Skip to main content
CVE-2024-30965 HIGH POC PATCH This Week

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Dedecms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-29514 HIGH POC This Week

File Upload vulnerability in lepton v.7.1.0 allows a remote authenticated attackers to execute arbitrary code via uploading a crafted PHP file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload Leptoncms
NVD GitHub
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-31003 HIGH POC This Week

Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial at Ap4ByteStream.cpp. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE Buffer Overflow Bento4
NVD GitHub
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-25187 HIGH POC This Week

Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated attackers to obtain sensitive information via getweather.html. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF 71Cms
NVD GitHub
CVSS 3.1
8.6
EPSS
0.7%
CVE-2024-31005 HIGH POC This Week

An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4MdhdAtom.cpp,AP4_MdhdAtom::AP4_MdhdAtom,mp4fragment. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Code Injection RCE Bento4
NVD GitHub
CVSS 3.1
8.1
EPSS
1.2%
CVE-2024-30809 HIGH POC This Week

An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Bento4
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-30807 HIGH POC This Week

An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Bento4
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-29074 HIGH This Week

in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through improper input. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Openharmony
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-22098 HIGH This Week

in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free RCE Denial Of Service Memory Corruption Openharmony
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-3148 HIGH This Week

A vulnerability, which was classified as critical, has been found in DedeCMS 5.7.112.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Dedecms
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-29434 HIGH This Week

An issue in the system image upload interface of Alldata v0.4.6 allows attackers to execute a directory traversal when uploading a file. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Alldata
NVD GitHub
CVSS 3.1
8.3
EPSS
0.7%
CVE-2024-30371 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30367 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30365 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30362 HIGH This Week

Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30361 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30360 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30359 HIGH This Week

Foxit PDF Reader AcroForm 3D Out-Of-Bounds Read Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.7%
CVE-2024-30358 HIGH This Week

Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30357 HIGH This Week

Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30355 HIGH This Week

Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30354 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30353 HIGH This Week

Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30352 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30351 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30349 HIGH This Week

Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.7%
CVE-2024-30348 HIGH This Week

Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30346 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30345 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30344 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30343 HIGH This Week

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30342 HIGH This Week

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30341 HIGH This Week

Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2024-30339 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30338 HIGH This Week

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30337 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30336 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-28951 HIGH This Week

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free RCE Denial Of Service Memory Corruption Openharmony
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-26666 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix RCU use in TDLS fast-xmit This looks up the link under RCU protection, but isn't guaranteed to actually have. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-24581 HIGH This Week

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution through out-of-bounds write. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Openharmony
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-20849 HIGH This Week

Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-20848 HIGH This Week

Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-20846 HIGH This Week

Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-20845 HIGH This Week

Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-20844 HIGH This Week

Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-30248 HIGH PATCH This Week

Piccolo Admin is an admin interface/content management system for Python, built on top of Piccolo. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable. No vendor patch available.

XSS Python
NVD GitHub
CVSS 3.1
7.7
EPSS
0.5%
CVE-2024-27605 HIGH This Week

Alldata V0.4.6 is vulnerable to Insecure Permissions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Alldata
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-28226 HIGH This Week

in OpenHarmony v4.0.0 and prior versions allow a remote attacker cause DOS through improper input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Openharmony
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-22246 HIGH This Week

VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

RCE Command Injection VMware
NVD
CVSS 3.1
7.4
EPSS
0.4%
CVE-2024-22092 HIGH This Week

in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Openharmony
NVD
CVSS 3.1
7.4
EPSS
0.4%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy