Skip to main content
CVE-2024-49007 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-49006 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-49005 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-49004 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-49003 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-49002 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-49001 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-49000 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-48999 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-48998 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-48997 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-48996 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-48995 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-48994 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-48993 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-43635 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-43628 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-43627 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-43624 HIGH PATCH This Week

Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +7
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-43622 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-43621 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-43620 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-43462 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-43459 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-38255 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-21976 HIGH This Week

Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

RCE
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-9420 HIGH This Week

A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Use After Free RCE Ivanti Memory Corruption Connect Secure +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-50329 HIGH This Week

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Ivanti Endpoint Manager
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2024-42442 HIGH This Week

APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Aptio V
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-9835 MEDIUM POC This Month

The RSS Feed Widget WordPress plugin before 3.0.1 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Rss Feed Widget
NVD WPScan
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-11097 MEDIUM POC This Month

A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Student Record Management System
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.3%
CVE-2024-47590 HIGH This Week

An unauthenticated attacker can create a malicious link which they can make publicly available. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF RCE
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-51093 HIGH This Week

Stored Cross-Site Scripting (XSS) vulnerability in Snipe-IT - v7.0.13 allows an attacker to upload a malicious XML file containing JavaScript code. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation XSS Snipe It
NVD
CVSS 3.1
8.7
EPSS
0.4%
CVE-2024-52301 HIGH PATCH This Week

Laravel is a web application framework. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Information Disclosure Framework Debian Linux
NVD GitHub
CVSS 4.0
8.7
EPSS
38.0%
CVE-2024-50310 HIGH PATCH This Week

A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < V4.0.50). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Simatic Cp 1543 1 Firmware
NVD
CVSS 4.0
8.7
EPSS
0.5%
CVE-2024-52010 HIGH PATCH This Week

Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
CVSS 4.0
8.6
EPSS
1.4%
CVE-2024-10923 HIGH This Week

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ ALM Octane Management allows Stored XSS. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE XSS
NVD
CVSS 4.0
8.6
EPSS
0.3%
CVE-2024-50572 HIGH PATCH This Week

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity.

Code Injection Siemens Ruggedcom Rm1224 Lte 4G Eu Firmware Ruggedcom Rm1224 Lte 4G Nam Firmware Scalance M804Pb Firmware +23
NVD
CVSS 4.0
8.6
EPSS
0.6%
CVE-2024-50557 HIGH PATCH This Week

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity.

RCE Siemens Ruggedcom Rm1224 Lte 4G Eu Firmware Ruggedcom Rm1224 Lte 4G Nam Firmware Scalance M804Pb Firmware +23
NVD
CVSS 4.0
8.6
EPSS
0.9%
CVE-2024-47783 HIGH This Week

A vulnerability has been identified in SIPORT (All versions < V3.4.0). Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Siport
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2024-29119 HIGH This Week

A vulnerability has been identified in Spectrum Power 7 (All versions < V24Q3). Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Spectrum Power 7
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2024-8534 HIGH This Week

Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Citrix Denial Of Service Netscaler Application Delivery Controller Netscaler Gateway
NVD
CVSS 4.0
8.4
EPSS
0.6%
CVE-2024-11114 HIGH This Week

Inappropriate implementation in Views in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Google Microsoft Chrome
NVD
CVSS 3.1
8.3
EPSS
0.3%
CVE-2024-11111 MEDIUM POC This Month

Inappropriate implementation in Autofill in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Google Chrome
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-47808 HIGH PATCH This Week

A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Sinec Nms
NVD
CVSS 4.0
8.3
EPSS
0.1%
CVE-2024-36140 HIGH This Week

A vulnerability has been identified in OZW672 (All versions < V5.2), OZW772 (All versions < V5.2). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Ozw672 Firmware Ozw772 Firmware
NVD
CVSS 4.0
8.2
EPSS
0.3%
CVE-2024-43625 HIGH PATCH This Week

Microsoft Windows VMSwitch Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 11 22h2 +5
NVD
CVSS 3.1
8.1
EPSS
0.7%
CVE-2024-43598 HIGH PATCH This Week

LightGBM Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Heap Overflow Buffer Overflow RCE Lightgbm
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2024-43447 HIGH PATCH This Week

Windows SMBv3 Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows Server 2022
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2024-28726 HIGH This Week

An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to execute arbitrary code via a crafted payload to the Diagnostics function. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

D-Link Command Injection RCE
NVD GitHub
CVSS 3.1
8.0
EPSS
8.1%
Prev Page 2 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy