Skip to main content
CVE-2024-39202 HIGH POC This Week

D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE) vulnerability via the dhcpd_startip parameter at /goform/set_lan_settings. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823X Ax3000 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-39701 HIGH POC PATCH This Week

Directus is a real-time API and App dashboard for managing SQL database content. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Directus
NVD GitHub
CVSS 3.1
7.7
EPSS
0.4%
CVE-2024-6227 HIGH POC This Week

A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause an infinite loop by configuring the remote tracking server to point at itself. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Aim
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-31504 HIGH POC This Week

Buffer Overflow vulnerability in SILA Embedded Solutions GmbH freemodbus v.2018-09-12 allows a remtoe attacker to cause a denial of service via the LINUXTCP server component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Freemodbus
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-25639 HIGH POC PATCH This Week

Khoj is an application that creates personal AI agents. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

XSS Khoj
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-37999 HIGH This Week

A vulnerability has been identified in Medicalis Workflow Orchestrator (All versions). Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Medicalis Workflow Orchestrator
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2024-27459 HIGH This Week

The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Openvpn
NVD
CVSS 3.1
7.8
EPSS
8.3%
CVE-2024-38330 HIGH This Week

IBM System Management for i 7.2, 7.3, and 7.4 could allow a local user to gain elevated privileges due to an unqualified library program call. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-5971 HIGH PATCH This Week

A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Denial Of Service
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2024-23562 HIGH This Week

A security vulnerability in HCL Domino could allow disclosure of sensitive configuration information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Domino
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-39743 HIGH This Week

IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 IBM MQ Container Developer Edition is vulnerable to denial of service caused by incorrect memory de-allocation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service Mq Operator
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-24974 HIGH This Week

The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Openvpn
NVD
CVSS 3.1
7.5
EPSS
9.8%
CVE-2024-21778 HIGH This Week

A heap-based buffer overflow vulnerability exists in the configuration file mib_init_value_array functionality of Realtek rtl819x Jungle SDK v3.4.11. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Rtl819X Jungle Software Development Kit Wbr 6013 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2024-6409 HIGH This Week

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE SSH
NVD GitHub
CVSS 3.1
7.0
EPSS
27.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy