Skip to main content
CVE-2024-32859 HIGH This Week

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Xps 8960 Firmware Xps 8950 Firmware Inspiron 3502 Firmware +20
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2024-32858 HIGH This Week

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Xps 8960 Firmware Xps 8950 Firmware Inspiron 3502 Firmware +20
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2024-34104 HIGH PATCH This Week

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Commerce Webhooks Magento
NVD
CVSS 3.1
8.2
EPSS
0.8%
CVE-2024-32929 HIGH This Week

In gpu_slc_get_region of pixel_gpu_slc.c, there is a possible EoP due to a use after free. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation Use After Free Denial Of Service Memory Corruption Android
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2024-29169 HIGH This Week

Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal audit REST API. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SQLi Dell Secure Connect Gateway
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-34103 HIGH PATCH This Week

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Adobe Privilege Escalation Commerce Commerce Webhooks +1
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2024-0099 HIGH This Week

NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could cause buffer overrun in the host. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Nvidia Denial Of Service
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-0091 HIGH This Week

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Denial Of Service Microsoft Gpu Display Driver +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-0090 HIGH This Week

NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Memory Corruption RCE Information Disclosure +5
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-0089 HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Information Disclosure Nvidia Microsoft Gpu Display Driver +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-0085 HIGH This Week

NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Microsoft Virtual Gpu Cloud Gaming
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-0084 HIGH This Week

NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Nvidia Denial Of Service Virtual Gpu +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-32919 HIGH This Week

In lwis_add_completion_fence of lwis_fence.c, there is a possible escalation of privilege due to type confusion. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-32909 HIGH This Week

In handle_msg of main.cpp, there is a possible out of bounds write due to a heap buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-32908 HIGH This Week

In sec_media_protect of media.c, there is a possible permission bypass due to a race condition. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-32907 HIGH This Week

In memcall_add of memlog.c, there is a possible buffer overflow due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-32906 HIGH This Week

In AcvpOnMessage of avcp.cpp, there is a possible EOP due to uninitialized data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-32903 HIGH This Week

In prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-32901 HIGH This Week

In v4l2_smfc_qbuf of smfc-v4l2-ioctls.c, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-32900 HIGH This Week

In lwis_fence_signal of lwis_debug.c, there is a possible Use after Free due to improper locking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Use After Free Denial Of Service Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-32896 HIGH KEV THREAT This Week

there is a possible way to bypass due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2024-32895 HIGH This Week

In BCMFASTPATH of dhd_msgbuf.c, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-32892 HIGH This Week

In handle_init of goodix/main/main.c, there is a possible memory corruption due to type confusion. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-29787 HIGH This Week

In lwis_process_transactions_in_queue of lwis_transaction.c, there is a possible use after free due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Use After Free Denial Of Service Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-29784 HIGH This Week

In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-36587 HIGH This Week

Insecure permissions in DNSCrypt-proxy v2.0.0alpha9 to v2.1.5 allows non-privileged attackers to escalate privileges to root via overwriting the binary dnscrypt-proxy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-32504 HIGH This Week

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption Exynos 850 Firmware Exynos 1080 Firmware +6
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-31956 HIGH This Week

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption Exynos 2200 Firmware Exynos 1480 Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-34115 HIGH PATCH This Week

Substance3D - Stager versions 2.1.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Substance 3d Stager
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-20753 HIGH This Week

Photoshop Desktop versions 24.7.3, 25.7 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Photoshop
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-2098 HIGH PATCH This Week

The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check on the 'protectMediaLibrary' function in all versions up to, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

WordPress Authentication Bypass Download Manager
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2024-32924 HIGH This Week

In DeregAcceptProcINT of cn_NrmmStateDeregInit.cpp, there is a possible denial of service due to a logic error in the code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-32902 HIGH This Week

Remote prevention of access to cellular service with no user interaction (for example, crashing the cellular radio service with a malformed packet). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Android
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-32894 HIGH This Week

In bc_get_converted_received_bearer of bc_utilities.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-29781 HIGH This Week

In ss_AnalyzeOssReturnResUssdArgIe of ss_OssAsnManagement.c, there is a possible out of bounds read due to improper input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-4696 HIGH This Week

A privilege escalation vulnerability was reported in Lenovo Service Bridge prior to version 5.0.2.17 that could allow operating system commands to be executed if a specially crafted link is visited. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation Command Injection Lenovo
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-36760 HIGH This Week

A stack overflow vulnerability was found in version 1.18.0 of rhai. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-34129 HIGH PATCH This Week

Acrobat Mobile Sign Android versions 24.4.2.33155 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a. Rated high severity (CVSS 7.5).

Path Traversal Adobe Google Acrobat Reader
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-34112 HIGH This Week

ColdFusion versions 2023u7, 2021u13 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Coldfusion
NVD
CVSS 3.1
7.5
EPSS
23.7%
CVE-2024-32922 HIGH This Week

In gpu_pm_power_on_top_nolock of pixel_gpu_power.c, there is a possible compromise of protected memory due to a logic error in the code. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
7.4
EPSS
0.1%
CVE-2024-32921 HIGH This Week

In lwis_initialize_transaction_fences of lwis_fence.c, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
7.4
EPSS
0.1%
CVE-2024-0095 HIGH This Week

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft RCE Information Disclosure Denial Of Service Nvidia +1
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2024-34110 HIGH This Week

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Adobe File Upload Commerce Commerce Webhooks +1
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2024-34109 HIGH This Week

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Adobe Commerce Commerce Webhooks Magento
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2024-34108 HIGH This Week

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Adobe Commerce Commerce Webhooks Magento
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2024-32920 HIGH This Week

In set_secure_reg of sac_handler.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-32917 HIGH This Week

In pl330_dma_from_peri_start() of fp_spi_dma.c, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-37306 HIGH PATCH This Week

Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Computer Vision Annotation Tool
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-34116 HIGH PATCH This Week

Creative Cloud Desktop versions 6.1.0.587 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in a security feature bypass. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Creative Cloud Desktop Application
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2024-32899 HIGH This Week

In gpu_pm_power_off_top_nolock of pixel_gpu_power.c, there is a possible compromise of protected memory due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
Prev Page 2 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy