPSS
93.9%
CVE-2024-3209 CRITICAL POC Act Now

A vulnerability was found in UPX up to 4.2.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Upx Fedora
NVD VulDB
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-3207 CRITICAL POC Act Now

A vulnerability was found in ermig1979 Simd up to 6.0.134. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Simd
NVD VulDB
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-3204 CRITICAL POC Act Now

A vulnerability has been found in c-blosc2 up to 2.13.2 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow C Blosc2
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-3203 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in c-blosc2 up to 2.13.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow C Blosc2
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-30621 CRITICAL POC Act Now

Tenda AX1803 v1.0.0.1 contains a stack overflow via the serverName parameter in the function fromAdvSetMacMtuWan. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Memory Corruption Ax1803 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-30620 CRITICAL POC Act Now

Tenda AX1803 v1.0.0.1 contains a stack overflow via the serviceName parameter in the function fromAdvSetMacMtuWan. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Memory Corruption Ax1803 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-31004 CRITICAL POC Act Now

An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4StsdAtom.cpp,AP4_StsdAtom::AP4_StsdAtom,mp4fragment. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE Bento4
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2024-31002 CRITICAL POC Act Now

Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4 BitReader::ReadCache() at Ap4Utils.cpp component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Bento4
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2024-29432 CRITICAL Act Now

Alldata v0.4.6 was discovered to contain a SQL injection vulnerability via the tablename parameter at /data/masterdata/datas. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Alldata
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-27604 CRITICAL Act Now

Alldata V0.4.6 is vulnerable to Command execution vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Alldata
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-29276 CRITICAL Act Now

An issue was discovered in seeyonOA version 8, allows remote attackers to execute arbitrary code via the importProcess method in WorkFlowDesignerController.class component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE
NVD
CVSS 3.1
9.8
EPSS
32.8%
CVE-2024-27602 CRITICAL Act Now

Alldata V0.4.6 is vulnerable to Incorrect Access Control. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Alldata
NVD GitHub
CVSS 3.1
9.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy