Skip to main content
CVE-2024-46446 CRITICAL POC Act Now

Mecha CMS 3.0.0 is vulnerable to Directory Traversal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Mecha
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2024-45874 CRITICAL Act Now

A DLL hijacking vulnerability in VegaBird Vooki 5.2.9 allows attackers to execute arbitrary code / maintain persistence via placing a crafted DLL file in the same directory as Vooki.exe. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-45873 CRITICAL Act Now

A DLL hijacking vulnerability in VegaBird Yaazhini 2.0.2 allows attackers to execute arbitrary code / maintain persistence via placing a crafted DLL file in the same directory as Yaazhini.exe. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-47557 CRITICAL Act Now

Pre-Auth RCE via Path Traversal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Freeflow Core
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-47556 CRITICAL Act Now

Pre-Auth RCE via Path Traversal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Freeflow Core
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-46076 CRITICAL Act Now

RuoYi v4.7.9 and before has a security flaw that allows escaping from comments within the code generation feature, enabling the injection of malicious code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Ruoyi
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-33066 CRITICAL Act Now

Memory corruption while redirecting log file to any file location with any file name. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon X65 5g Modem Rf System Firmware Sdx65m Firmware Sdx55 Firmware Qxm8083 Firmware +67
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-20103 CRITICAL Act Now

In wlan firmware, there is a possible out of bounds write due to improper input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Software Development Kit Android
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-20101 CRITICAL Act Now

In wlan driver, there is a possible out of bounds write due to improper input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Software Development Kit Android
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-20100 CRITICAL Act Now

In wlan driver, there is a possible out of bounds write due to improper input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Iot Yocto Software Development Kit +1
NVD
CVSS 3.1
9.8
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy