Skip to main content
CVE-2024-42360 CRITICAL PATCH Act Now

SequenceServer lets you rapidly set up a BLAST+ server with an intuitive user interface for personal or group use. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Sequenceserver
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-7732 CRITICAL Act Now

Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Dr Id Attendance System
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-7731 CRITICAL Act Now

Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Dr Id Access Control
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-20083 CRITICAL Act Now

In venc, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-20082 CRITICAL Act Now

In Modem, there is a possible memory corruption due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Nr15 Nr16 Nr17
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2024-24986 CRITICAL Act Now

Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of. Rated critical severity (CVSS 9.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Intel Linux Ethernet 800 Series Controllers Driver
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2024-23981 CRITICAL Act Now

Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of. Rated critical severity (CVSS 9.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Linux Ethernet 800 Series Controllers Driver
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2024-23497 CRITICAL Act Now

Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of. Rated critical severity (CVSS 9.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Intel Linux Privilege Escalation +1
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2024-21810 CRITICAL Act Now

Improper input validation in the Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable. Rated critical severity (CVSS 9.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Linux
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2024-21807 CRITICAL Act Now

Improper initialization in the Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable. Rated critical severity (CVSS 9.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Linux
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2024-38652 CRITICAL Act Now

Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Ivanti Denial Of Service Avalanche
NVD
CVSS 3.1
9.1
EPSS
7.6%
CVE-2024-39397 CRITICAL Act Now

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Adobe File Upload Commerce Magento
NVD
CVSS 3.1
9.0
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy