Skip to main content
CVE-2024-10081 CRITICAL POC PATCH THREAT Act Now

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Codechecker
NVD GitHub
CVSS 3.1
10.0
EPSS
39.0%
CVE-2024-10915 CRITICAL POC THREAT Act Now

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 320 Firmware Dns 320Lw Firmware Dns 325 Firmware +1
NVD VulDB
CVSS 4.0
9.2
EPSS
79.1%
CVE-2024-10914 CRITICAL POC THREAT Act Now

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 320 Firmware Dns 320Lw Firmware Dns 325 Firmware +1
NVD VulDB
CVSS 4.0
9.2
EPSS
97.4%
CVE-2024-9307 CRITICAL Act Now

The mFolio Lite plugin for WordPress is vulnerable to file uploads due to a missing capability check in all versions up to, and including, 1.2.1. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload WordPress RCE Mfolio
NVD
CVSS 3.1
9.9
EPSS
7.8%
CVE-2024-20418 CRITICAL Act Now

A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points could allow an unauthenticated,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Command Injection
NVD
CVSS 3.1
10.0
EPSS
3.1%
CVE-2024-51736 CRITICAL PATCH Act Now

Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Command Injection Microsoft Symfony
NVD GitHub
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-8615 CRITICAL Act Now

The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jobsearch_location_load_excel_file_callback() function in all. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE WordPress File Upload Jobsearch Wp Job Board
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-51757 CRITICAL PATCH Act Now

happy-dom is a JavaScript implementation of a web browser without its graphical user interface. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD GitHub
CVSS 4.0
9.3
EPSS
0.7%
CVE-2024-10082 CRITICAL PATCH Act Now

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Codechecker
NVD GitHub
CVSS 3.1
9.0
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy