Skip to main content
CVE-2024-3293 HIGH Act Now

The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to blind SQL Injection via the rtmedia_gallery shortcode in all versions up to, and including, 4.6.18 due to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 26.6% and no vendor patch available.

SQLi WordPress
NVD
CVSS 3.1
8.8
EPSS
26.6%
CVE-2024-4071 HIGH POC This Week

A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0 and classified as critical.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Furniture Shopping Ecommerce Website
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-4066 HIGH POC This Week

A vulnerability classified as critical has been found in Tenda AC8 16.03.34.09. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-4065 HIGH POC This Week

A vulnerability was found in Tenda AC8 16.03.34.09. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-4064 HIGH POC This Week

A vulnerability was found in Tenda AC8 16.03.34.09. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-33212 HIGH POC This Week

Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter in ip/goform/setcfm. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1206 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-32866 HIGH POC PATCH This Week

Conform, a type-safe form validation library, allows the parsing of nested objects in the form of `object.property`. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution Information Disclosure
NVD GitHub
CVSS 3.1
8.6
EPSS
0.7%
CVE-2024-4070 HIGH POC This Week

A vulnerability has been found in Kashipara Online Furniture Shopping Ecommerce Website 1.0 and classified as critical. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Furniture Shopping Ecommerce Website
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-4069 HIGH POC This Week

A vulnerability, which was classified as critical, was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Furniture Shopping Ecommerce Website
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-33217 HIGH POC This Week

Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter in ip/goform/addressNat. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1206 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-33214 HIGH POC This Week

Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter in ip/goform/RouteStatic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Fh1206 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-28130 HIGH POC This Week

An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Dcmtk Debian Linux
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2024-33211 HIGH POC This Week

Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter in ip/goform/QuickIndex. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1206 Firmware
NVD
CVSS 3.1
7.3
EPSS
0.4%
CVE-2024-31616 HIGH This Week

An issue discovered in RG-RSR10-01G-T(W)-S and RG-RSR10-01G-T(WA)-S routers with firmware version RSR10-01G-T-S_RSR_3.0(1)B9P2, Release(07150910) allows attackers to execute arbitrary code via the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-32258 HIGH This Week

The network server of fceux 2.7.0 has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authentication by fake ROM. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal
NVD GitHub
CVSS 3.1
8.8
EPSS
1.9%
CVE-2024-32661 HIGH PATCH This Week

FreeRDP is a free implementation of the Remote Desktop Protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Freerdp Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2024-32660 HIGH PATCH This Week

FreeRDP is a free implementation of the Remote Desktop Protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Freerdp Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2024-28627 HIGH This Week

An issue in Flipsnack v.18/03/2024 allows a local attacker to obtain sensitive information via the reader.gz.js file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-2493 HIGH This Week

Session Hijacking vulnerability in Hitachi Ops Center Analyzer.0.0-00 before 11.0.1-00. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-31077 HIGH This Week

Forminator prior to 1.29.3 contains a SQL injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Forminator
NVD
CVSS 3.1
7.2
EPSS
30.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy