Skip to main content
CVE-2024-32061 HIGH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2406). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Ps Iges Parasolid Translator Simcenter Femap
NVD
CVSS 4.0
7.3
EPSS
0.4%
CVE-2024-32060 HIGH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2406). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Ps Iges Parasolid Translator Simcenter Femap
NVD
CVSS 4.0
7.3
EPSS
0.4%
CVE-2024-32059 HIGH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2406). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Ps Iges Parasolid Translator Simcenter Femap
NVD
CVSS 4.0
7.3
EPSS
0.4%
CVE-2024-32058 HIGH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2406). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Ps Iges Parasolid Translator Simcenter Femap
NVD
CVSS 4.0
7.3
EPSS
0.4%
CVE-2024-32057 HIGH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2406). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Memory Corruption Ps Iges Parasolid Translator Simcenter Femap
NVD
CVSS 4.0
7.3
EPSS
0.4%
CVE-2024-32055 HIGH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2406). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Ps Iges Parasolid Translator Simcenter Femap
NVD
CVSS 4.0
7.3
EPSS
0.3%
CVE-2024-31484 HIGH This Week

A vulnerability has been identified in CPC80 Central Processing/Communication (All versions < V16.41), CPCI85 Central Processing/Communication (All versions < V5.30), CPCX26 Central. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service
NVD
CVSS 4.0
7.3
EPSS
0.5%
CVE-2024-31954 HIGH This Week

An issue was discovered in the installer in Samsung Portable SSD for T5 1.6.10 on Windows. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE Samsung Microsoft
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2024-28279 HIGH This Week

Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via book.php?bookisbn=. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Computer Book Store
NVD GitHub
CVSS 3.1
7.3
EPSS
0.3%
CVE-2023-45583 HIGH This Week

A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Fortinet Fortiproxy Fortiswitchmanager Fortios +1
NVD VulDB
CVSS 3.1
7.2
EPSS
0.2%
CVE-2024-2637 HIGH This Week

An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial. Rated high severity (CVSS 7.2). No vendor patch available.

Information Disclosure Microsoft
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2024-30044 HIGH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization RCE Microsoft Sharepoint Server
NVD
CVSS 3.1
7.2
EPSS
84.0%
CVE-2024-27945 HIGH This Week

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Ruggedcom Crossbow
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2024-27944 HIGH This Week

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Ruggedcom Crossbow
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2024-27943 HIGH This Week

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Ruggedcom Crossbow
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2024-4423 HIGH This Week

The access control in CemiPark software does not properly validate user-entered data, which allows the authentication bypass. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SQLi
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2024-33250 HIGH This Week

An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4.0.195(Leo) allows a remote attacker to execute arbitrary code via a crafted request. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF RCE
NVD GitHub
CVSS 3.1
7.2
EPSS
0.7%
CVE-2024-34431 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP-etracker WP etracker allows Reflected XSS.0.2. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2024-4747 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Propovoice Propovoice CRM allows Stored XSS.7.6.2. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-34818 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress.33.17. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-27825 HIGH This Week

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Intel Authentication Bypass macOS
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2024-33495 HIGH This Week

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service
NVD
CVSS 4.0
7.1
EPSS
0.6%
CVE-2024-27401 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: firewire: nosy: ensure user_length is taken into account when fetching packet contents Ensure that packet_buffer_get respects the. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Buffer Overflow Linux Linux Kernel Debian Linux Fedora
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2024-23576 HIGH This Week

Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Denial Of Service Hcl Commerce
NVD
CVSS 3.1
7.1
EPSS
0.5%
CVE-2024-27397 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction,. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2024-30033 HIGH This Week

Windows Search Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +1
NVD
CVSS 3.1
7.0
EPSS
1.0%
CVE-2024-28134 HIGH This Week

An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Charx Sec 3000 Firmware Charx Sec 3050 Firmware Charx Sec 3100 Firmware Charx Sec 3150 Firmware
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2024-3460 HIGH This Week

In KioWare for Windows (versions all through 8.34) it is possible to exit this software and use other already opened applications utilizing a short time window before the forced automatic logout. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Kioware
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2024-4041 MEDIUM This Month

The Yoast SEO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 22.5 due to insufficient input sanitization and output escaping. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress
NVD
CVSS 3.1
6.1
EPSS
4.3%
CVE-2024-33498 MEDIUM This Month

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service
NVD
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-33494 MEDIUM This Month

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
6.9
EPSS
0.3%
CVE-2024-4144 MEDIUM This Month

The Simple Basic Contact Form plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 20240502. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress RCE Code Injection
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2024-30021 MEDIUM This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
6.8
EPSS
0.8%
CVE-2024-30012 MEDIUM This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
6.8
EPSS
0.9%
CVE-2024-30005 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
6.8
EPSS
0.9%
CVE-2024-30004 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
6.8
EPSS
0.9%
CVE-2024-30003 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
6.8
EPSS
0.9%
CVE-2024-30002 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
6.8
EPSS
0.9%
CVE-2024-30001 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
6.8
EPSS
0.9%
CVE-2024-30000 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
6.8
EPSS
0.9%
CVE-2024-29999 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
6.8
EPSS
0.9%
CVE-2024-29998 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
6.8
EPSS
0.9%
CVE-2024-29997 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
6.8
EPSS
0.9%
CVE-2024-27108 MEDIUM This Month

Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2024-4871 MEDIUM This Month

A vulnerability was found in Satellite. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2024-4231 MEDIUM This Month

This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
6.8
EPSS
0.6%
CVE-2024-32874 MEDIUM PATCH This Month

Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service
NVD GitHub
CVSS 3.1
6.8
EPSS
0.8%
CVE-2024-27269 MEDIUM This Month

IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Qradar Security Information And Event Manager
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2024-4039 MEDIUM This Month

The The Orders Tracking for WooCommerce plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.10. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection WordPress
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2023-36640 MEDIUM This Month

A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Fortinet Fortiproxy Fortipam Fortios
NVD VulDB
CVSS 3.1
6.7
EPSS
0.1%
Prev Page 9 of 15 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy