Skip to main content
CVE-2024-5696 HIGH This Week

By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Memory Corruption Firefox Thunderbird +1
NVD
CVSS 3.1
8.6
EPSS
0.8%
CVE-2024-36266 HIGH This Week

A vulnerability has been identified in PowerSys (All versions < V3.11). Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Powersys
NVD
CVSS 4.0
8.5
EPSS
0.2%
CVE-2024-35207 HIGH PATCH This Week

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Sinec Traffic Analyzer
NVD
CVSS 4.0
8.5
EPSS
0.2%
CVE-2024-35206 HIGH PATCH This Week

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Sinec Traffic Analyzer
NVD
CVSS 4.0
8.5
EPSS
0.3%
CVE-2023-7264 HIGH This Week

The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak password reset mechanism in all versions up to, and including, 1.0.22. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE WordPress Build App Online
NVD
CVSS 3.1
8.1
EPSS
1.8%
CVE-2024-4190 HIGH This Week

Stored Cross-Site Scripting (XSS) vulnerabilities have been identified in OpenText ArcSight Logger. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 4.0
8.4
EPSS
0.3%
CVE-2024-37325 HIGH This Week

Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Microsoft Azure Data Science Virtual Machine
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2024-37177 HIGH This Week

SAP Financial Consolidation allows data to enter a Web application through an untrusted source. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS SAP
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-28020 HIGH This Week

A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Foxman Un Unem
NVD
CVSS 3.1
8.0
EPSS
0.4%
CVE-2024-30077 HIGH PATCH This Week

Windows OLE Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
8.0
EPSS
1.8%
CVE-2024-30075 HIGH PATCH This Week

Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows Server 2008
NVD
CVSS 3.1
8.0
EPSS
0.9%
CVE-2024-30074 HIGH PATCH This Week

Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows Server 2008
NVD
CVSS 3.1
8.0
EPSS
1.2%
CVE-2024-30104 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Office Long Term Servicing Channel
NVD VulDB
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-37293 HIGH This Week

The AWS Deployment Framework (ADF) is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Aws Deployment Framework
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-30100 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Sharepoint Server
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2024-30095 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2024-30094 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2024-30091 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.8
EPSS
4.3%
CVE-2024-30089 HIGH PATCH This Week

Microsoft Streaming Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1809 +8
NVD
CVSS 3.1
7.8
EPSS
8.0%
CVE-2024-30087 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +10
NVD
CVSS 3.1
7.8
EPSS
9.5%
CVE-2024-30086 HIGH PATCH This Week

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1507 +12
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2024-30082 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2024-30072 HIGH PATCH This Week

Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 11 22h2 Windows 11 23h2 +1
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2024-30062 HIGH PATCH This Week

Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE Memory Corruption Windows Server 2012 +3
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2024-23110 HIGH This Week

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Fortinet Stack Overflow Fortios
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-37130 HIGH This Week

Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Openmanage Server Administrator
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-30101 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption RCE Microsoft 365 Apps +2
NVD VulDB
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-4727 HIGH This Week

A flaw was found in dogtag-pki and pki-core. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-35252 HIGH PATCH This Week

Azure Storage Movement Client Library Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Azure Storage Data Movement Library
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2024-30083 HIGH PATCH This Week

Windows Standards-Based Storage Management Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Stack Overflow Denial Of Service Microsoft Windows Server 2012 +3
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2024-30070 HIGH PATCH This Week

DHCP Server Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Windows Server 2012 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2024-26010 HIGH This Week

A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Fortinet Stack Overflow Fortios Fortipam +2
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2024-5702 HIGH This Week

Memory corruption in the networking stack could have led to a potentially exploitable crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Buffer Overflow Mozilla Memory Corruption Firefox +1
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2024-5694 HIGH This Week

An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Mozilla Memory Corruption Firefox
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-34688 HIGH PATCH This Week

Due to unrestricted access to the Meta Model Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks on the application, which may prevent legitimate users from accessing it. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service SAP Netweaver Application Server Java
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-28021 HIGH This Week

A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism’s certificate validation. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Foxman Un Unem
NVD
CVSS 3.1
7.4
EPSS
0.3%
CVE-2024-33500 HIGH This Week

A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.11.0), Mendix Applications using Mendix 10 (V10.6) (All versions < V10.6.9), Mendix Applications using. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
CVSS 4.0
7.4
EPSS
0.3%
CVE-2024-35248 HIGH PATCH This Week

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Dynamics 365 Business Central
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2024-30102 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE Memory Corruption 365 Apps
NVD
CVSS 3.1
7.3
EPSS
0.8%
CVE-2024-30093 HIGH PATCH This Week

Windows Storage Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.3
EPSS
1.1%
CVE-2024-35303 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0012), Tecnomatix Plant Simulation V2404 (All versions < V2404.0001). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
7.3
EPSS
0.3%
CVE-2024-35692 HIGH This Week

Missing Authorization vulnerability in Termly Cookie Consent.2. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Gdpr Cookie Consent Banner
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2024-37295 HIGH PATCH This Week

Aimeos is an Open Source e-commerce framework for online shops. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure
NVD GitHub
CVSS 3.1
7.2
EPSS
0.6%
CVE-2024-35254 HIGH PATCH This Week

Azure Monitor Agent Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Microsoft Azure Monitor Agent
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2024-35265 HIGH PATCH This Week

Windows Perception Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +4
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2024-30099 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2024-30090 HIGH PATCH This Week

Microsoft Streaming Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.0
EPSS
2.0%
CVE-2024-30084 HIGH PATCH This Week

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.0
EPSS
5.9%
CVE-2024-5700 HIGH This Week

Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Buffer Overflow Mozilla Firefox Thunderbird
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2024-2461 MEDIUM This Month

If exploited an attacker could traverse the file system to access files or directories that would otherwise be inaccessible. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
6.9
EPSS
0.5%
Prev Page 2 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy