Skip to main content
CVE-2024-46649 HIGH POC This Week

eNMS up to 4.7.1 is vulnerable to Directory Traversal via download/folder. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Enms
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2024-46648 HIGH POC This Week

eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via scan_folder. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Enms
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2024-46645 HIGH POC This Week

eNMS 4.0.0 is vulnerable to Directory Traversal via get_tree_files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Enms
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2024-45810 HIGH POC This Week

Envoy is a cloud-native high-performance edge/middle/service proxy. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Envoy
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-47061 HIGH PATCH This Week

Plate is a javascript toolkit that makes it easier for you to develop with Slate, a popular framework for building text editors. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Information Disclosure
NVD GitHub
CVSS 3.1
8.3
EPSS
0.5%
CVE-2024-41721 HIGH This Week

An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the heap, which could potentially lead to an arbitrary write and remote code execution. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure RCE
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2024-47000 HIGH PATCH This Week

Zitadel is an open source identity management platform. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Authentication Bypass Zitadel
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-45809 HIGH This Week

Envoy is a cloud-native high-performance edge/middle/service proxy. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Envoy
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-45807 HIGH This Week

Envoy is a cloud-native high-performance edge/middle/service proxy. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Envoy
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy