Skip to main content
CVE-2024-30030 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Windows Server 2008
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-30028 HIGH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-30027 HIGH This Week

NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +10
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-30025 HIGH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.8
EPSS
4.3%
CVE-2024-30018 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2024-29996 HIGH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2024-29994 HIGH This Week

Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-26238 HIGH This Week

Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 21h2 Windows 10 22h2
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2024-34773 HIGH This Week

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Solid Edge Se2024
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-34772 HIGH This Week

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 4). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge Se2024
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-34771 HIGH This Week

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Solid Edge Se2024
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-34086 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V2312.0001), Teamcenter Visualization V14.1 (All versions < V14.1.0.13), Teamcenter Visualization V14.2 (All versions < V14.2.0.10),. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-34085 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V2312.0001), Teamcenter Visualization V14.1 (All versions < V14.1.0.13), Teamcenter Visualization V14.2 (All versions < V14.2.0.10),. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-33493 HIGH This Week

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge Se2024
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-33492 HIGH This Week

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge Se2024
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-33491 HIGH This Week

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge Se2024
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-33490 HIGH This Week

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge Se2024
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-33489 HIGH This Week

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Solid Edge Se2024
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-32639 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0011). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-31980 HIGH This Week

A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.256), Parasolid V36.0 (All versions < V36.0.210), Parasolid V36.1 (All versions < V36.1.185). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Parasolid
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-28137 HIGH This Week

A local attacker with low privileges can perform a privilege escalation with an init script due to a TOCTOU vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Charx Sec 3000 Firmware Charx Sec 3050 Firmware Charx Sec 3100 Firmware Charx Sec 3150 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-28136 HIGH This Week

A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation using the OCPP Remote service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Charx Sec 3000 Firmware Charx Sec 3050 Firmware Charx Sec 3100 Firmware Charx Sec 3150 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2024-28133 HIGH This Week

A local low privileged attacker can use an untrusted search path in a CHARX system utility to gain root privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Charx Sec 3000 Firmware Charx Sec 3050 Firmware Charx Sec 3100 Firmware Charx Sec 3150 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-1598 HIGH This Week

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before 4.1.0.567. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Buffer Overflow Stack Overflow Securecore Technology
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-4712 HIGH This Week

An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Command Injection Microsoft Papercut Mf Papercut Ng
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-4044 HIGH This Week

A deserialization of untrusted data vulnerability exists in common code used by FlexLogger and InstrumentStudio that may result in remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Deserialization RCE
NVD
CVSS 3.1
7.8
EPSS
14.7%
CVE-2024-3459 HIGH This Week

KioWare for Windows (versions all through 8.34) allows to escape the environment by downloading PDF files, which then by default are opened in an external PDF viewer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Kioware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-3037 HIGH This Week

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Papercut Mf Papercut Ng
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-35205 HIGH This Week

The WPS Office (aka cn.wps.moffice_eng) application before 17.0.0 for Android fails to properly sanitize file names before processing them through external application interactions, leading to a form. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Google Microsoft
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2024-34218 LOW POC THREAT Monitor

TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Cp450 Firmware
NVD GitHub
CVSS 3.1
3.8
EPSS
17.6%
CVE-2024-34203 LOW POC Monitor

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Cp450 Firmware
NVD GitHub
CVSS 3.1
3.8
EPSS
0.6%
CVE-2024-29513 HIGH This Week

An issue in briscKernelDriver.sys in BlueRiSC WindowsSCOPE Cyber Forensics before 3.3 allows a local attacker to execute arbitrary code within the driver and create a local denial-of-service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection RCE
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-27398 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Fedora +2
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2024-22774 HIGH This Week

An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-2662 HIGH PATCH This Week

The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to command injection in all versions up to, and including, 1.5.102. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

WordPress Command Injection Unlimited Elements For Elementor Elementor
NVD
CVSS 3.1
7.2
EPSS
2.9%
CVE-2024-1630 HIGH This Week

Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal
NVD
CVSS 3.1
7.7
EPSS
0.3%
CVE-2024-4545 HIGH This Week

All versions of EnterpriseDB Postgres Advanced Server (EPAS) from 15.0 prior to 15.7.0 and from 16.0 prior to 16.3.0 may allow users using edbldr to bypass role permissions from pg_read_server_files. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation PostgreSQL
NVD
CVSS 3.1
7.7
EPSS
0.5%
CVE-2024-34559 HIGH This Week

Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.4.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-27109 HIGH This Week

Insufficiently protected credentials in GE HealthCare EchoPAC products. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.6
EPSS
0.3%
CVE-2024-34714 HIGH This Week

The Hoppscotch Browser Extension is a browser extension for Hoppscotch, a community-driven end-to-end open-source API development ecosystem. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Google Mozilla
NVD GitHub
CVSS 3.1
7.6
EPSS
0.3%
CVE-2024-32742 HIGH This Week

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Simatic Cn 4100 Firmware
NVD
CVSS 3.1
7.6
EPSS
0.4%
CVE-2024-1913 HIGH This Week

An attacker who successfully exploited these vulnerabilities could cause the robot to stop, make the robot controller inaccessible, or execute arbitrary code. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Robotware
NVD
CVSS 3.1
7.6
EPSS
0.7%
CVE-2024-32712 HIGH This Week

Missing Authorization vulnerability in Podlove Podlove Podcast Publisher.0.14. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Podlove Podcast Publisher
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-32724 HIGH This Week

Missing Authorization vulnerability in Woo product importer Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy.1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-31482 HIGH This Week

An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Arubaos Instantos
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-31481 HIGH This Week

Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Denial Of Service Arubaos Instantos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-31480 HIGH This Week

Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Denial Of Service Arubaos Instantos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-31479 HIGH This Week

Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Denial Of Service Arubaos Instantos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-31478 HIGH This Week

Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Arubaos Instantos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-3676 HIGH This Week

The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains an Improper Input Validation vulnerability that allows an unauthenticated remote attacker with a specially crafted HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.4%
Prev Page 7 of 15 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy