Skip to main content
CVE-2024-26304 CRITICAL POC THREAT Act Now

There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Aruba RCE
NVD
CVSS 3.1
9.8
EPSS
44.0%
CVE-2024-33775 CRITICAL POC Act Now

An issue with the Autodiscover component in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted Dashlet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Nagios Xi
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2024-33835 CRITICAL POC Act Now

Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Memory Corruption Ac18 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-33768 CRITICAL POC Act Now

lunasvg v2.3.9 was discovered to contain a segmentation violation via the component composition_solid_source_over. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lunasvg
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-32018 CRITICAL POC Act Now

RIOT is a real-time multi-threading operating system that supports a range of devices that are typically 8-bit, 16-bit and 32-bit microcontrollers. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Riot
NVD GitHub
CVSS 3.1
9.0
EPSS
1.5%
CVE-2024-32017 CRITICAL POC Act Now

RIOT is a real-time multi-threading operating system that supports a range of devices that are typically 8-bit, 16-bit and 32-bit microcontrollers. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Riot
NVD GitHub
CVSS 3.1
9.0
EPSS
1.5%
CVE-2024-31225 CRITICAL POC Act Now

RIOT is a real-time multi-threading operating system that supports a range of devices that are typically 8-bit, 16-bit and 32-bit microcontrollers. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Riot
NVD GitHub
CVSS 3.1
9.0
EPSS
1.2%
CVE-2024-33078 CRITICAL Act Now

Tencent Libpag v4.3 is vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Libpag
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-23480 CRITICAL Act Now

A fallback mechanism in code sign checking on macOS may allow arbitrary code execution.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Jwt Attack RCE Client Connector
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-33512 CRITICAL Act Now

There is a buffer overflow vulnerability in the underlying Local User Authentication Database service that could lead to unauthenticated remote code execution by sending specially crafted packets. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Aruba RCE
NVD
CVSS 3.1
9.8
EPSS
14.6%
CVE-2024-33511 CRITICAL Act Now

There is a buffer overflow vulnerability in the underlying Automatic Reporting service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Aruba RCE
NVD
CVSS 3.1
9.8
EPSS
14.6%
CVE-2024-26305 CRITICAL Act Now

There is a buffer overflow vulnerability in the underlying Utility daemon that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Aruba RCE
NVD
CVSS 3.1
9.8
EPSS
15.2%
CVE-2024-27053 CRITICAL PATCH Act Now

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2024-4142 CRITICAL Act Now

An Improper input validation vulnerability that could potentially lead to privilege escalation was discovered in JFrog Artifactory. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation
NVD
CVSS 3.1
9.0
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy