Skip to main content
CVE-2024-39866 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Sinema Remote Connect Server
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2024-39865 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

RCE File Upload Sinema Remote Connect Server
NVD
CVSS 4.0
8.7
EPSS
0.4%
CVE-2024-39675 HIGH This Week

A vulnerability has been identified in RUGGEDCOM RMC30 (All versions < V4.3.10), RUGGEDCOM RMC30NC (All versions < V4.3.10), RUGGEDCOM RP110 (All versions < V4.3.10), RUGGEDCOM RP110NC (All versions. Rated high severity (CVSS 8.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
8.7
EPSS
0.3%
CVE-2024-39571 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Sinema Remote Connect Server
NVD
CVSS 4.0
8.7
EPSS
1.3%
CVE-2024-39570 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Sinema Remote Connect Server
NVD
CVSS 4.0
8.7
EPSS
1.4%
CVE-2024-39697 HIGH PATCH This Week

phonenumber is a library for parsing, formatting and validating international phone numbers. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 3.1
8.6
EPSS
0.7%
CVE-2024-5634 HIGH This Week

Longse model LBH30FE200W cameras, as well as products based on this device, make use of telnet passwords which follow a specific pattern. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
8.6
EPSS
0.2%
CVE-2024-38363 HIGH This Week

Airbyte is a data integration platform for ELT pipelines. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

RCE Ssti Docker
NVD GitHub
CVSS 3.1
8.5
EPSS
0.7%
CVE-2024-39568 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Sinema Remote Connect Client
NVD
CVSS 4.0
8.5
EPSS
0.9%
CVE-2024-39567 HIGH This Week

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Command Injection Sinema Remote Connect Client
NVD
CVSS 4.0
8.5
EPSS
0.9%
CVE-2024-37501 HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PluginsWare Advanced Classifieds & Directory Pro allows Path Traversal.1.3. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal
NVD
CVSS 3.1
8.5
EPSS
0.5%
CVE-2024-39883 HIGH This Week

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Cncsoft G2
NVD
CVSS 4.0
8.4
EPSS
0.7%
CVE-2024-39882 HIGH This Week

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Cncsoft G2
NVD
CVSS 4.0
8.4
EPSS
0.7%
CVE-2024-39881 HIGH This Week

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Cncsoft G2
NVD
CVSS 4.0
8.4
EPSS
0.7%
CVE-2024-39880 HIGH This Week

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cncsoft G2
NVD
CVSS 4.0
8.4
EPSS
0.7%
CVE-2024-37984 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Stack Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.4
EPSS
0.7%
CVE-2024-3410 MEDIUM POC This Month

The DN Footer Contacts WordPress plugin before 1.6.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Footer Contacts Bar
NVD WPScan
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-6606 HIGH This Week

Clipboard code failed to check the index on an array access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Mozilla Firefox Thunderbird
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2024-22271 HIGH PATCH This Week

In Spring Cloud Function framework, versions 4.1.x prior to 4.1.2, 4.0.x prior to 4.0.8 an application is vulnerable to a DOS attack when attempting to compose functions with non-existing functions. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2024-38867 HIGH This Week

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.64), SIPROTEC 5 6MD86. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass
NVD
CVSS 4.0
8.2
EPSS
0.2%
CVE-2024-30321 HIGH This Week

A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 5), SIMATIC WinCC Runtime Professional V19. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
8.2
EPSS
0.5%
CVE-2024-29153 HIGH This Week

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Samsung Denial Of Service Exynos 9820 Firmware Exynos 9825 Firmware Exynos 980 Firmware +13
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-38049 HIGH PATCH This Week

Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
8.1
EPSS
1.6%
CVE-2024-38011 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
8.0
EPSS
1.3%
CVE-2024-38010 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
8.0
EPSS
1.0%
CVE-2024-37989 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
8.0
EPSS
1.0%
CVE-2024-37988 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
8.0
EPSS
1.0%
CVE-2024-37987 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.0
EPSS
1.3%
CVE-2024-37986 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.0
EPSS
1.0%
CVE-2024-37981 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Authentication Bypass Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
8.0
EPSS
1.1%
CVE-2024-37978 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Stack Overflow Windows 11 22h2 Windows 11 23h2 Windows Server 2022 23h2
NVD
CVSS 3.1
8.0
EPSS
0.9%
CVE-2024-37977 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow Windows 11 21H2 Windows 11 22h2 Windows 11 23h2 +2
NVD
CVSS 3.1
8.0
EPSS
1.1%
CVE-2024-37975 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.0
EPSS
1.3%
CVE-2024-37974 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.0
EPSS
1.0%
CVE-2024-37972 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Stack Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.0
EPSS
1.0%
CVE-2024-37971 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Stack Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.0
EPSS
1.4%
CVE-2024-37970 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Stack Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.0
EPSS
1.1%
CVE-2024-37969 HIGH PATCH This Week

Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
8.0
EPSS
1.4%
CVE-2024-39069 HIGH This Week

An issue in ifood Order Manager v3.35.5 'Gestor de Peddios.exe' allows attackers to execute arbitrary code via a DLL hijacking attack. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE
NVD GitHub
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-34726 HIGH This Week

In PVRSRV_MMap of pvr_bridge_k.c, there is a possible arbitrary code execution due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-34723 HIGH PATCH This Week

In onTransact of ParcelableListBinder.java , there is a possible way to steal mAllowlistToken to launch an app from background due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Java Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-34720 HIGH PATCH This Week

In com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly of com_android_internal_os_ZygoteCommandBuffer.cpp, there is a possible method to perform arbitrary code execution in any app. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation RCE Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-31339 HIGH PATCH This Week

In multiple functions of StatsService.cpp, there is a possible memory corruption due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Buffer Overflow Memory Corruption Denial Of Service Privilege Escalation +1
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-31335 HIGH This Week

In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-31334 HIGH This Week

In DevmemIntFreeDefBackingPage of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-31332 HIGH PATCH This Week

In multiple locations, there is a possible way to bypass a restriction on adding new Wi-Fi connections due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-31326 HIGH PATCH This Week

In multiple locations, there is a possible way in which policy migration code will never be executed due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-31325 HIGH PATCH This Week

In multiple locations, there is a possible way to reveal images across users data due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-31323 HIGH PATCH This Week

In onCreate of multiple files, there is a possible way to trick the user into granting health permissions due to tapjacking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation XSS Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-31322 HIGH PATCH This Week

In updateServicesLocked of AccessibilityManagerService.java, there is a possible way for an app to be hidden from the Setting while retaining Accessibility Service due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
Prev Page 4 of 9 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy