Skip to main content
CVE-2024-27730 CRITICAL POC PATCH Act Now

Insecure Permissions vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information and execute arbitrary code via the cid parameter of the calendar event feature. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass RCE Friendica
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-42978 CRITICAL POC Act Now

An issue in the handler function in /goform/telnet of Tenda FH1206 v02.03.01.35 allows attackers to execute arbitrary commands via a crafted HTTP request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Fh1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-42967 CRITICAL POC Act Now

Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Lr350 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-42966 CRITICAL POC Act Now

Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass N350Rt Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-42947 CRITICAL POC Act Now

An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows attackers to execute arbitrary commands via a crafted HTTP request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Fh1201 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-42843 CRITICAL POC Act Now

Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Examination System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-43366 CRITICAL POC Act Now

zkvyper is a Vyper compiler. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Zkvyper
NVD GitHub
CVSS 3.1
9.1
EPSS
0.5%
CVE-2024-42681 HIGH POC PATCH This Week

Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation RCE Xxl Job
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2024-42676 HIGH POC This Week

File Upload vulnerability in Huizhi enterprise resource management system v.1.0 and before allows a remote attacker to execute arbitrary code via the /nssys/common/Upload. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Enterprise Resource Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2024-7832 HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware Dnr 202L Firmware Dns 315L Firmware +17
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
2.1%
CVE-2024-7831 HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware Dnr 202L Firmware Dns 315L Firmware +17
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.8%
CVE-2024-7830 HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware Dnr 202L Firmware Dns 315L Firmware +17
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.8%
CVE-2024-7829 HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware Dnr 202L Firmware Dns 315L Firmware +17
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.8%
CVE-2024-7828 HIGH POC THREAT This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware Dnr 202L Firmware Dns 315L Firmware +17
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
16.2%
CVE-2024-43373 HIGH POC PATCH This Week

webcrack is a tool for reverse engineering javascript. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Node.js Path Traversal RCE Microsoft Webcrack
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-42679 HIGH POC This Week

SQL Injection vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the/ajax/Login.ashx component. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

SQLi RCE Super Easy Enterprise Management System
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-42987 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack-based buffer overflow vulnerability in the fromPptpUserAdd function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption RCE Tenda Denial Of Service +1
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2024-42986 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42985 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromNatlimit function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42984 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42983 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the pptpPPW parameter in the fromAdvSetWan function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42982 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42981 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42980 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42979 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ProtForm function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42977 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the qos parameter in the fromqossetting function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42976 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeClientFilter function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42974 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromwebExcptypemanFilter function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42973 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSetlpBind function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42969 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeUrlFilter function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42968 HIGH POC This Week

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the Go parameter in the fromSafeUrlFilter function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1206 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42955 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromSafeClientFilter function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42954 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromwebExcptypemanFilter function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42953 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPW parameter in the fromWizardHandle function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42952 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromqossetting function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42951 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the mit_pptpusrpw parameter in the fromWizardHandle function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42950 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the Go parameter in the fromSafeClientFilter function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42949 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the qos parameter in the fromqossetting function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-42948 HIGH POC THREAT This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
10.7%
CVE-2024-42946 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-42945 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromAddressNat function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-42944 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromNatlimit function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-42943 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-42942 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-42941 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the wanmode parameter in the fromAdvSetWan function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-42940 HIGH POC This Week

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Denial Of Service Memory Corruption Fh1201 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-7843 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Online Graduate Tracer System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
1.0%
CVE-2024-7842 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in SourceCodester Online Graduate Tracer System 1.0.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Online Graduate Tracer System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
1.0%
CVE-2024-7839 MEDIUM POC This Month

A vulnerability classified as critical has been found in itsourcecode Billing System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Billing System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-7838 MEDIUM POC This Month

A vulnerability was found in itsourcecode Online Food Ordering System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Food Ordering System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy