Skip to main content
CVE-2024-38078 HIGH PATCH This Week

Xbox Wireless Adapter Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Windows 11 21H2 Windows 11 22h2 +1
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-38073 HIGH PATCH This Week

Windows Remote Desktop Licensing Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows Server 2008 +5
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2024-38072 HIGH PATCH This Week

Windows Remote Desktop Licensing Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Microsoft Windows Server 2016 Windows Server 2019 +2
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2024-38071 HIGH PATCH This Week

Windows Remote Desktop Licensing Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft Windows Server 2008 Windows Server 2012 +4
NVD
CVSS 3.1
7.5
EPSS
35.9%
CVE-2024-38068 HIGH PATCH This Week

Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2024-38067 HIGH PATCH This Week

Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +3
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2024-38064 HIGH PATCH This Week

Windows TCP/IP Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2024-38061 HIGH PATCH This Week

DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +10
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2024-38031 HIGH PATCH This Week

Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +3
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2024-38015 HIGH PATCH This Week

Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows Server 2012 Windows Server 2016 Windows Server 2019 +2
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2024-32987 HIGH PATCH This Week

Microsoft SharePoint Server Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Information Disclosure Microsoft Sharepoint Server
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2024-30098 HIGH PATCH This Week

Windows Cryptographic Services Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2024-6604 HIGH This Week

Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Mozilla Firefox Thunderbird
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-39569 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Sinema Remote Connect Client
NVD
CVSS 4.0
7.5
EPSS
1.0%
CVE-2024-38278 HIGH This Week

A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.9.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.9.0), RUGGEDCOM. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
7.5
EPSS
0.3%
CVE-2024-5633 HIGH This Week

Longse model LBH30FE200W cameras, as well as products based on this device, provide an unrestricted access for an attacker located in the same local network to an undocumented binary service CoolView. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass
NVD
CVSS 4.0
7.5
EPSS
0.6%
CVE-2024-6603 HIGH This Week

In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Mozilla Memory Corruption Firefox Thunderbird
NVD
CVSS 3.1
7.4
EPSS
0.5%
CVE-2024-6180 HIGH This Week

The EventON plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'eventon_import_settings' ajax action in all versions up to, and. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Authentication Bypass XSS
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2024-31331 HIGH PATCH This Week

In setMimeGroup of PackageManagerService.java, there is a possible way to hide the service from Settings due to a logic error in the code. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2024-31324 HIGH PATCH This Week

In hide of WindowState.java, there is a possible way to bypass tapjacking/overlay protection by launching the activity in portrait mode first and then rotating it to landscape mode. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation XSS Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2024-6222 HIGH This Week

In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Docker Microsoft Desktop
NVD
CVSS 4.0
7.3
EPSS
0.6%
CVE-2024-38081 HIGH PATCH This Week

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Net Framework Net Visual Studio 2022
NVD
CVSS 3.1
7.3
EPSS
1.3%
CVE-2024-38033 HIGH PATCH This Week

PowerShell Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
7.3
EPSS
1.1%
CVE-2024-30061 HIGH PATCH This Week

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Information Disclosure Microsoft Dynamics 365
NVD
CVSS 3.1
7.3
EPSS
1.4%
CVE-2024-37997 HIGH This Week

A vulnerability has been identified in JT Open (All versions < V11.5), JT2Go (All versions < V2406.0003), PLM XML SDK (All versions < V7.1.0.014), Teamcenter Visualization V14.2 (All versions <. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Stack Overflow
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-33654 HIGH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2406). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Simcenter Femap
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-33653 HIGH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2406). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Simcenter Femap
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-32056 HIGH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2406). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Memory Corruption Simcenter Femap
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-35154 HIGH This Week

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to execute arbitrary code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation RCE IBM Websphere Application Server
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2024-38094 HIGH KEV PATCH THREAT This Week

Microsoft SharePoint Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization RCE Microsoft Sharepoint Server
NVD
CVSS 3.1
7.2
EPSS
47.8%
CVE-2024-38044 HIGH PATCH This Week

DHCP Server Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows Server 2012 Windows Server 2016 Windows Server 2019 Windows Server 2022 +1
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2024-38028 HIGH PATCH This Week

Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure RCE Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2024-38025 HIGH PATCH This Week

Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2024-38024 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization RCE Microsoft Sharepoint Server
NVD
CVSS 3.1
7.2
EPSS
45.2%
CVE-2024-38023 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization RCE Microsoft Sharepoint Server
NVD
CVSS 3.1
7.2
EPSS
52.9%
CVE-2024-38019 HIGH PATCH This Week

Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.2
EPSS
1.8%
CVE-2024-39868 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Sinema Remote Connect Server
NVD
CVSS 4.0
7.2
EPSS
0.4%
CVE-2024-39867 HIGH PATCH This Week

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Sinema Remote Connect Server
NVD
CVSS 4.0
7.2
EPSS
0.4%
CVE-2024-37266 HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Tutor LMS allows Path Traversal.7.1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Tutor Lms
NVD
CVSS 3.1
7.2
EPSS
0.6%
CVE-2024-37486 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Paid Memberships Pro.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Paid Memberships Pro
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2024-37256 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.7.1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Tutor Lms
NVD
CVSS 3.1
7.2
EPSS
0.6%
CVE-2024-6123 HIGH This Week

The Bit Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'iconUpload' function in all versions up to, and including, 2.13.3. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE WordPress File Upload
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2024-28750 HIGH This Week

A remote attacker with high privileges may use a deleting file function to inject OS commands. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2024-28749 HIGH This Week

A remote attacker with high privileges may use a writing file function to inject OS commands. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2024-28748 HIGH This Week

A remote attacker with high privileges may use a reading file function to inject OS commands. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2024-39597 HIGH This Week

In SAP Commerce, a user can misuse the forgotten password functionality to gain access to a Composable Storefront B2B site for which early login and registration is activated, without requiring the. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
7.2
EPSS
0.3%
CVE-2024-5974 HIGH This Week

A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall.9.6. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Watchguard RCE Fireware
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2024-38032 HIGH PATCH This Week

Microsoft Xbox Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 21h2 +4
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2024-30081 HIGH PATCH This Week

Windows NTLM Spoofing Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.1
EPSS
23.8%
CVE-2024-6598 HIGH This Week

A denial-of-service attack is possible through the execution functionality of KNIME Business Hub 1.10.0 and 1.10.1. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Business Hub
NVD
CVSS 4.0
7.1
EPSS
0.5%
Prev Page 6 of 9 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy