Skip to main content
CVE-2024-35271 HIGH PATCH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2024-35256 HIGH PATCH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-30013 HIGH PATCH This Week

Windows MultiPoint Services Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-28928 HIGH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-28899 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Stack Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2024-21449 HIGH PATCH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-21428 HIGH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Sql Server 2016 Sql Server 2017 Sql Server 2019 +1
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-21425 HIGH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-21415 HIGH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-21414 HIGH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2024-21398 HIGH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2024-21373 HIGH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-21335 HIGH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-21333 HIGH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-21332 HIGH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-21331 HIGH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-21317 HIGH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-21308 HIGH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-21303 HIGH PATCH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-20701 HIGH PATCH This Week

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +2
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-27783 HIGH This Week

Multiple cross-site request forgery (CSRF) weaknesses [CWE-352] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an unauthenticated remote attacker to perform arbitrary actions on behalf of an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Fortinet CSRF Fortiaiops
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-23663 HIGH This Week

An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Fortinet Fortiextender Firmware
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-6615 HIGH This Week

Memory safety bugs present in Firefox 127 and Thunderbird 127. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Mozilla Memory Corruption Firefox +1
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-6609 HIGH This Week

When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla Firefox Thunderbird
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-6605 HIGH This Week

Firefox Android allowed immediate interaction with permission prompts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Mozilla Firefox
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-37952 HIGH This Week

Improper Privilege Management vulnerability in themeenergy BookYourTravel allows Privilege Escalation.18.17. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Book Your Travel
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-37513 HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themewinter WPCafe allows Path Traversal.2.27. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Wpcafe
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-37484 HIGH This Week

Improper Privilege Management vulnerability in Dylan James Zephyr Project Manager allows Privilege Escalation.3.97. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Zephyr Project Manager
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-37462 HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows Path Traversal.4.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Ultimate Bootstrap Elements For Elementor
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-37455 HIGH This Week

Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Elementor allows Privilege Escalation.36.31. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Ultimate Addons For Elementor
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-37454 HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AWSM Innovations AWSM Team allows Path Traversal.3.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Awsm Team
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-37419 HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Codeless Cowidgets - Elementor Addons allows Path Traversal.1.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Cowidgets
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-37268 HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in kaptinlin Striking allows Path Traversal.3.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Striking
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-37090 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Masterstudy Elementor Widgets, StylemixThemes Consulting Elementor Widgets.2.2;. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Consulting Elementor Widgets Masterstudy Elementor Widgets
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-37494 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in KaineLabs Youzify.2.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Youzify
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-37225 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zoho Marketing Automation.2.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Zoho Marketing Automation
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-22062 HIGH This Week

There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate non-administrator permissions to administrator permissions by modifying the configuration. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Zxcloud Irai
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-39888 HIGH This Week

A vulnerability has been identified in Mendix Encryption (All versions >= V10.0.0 < V10.0.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2024-39874 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Sinema Remote Connect Server
NVD
CVSS 4.0
8.7
EPSS
0.4%
CVE-2024-39873 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Sinema Remote Connect Server
NVD
CVSS 4.0
8.7
EPSS
0.4%
CVE-2024-39866 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Sinema Remote Connect Server
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2024-39865 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

RCE File Upload Sinema Remote Connect Server
NVD
CVSS 4.0
8.7
EPSS
0.4%
CVE-2024-39675 HIGH This Week

A vulnerability has been identified in RUGGEDCOM RMC30 (All versions < V4.3.10), RUGGEDCOM RMC30NC (All versions < V4.3.10), RUGGEDCOM RP110 (All versions < V4.3.10), RUGGEDCOM RP110NC (All versions. Rated high severity (CVSS 8.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
8.7
EPSS
0.3%
CVE-2024-39571 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Sinema Remote Connect Server
NVD
CVSS 4.0
8.7
EPSS
1.3%
CVE-2024-39570 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Sinema Remote Connect Server
NVD
CVSS 4.0
8.7
EPSS
1.4%
CVE-2024-39697 HIGH PATCH This Week

phonenumber is a library for parsing, formatting and validating international phone numbers. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 3.1
8.6
EPSS
0.7%
CVE-2024-5634 HIGH This Week

Longse model LBH30FE200W cameras, as well as products based on this device, make use of telnet passwords which follow a specific pattern. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
8.6
EPSS
0.2%
CVE-2024-38363 HIGH This Week

Airbyte is a data integration platform for ELT pipelines. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

RCE Ssti Docker
NVD GitHub
CVSS 3.1
8.5
EPSS
0.7%
CVE-2024-39568 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Sinema Remote Connect Client
NVD
CVSS 4.0
8.5
EPSS
0.9%
CVE-2024-39567 HIGH This Week

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Command Injection Sinema Remote Connect Client
NVD
CVSS 4.0
8.5
EPSS
0.9%
Prev Page 2 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy