Skip to main content
CVE-2024-32924 HIGH This Week

In DeregAcceptProcINT of cn_NrmmStateDeregInit.cpp, there is a possible denial of service due to a logic error in the code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-32902 HIGH This Week

Remote prevention of access to cellular service with no user interaction (for example, crashing the cellular radio service with a malformed packet). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Android
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-32894 HIGH This Week

In bc_get_converted_received_bearer of bc_utilities.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-29781 HIGH This Week

In ss_AnalyzeOssReturnResUssdArgIe of ss_OssAsnManagement.c, there is a possible out of bounds read due to improper input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-4696 HIGH This Week

A privilege escalation vulnerability was reported in Lenovo Service Bridge prior to version 5.0.2.17 that could allow operating system commands to be executed if a specially crafted link is visited. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation Command Injection Lenovo
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-36760 HIGH This Week

A stack overflow vulnerability was found in version 1.18.0 of rhai. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-34129 HIGH PATCH This Week

Acrobat Mobile Sign Android versions 24.4.2.33155 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a. Rated high severity (CVSS 7.5).

Path Traversal Adobe Google Acrobat Reader
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-34112 HIGH This Week

ColdFusion versions 2023u7, 2021u13 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Coldfusion
NVD
CVSS 3.1
7.5
EPSS
23.7%
CVE-2024-32922 HIGH This Week

In gpu_pm_power_on_top_nolock of pixel_gpu_power.c, there is a possible compromise of protected memory due to a logic error in the code. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
7.4
EPSS
0.1%
CVE-2024-32921 HIGH This Week

In lwis_initialize_transaction_fences of lwis_fence.c, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
7.4
EPSS
0.1%
CVE-2024-0095 HIGH This Week

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft RCE Information Disclosure Denial Of Service Nvidia +1
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2024-34110 HIGH This Week

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Adobe File Upload Commerce Commerce Webhooks +1
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2024-34109 HIGH This Week

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Adobe Commerce Commerce Webhooks Magento
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2024-34108 HIGH This Week

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Adobe Commerce Commerce Webhooks Magento
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2024-32920 HIGH This Week

In set_secure_reg of sac_handler.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-32917 HIGH This Week

In pl330_dma_from_peri_start() of fp_spi_dma.c, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-37306 HIGH PATCH This Week

Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Computer Vision Annotation Tool
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-34116 HIGH PATCH This Week

Creative Cloud Desktop versions 6.1.0.587 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in a security feature bypass. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Creative Cloud Desktop Application
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2024-32899 HIGH This Week

In gpu_pm_power_off_top_nolock of pixel_gpu_power.c, there is a possible compromise of protected memory due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-32891 HIGH This Week

In sec_media_unprotect of media.c, there is a possible memory corruption due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Buffer Overflow Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-38285 HIGH This Week

Logs storing credentials are insufficiently protected and can be decoded through the use of open source tools. Rated high severity (CVSS 7.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
7.0
EPSS
0.2%
CVE-2024-38280 HIGH This Week

An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text. Rated high severity (CVSS 7.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Vigilant Fixed Lpr Coms Box Firmware
NVD
CVSS 4.0
7.0
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy