Skip to main content
CVE-2024-38029 HIGH PATCH This Week

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

RCE SSH Microsoft Windows Server 2022 23h2
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2024-30092 HIGH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-47011 HIGH This Week

Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Ivanti Avalanche
NVD
CVSS 3.1
7.5
EPSS
57.0%
CVE-2024-47008 HIGH This Week

Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Ivanti Avalanche
NVD
CVSS 3.1
7.5
EPSS
46.6%
CVE-2024-47007 HIGH This Week

A NULL pointer dereference in WLAvalancheService.exe of Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Ivanti Denial Of Service Avalanche
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2024-47949 HIGH This Week

In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary location. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Teamcity
NVD
CVSS 3.1
7.5
EPSS
22.9%
CVE-2024-47948 HIGH This Week

In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Teamcity
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-43550 HIGH PATCH This Week

Windows Secure Channel Spoofing Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.4
EPSS
1.1%
CVE-2024-43456 HIGH PATCH This Week

Windows Remote Desktop Services Tampering Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +3
NVD
CVSS 3.1
7.4
EPSS
0.8%
CVE-2024-21532 HIGH This Week

All versions of the package ggit are vulnerable to Command Injection via the fetchTags(branch) API, which allows user input to specify the branch to be fetched and then concatenates this string along. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Node.js Command Injection
NVD GitHub
CVSS 3.1
7.3
EPSS
0.3%
CVE-2024-43571 HIGH PATCH This Week

Sudo for Windows Spoofing Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 11 24h2
NVD
CVSS 3.1
7.3
EPSS
0.6%
CVE-2024-43552 HIGH PATCH This Week

Windows Shell Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE Memory Corruption Windows 11 22h2 +3
NVD
CVSS 3.1
7.3
EPSS
0.7%
CVE-2024-43529 HIGH PATCH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +5
NVD
CVSS 3.1
7.3
EPSS
0.8%
CVE-2024-9005 HIGH This Week

remotely executed on the server when unsafely deserialized data is posted to the web server. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable. No vendor patch available.

Deserialization
NVD
CVSS 4.0
7.3
EPSS
0.3%
CVE-2024-3506 HIGH This Week

A possible buffer overflow in selected cameras' drivers from XProtect Device Pack can allow an attacker with access to internal network to execute commands on Recording Server under strict conditions. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-47046 HIGH This Week

A vulnerability has been identified in Simcenter Femap V2306 (All versions), Simcenter Femap V2401 (All versions), Simcenter Femap V2406 (All versions). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Simcenter Nastran
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-45475 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-45474 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-45473 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-45472 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-45471 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Memory Corruption Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.3%
CVE-2024-45470 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Memory Corruption Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-45469 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Memory Corruption Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.3%
CVE-2024-45468 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-45467 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-45466 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-45465 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-45464 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-45463 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.3%
CVE-2024-41981 HIGH This Week

A vulnerability has been identified in Simcenter Femap V2306 (All versions), Simcenter Femap V2401 (All versions), Simcenter Femap V2406 (All versions). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-41902 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V2406.0003). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Stack Overflow Jt2Go
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-9026 LOW POC Monitor

In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, when using PHP-FPM SAPI and it is configured to catch workers output through catch_workers_output = yes, it may be. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure
NVD GitHub
CVSS 3.1
3.3
EPSS
0.5%
CVE-2024-9381 HIGH This Week

Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Ivanti Endpoint Manager Cloud Services Appliance
NVD
CVSS 3.1
7.2
EPSS
15.7%
CVE-2024-9380 HIGH KEV EUVD KEV THREAT This Week

An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Ivanti Endpoint Manager Cloud Services Appliance
NVD
CVSS 3.1
7.2
EPSS
63.0%
CVE-2024-9379 HIGH KEV THREAT This Week

SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Ivanti Endpoint Manager Cloud Services Appliance
NVD
CVSS 3.1
7.2
EPSS
43.6%
CVE-2024-45330 HIGH This Week

A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.2 through 7.2.5 allows attacker to escalate its privileges via specially crafted requests. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Fortinet Fortianalyzer Fortianalyzer Cloud
NVD
CVSS 3.1
7.2
EPSS
0.6%
CVE-2024-43615 HIGH PATCH This Week

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

RCE SSH Microsoft Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2024-43581 HIGH PATCH This Week

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

RCE SSH Microsoft Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.1
EPSS
1.3%
CVE-2024-43502 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +1
NVD
CVSS 3.1
7.1
EPSS
6.0%
CVE-2024-38097 HIGH PATCH This Week

Azure Monitor Agent Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Microsoft Azure Monitor Agent
NVD
CVSS 3.1
7.1
EPSS
0.6%
CVE-2024-20659 HIGH This Week

Windows Hyper-V Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +7
NVD
CVSS 3.1
7.1
EPSS
0.9%
CVE-2024-43570 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1507 +14
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2024-43553 HIGH PATCH This Week

NT OS Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +11
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2024-43535 HIGH PATCH This Week

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1507 +14
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2024-43522 HIGH PATCH This Week

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Heap Overflow Buffer Overflow Microsoft Windows 11 22h2 Windows 11 23h2
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2024-43511 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2024-7206 HIGH This Week

SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware. Rated high severity (CVSS 7.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 4.0
7.0
EPSS
0.2%
CVE-2024-47563 MEDIUM This Month

A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Sinec Security Monitor
NVD
CVSS 4.0
6.9
EPSS
0.5%
CVE-2024-46887 MEDIUM This Month

The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
6.9
EPSS
0.5%
CVE-2024-43543 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

RCE Open Redirect Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
6.8
EPSS
0.6%
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy