Skip to main content
CVE-2024-3857 HIGH This Week

The JIT created incorrect code for arguments in certain cases. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Mozilla Denial Of Service Memory Corruption Firefox +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-31446 HIGH This Week

OpenComputers is a Minecraft mod that adds programmable computers and robots to the game. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service
NVD GitHub
CVSS 3.1
7.7
EPSS
0.6%
CVE-2024-32086 HIGH This Week

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AitThemes Citadela Listing.18.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-31887 HIGH This Week

IBM Security Verify Privilege 11.6.25 could allow an unauthenticated actor to obtain sensitive information from the SOAP API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Security Verify Privilege On Premises
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-21090 HIGH This Week

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Python Denial Of Service Oracle Mysql Connector Python
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-21088 HIGH This Week

Vulnerability in the Oracle Production Scheduling product of Oracle E-Business Suite (component: Import Utility). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Request Smuggling Oracle E Business Suite
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-21079 HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Campaign LOV). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Marketing
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-21078 HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Campaign LOV). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Marketing
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-21077 HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: GL Accounts LOV). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Oracle Trade Management
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-21076 HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Offer LOV). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Trade Management
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-21075 HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Claim Line LOV). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Trade Management
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-21074 HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Finance LOV). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Trade Management
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-21073 HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Claim LOV). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Oracle Trade Management
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-21007 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-21006 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
7.9%
CVE-2024-3858 HIGH This Week

It was possible to mutate a JavaScript object so that the JIT could crash while tracing it. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Mozilla Firefox
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-3853 HIGH This Week

A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Use After Free Information Disclosure Mozilla Memory Corruption Firefox
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-3852 HIGH This Week

GetBoundName could return the wrong version of an object when JIT optimizations were applied. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Mozilla Firefox Thunderbird
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-1135 HIGH PATCH This Week

Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling (HRS) vulnerabilities. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Request Smuggling
NVD
CVSS 3.0
7.5
EPSS
3.0%
CVE-2024-3067 HIGH PATCH This Week

The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

SQLi Google WordPress Woocommerce Google Feed Manager
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2024-21110 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2024-21083 HIGH This Week

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Script Engine). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Bi Publisher
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2024-21026 HIGH This Week

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2024-30380 HIGH This Week

An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS), which. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 4.0
7.1
EPSS
0.3%
CVE-2024-20989 HIGH This Week

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony POS). Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Denial Of Service Oracle Hospitality Simphony
NVD
CVSS 3.1
7.0
EPSS
0.5%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy