Skip to main content
CVE-2024-45291 HIGH POC PATCH This Week

PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF RCE PHP Phpspreadsheet
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-9570 HIGH POC This Week

A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 619l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
3.0%
CVE-2024-9569 HIGH POC This Week

A vulnerability has been found in D-Link DIR-619L B1 2.06 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 619l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.3%
CVE-2024-9568 HIGH POC This Week

A vulnerability, which was classified as critical, was found in D-Link DIR-619L B1 2.06. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 619l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.3%
CVE-2024-9567 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2.06. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 619l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.3%
CVE-2024-9566 HIGH POC This Week

A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 619l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.8%
CVE-2024-9565 HIGH POC This Week

A vulnerability has been found in D-Link DIR-605L 2.13B01 BETA and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.9%
CVE-2024-9564 HIGH POC This Week

A vulnerability, which was classified as critical, was found in D-Link DIR-605L 2.13B01 BETA. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.9%
CVE-2024-9563 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in D-Link DIR-605L 2.13B01 BETA. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.4%
CVE-2024-46278 HIGH POC This Week

Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Teedy
NVD GitHub Exploit-DB
CVSS 3.1
8.4
EPSS
2.6%
CVE-2024-45290 HIGH POC PATCH This Week

PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Phpspreadsheet
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-45293 HIGH POC PATCH This Week

PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure XXE Phpspreadsheet
NVD GitHub
CVSS 3.1
7.5
EPSS
2.9%
CVE-2024-47559 HIGH This Week

Authenticated RCE via Path Traversal. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Freeflow Core
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-47558 HIGH This Week

Authenticated RCE via Path Traversal. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Freeflow Core
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-27458 HIGH This Week

A potential security vulnerability has been identified in the HP Hotkey Support software, which might allow local escalation of privilege. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation HP
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-46041 HIGH This Week

IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-33065 HIGH This Week

Memory corruption while taking snapshot when an offset variable is set by camera driver. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180X Ac Firmware Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180X Af Firmware Snapdragon 8Cx Compute Platform Sc8180Xp Ac Firmware Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180Xp Aa Firmware +41
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2024-47555 HIGH This Week

Missing Authentication - User & System Configuration. Rated high severity (CVSS 8.3), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2024-45051 HIGH This Week

Discourse is an open source platform for community discussion. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Discourse
NVD GitHub
CVSS 3.1
8.2
EPSS
0.4%
CVE-2024-33073 HIGH This Week

Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware +155
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2024-33064 HIGH This Week

Information disclosure while parsing the multiple MBSSID IEs from the beacon. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Qca6574au Firmware Qca6574a Firmware Qca6564au Firmware +2
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2024-44068 HIGH This Week

An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850,and W920. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation Use After Free Samsung Memory Corruption Exynos 9820 Firmware +5
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2024-9576 HIGH This Week

Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user by manipulating the network configuration script. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Workbooth
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-43047 HIGH KEV PATCH THREAT This Week

Memory corruption while maintaining memory maps of HLOS memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Fastconnect 6700 Firmware Fastconnect 6800 Firmware +60
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-38399 HIGH This Week

Memory corruption while processing user packets to generate page faults. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Buffer Overflow Memory Corruption Wsa8835 Firmware Wsa8830 Firmware +38
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-23369 HIGH This Week

Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 888 5G Mobile Platform Sm8350 Ac Firmware Snapdragon 865 5G Mobile Platform Sm8250 Ab Firmware Wsa8845h Firmware Wsa8845 Firmware +114
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21455 HIGH This Week

Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Video Collaboration Vc1 Platform Firmware Wsa8815 Firmware Wsa8810 Firmware Wcn3980 Firmware +16
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-20092 HIGH This Week

In vdec, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-47335 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bit Apps Bit Form bit-form allows SQL Injection.13.11. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi
NVD VulDB
CVSS 3.1
7.6
EPSS
0.5%
CVE-2024-38397 HIGH This Week

Transient DOS while parsing probe response and assoc response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 8 Gen 2 Mobile Platform Firmware Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware +111
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33071 HIGH This Week

Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mdm9628 Firmware Qca6564a Firmware Qca6564au Firmware Qca6574a Firmware +1
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33070 HIGH This Week

Transient DOS while parsing ESP IE from beacon/probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qca6574au Firmware Qca6574a Firmware Qca6564au Firmware Qca6564a Firmware +1
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33069 HIGH This Week

Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Wsa8835 Firmware Wsa8830 Firmware +42
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-33049 HIGH This Week

Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon W5 Gen 1 Wearable Platform Firmware Wsa8835 Firmware Wsa8830 Firmware Wsa8810 Firmware +127
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-20094 HIGH This Week

In Modem, there is a possible system crash due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Nr15
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-47975 HIGH This Week

Improper access control validation in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access or an attacker with local access to potentially. Rated high severity (CVSS 7.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service
NVD
CVSS 3.1
7.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy