Skip to main content
CVE-2024-1305 CRITICAL Act Now

tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming write operations which an attacker can use to overflow memory buffers, resulting in a bug check and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Tap Windows6
NVD
CVSS 3.1
9.8
EPSS
15.4%
CVE-2024-39677 CRITICAL PATCH Act Now

NHibernate is an object-relational mapper for the .NET framework. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Nhibernate Core
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-39742 CRITICAL Act Now

IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to bypass authentication under certain configurations due to a partial string comparison vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Authentication Bypass Mq Operator
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-27903 CRITICAL Act Now

OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Openvpn
NVD
CVSS 3.1
9.8
EPSS
8.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy