Skip to main content
CVE-2024-30098 HIGH PATCH This Week

Windows Cryptographic Services Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2024-6604 HIGH This Week

Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Mozilla Firefox Thunderbird
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-39569 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Sinema Remote Connect Client
NVD
CVSS 4.0
7.5
EPSS
1.0%
CVE-2024-38278 HIGH This Week

A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.9.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.9.0), RUGGEDCOM. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
7.5
EPSS
0.3%
CVE-2024-5633 HIGH This Week

Longse model LBH30FE200W cameras, as well as products based on this device, provide an unrestricted access for an attacker located in the same local network to an undocumented binary service CoolView. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass
NVD
CVSS 4.0
7.5
EPSS
0.6%
CVE-2024-6603 HIGH This Week

In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Mozilla Memory Corruption Firefox Thunderbird
NVD
CVSS 3.1
7.4
EPSS
0.5%
CVE-2024-6180 HIGH This Week

The EventON plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'eventon_import_settings' ajax action in all versions up to, and. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Authentication Bypass XSS
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2024-31331 HIGH PATCH This Week

In setMimeGroup of PackageManagerService.java, there is a possible way to hide the service from Settings due to a logic error in the code. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2024-31324 HIGH PATCH This Week

In hide of WindowState.java, there is a possible way to bypass tapjacking/overlay protection by launching the activity in portrait mode first and then rotating it to landscape mode. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation XSS Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2024-6222 HIGH This Week

In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Docker Microsoft Desktop
NVD
CVSS 4.0
7.3
EPSS
0.6%
CVE-2024-38081 HIGH PATCH This Week

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Net Framework Net Visual Studio 2022
NVD
CVSS 3.1
7.3
EPSS
1.3%
CVE-2024-38033 HIGH PATCH This Week

PowerShell Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
7.3
EPSS
1.1%
CVE-2024-30061 HIGH PATCH This Week

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Information Disclosure Microsoft Dynamics 365
NVD
CVSS 3.1
7.3
EPSS
1.4%
CVE-2024-37997 HIGH This Week

A vulnerability has been identified in JT Open (All versions < V11.5), JT2Go (All versions < V2406.0003), PLM XML SDK (All versions < V7.1.0.014), Teamcenter Visualization V14.2 (All versions <. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Stack Overflow
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-33654 HIGH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2406). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Simcenter Femap
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-33653 HIGH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2406). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Simcenter Femap
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-32056 HIGH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2406). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Memory Corruption Simcenter Femap
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-35154 HIGH This Week

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to execute arbitrary code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation RCE IBM Websphere Application Server
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2024-38094 HIGH KEV PATCH THREAT This Week

Microsoft SharePoint Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization RCE Microsoft Sharepoint Server
NVD
CVSS 3.1
7.2
EPSS
47.8%
CVE-2024-38044 HIGH PATCH This Week

DHCP Server Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows Server 2012 Windows Server 2016 Windows Server 2019 Windows Server 2022 +1
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2024-38028 HIGH PATCH This Week

Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure RCE Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2024-38025 HIGH PATCH This Week

Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2024-38024 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization RCE Microsoft Sharepoint Server
NVD
CVSS 3.1
7.2
EPSS
45.2%
CVE-2024-38023 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization RCE Microsoft Sharepoint Server
NVD
CVSS 3.1
7.2
EPSS
52.9%
CVE-2024-38019 HIGH PATCH This Week

Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.2
EPSS
1.8%
CVE-2024-39868 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Sinema Remote Connect Server
NVD
CVSS 4.0
7.2
EPSS
0.4%
CVE-2024-39867 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Sinema Remote Connect Server
NVD
CVSS 4.0
7.2
EPSS
0.4%
CVE-2024-37266 HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Tutor LMS allows Path Traversal.7.1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Tutor Lms
NVD
CVSS 3.1
7.2
EPSS
0.6%
CVE-2024-37486 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Paid Memberships Pro.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Paid Memberships Pro
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2024-37256 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.7.1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Tutor Lms
NVD
CVSS 3.1
7.2
EPSS
0.6%
CVE-2024-6123 HIGH This Week

The Bit Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'iconUpload' function in all versions up to, and including, 2.13.3. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE WordPress File Upload
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2024-28750 HIGH This Week

A remote attacker with high privileges may use a deleting file function to inject OS commands. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2024-28749 HIGH This Week

A remote attacker with high privileges may use a writing file function to inject OS commands. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2024-28748 HIGH This Week

A remote attacker with high privileges may use a reading file function to inject OS commands. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2024-39597 HIGH This Week

In SAP Commerce, a user can misuse the forgotten password functionality to gain access to a Composable Storefront B2B site for which early login and registration is activated, without requiring the. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
7.2
EPSS
0.3%
CVE-2024-5974 HIGH This Week

A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall.9.6. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Watchguard RCE Fireware
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2024-38032 HIGH PATCH This Week

Microsoft Xbox Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 21h2 +4
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2024-30081 HIGH PATCH This Week

Windows NTLM Spoofing Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.1
EPSS
23.8%
CVE-2024-6598 HIGH This Week

A denial-of-service attack is possible through the execution functionality of KNIME Business Hub 1.10.0 and 1.10.1. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Business Hub
NVD
CVSS 4.0
7.1
EPSS
0.5%
CVE-2024-39870 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Sinema Remote Connect Server
NVD
CVSS 4.0
7.1
EPSS
0.2%
CVE-2024-39869 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Sinema Remote Connect Server
NVD
CVSS 4.0
7.1
EPSS
0.3%
CVE-2024-39487 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() In function bond_option_arp_ip_targets_set(), if newval->string. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-34725 HIGH This Week

In DevmemIntUnexportCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation RCE Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-34724 HIGH This Week

In _UnrefAndMaybeDestroy of pmr.c, there is a possible arbitrary code execution due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation RCE Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-31327 HIGH PATCH This Week

In multiple functions of MessageQueueBase.h, there is a possible out of bounds write due to a race condition. Rated high severity (CVSS 7.0).

Privilege Escalation Buffer Overflow Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-34123 HIGH This Week

Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Premiere Pro
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2024-38069 HIGH PATCH This Week

Windows Enroll Engine Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.0).

Authentication Bypass Jwt Attack Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2024-38022 HIGH PATCH This Week

Windows Image Acquisition Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.0
EPSS
0.6%
Prev Page 5 of 5

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy