Skip to main content
CVE-2024-21195 HIGH This Week

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Layout Templates). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Oracle Bi Publisher
NVD
CVSS 3.1
7.6
EPSS
0.4%
CVE-2024-21191 HIGH This Week

Vulnerability in the Oracle Enterprise Manager Fusion Middleware Control product of Oracle Fusion Middleware (component: FMW Control Plugin). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Fusion Middleware
NVD
CVSS 3.1
7.6
EPSS
0.4%
CVE-2024-44775 HIGH This Week

kmqtt v0.2.7 is vulnerable to Denial of Service (DoS) due to a Null Pointer Exception. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Request Smuggling Kmqtt
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-45085 HIGH This Week

IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service Websphere Application Server
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-48783 HIGH This Week

An issue in Ruijie NBR3000D-E Gateway allows a remote attacker to obtain sensitive information via the /tool/shell/postgresql.conf component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PostgreSQL Nbr3000D E Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-21274 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Oracle Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-21272 HIGH PATCH This Week

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Python Oracle MySQL
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-21260 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-21259 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-21246 HIGH This Week

Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Functionality). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Service Bus
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-21234 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-21215 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Fusion Middleware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-21190 HIGH This Week

Vulnerability in the Oracle Global Lifecycle Management FMW Installer product of Oracle Fusion Middleware (component: Cloning). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Fusion Middleware
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-5749 HIGH This Week

Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP server credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass HP F9A29A Firmware F9A29B Firmware F9A29C Firmware +12
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2024-49387 HIGH This Week

Cleartext transmission of sensitive information in acep-collector service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Cyber Protect
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-45276 HIGH This Week

An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mbnet Mini Firmware Rex 100 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-45272 HIGH This Week

An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Myrex24 V2 Virtual Server Rex 300 Firmware Rex 200 Firmware Rex 250 Firmware +9
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-9983 HIGH This Week

Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Enterprise Cloud Database
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-46898 HIGH PATCH This Week

SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal Shirasagi
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2024-9820 HIGH This Week

The WP 2FA with Telegram plugin for WordPress is vulnerable to Two-Factor Authentication Bypass in versions up to, and including, 3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Wp 2Fa With Telegram
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-9837 HIGH This Week

The The AADMY - Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.1. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection WordPress RCE
NVD
CVSS 3.1
7.3
EPSS
0.6%
CVE-2024-21285 HIGH This Week

Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Banking Liquidity Management
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2024-21284 HIGH This Week

Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Banking Liquidity Management
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2024-47779 HIGH This Week

Element is a Matrix web client built using the Matrix React SDK. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 4.0
7.0
EPSS
0.4%
CVE-2024-47771 HIGH This Week

Element Desktop is a Matrix client for desktop platforms. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 4.0
7.0
EPSS
0.6%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy