Skip to main content
CVE-2024-50317 HIGH This Week

A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Ivanti Denial Of Service Avalanche
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2024-47907 HIGH This Week

A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Ivanti Denial Of Service Connect Secure
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2024-51564 HIGH This Week

A guest can trigger an infinite loop in the hda audio driver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-45289 HIGH This Week

The fetch(3) library uses environment variables for passing certain information, including the revocation file pathname. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-51721 HIGH This Week

A code injection vulnerability in the SecuSUITE Server Web Administration Portal of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially inject script commands or other. Rated high severity (CVSS 7.3). No vendor patch available.

Code Injection
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2024-33505 HIGH This Week

A heap-based buffer overflow in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager version 7.4.0 through 7.4.2, 7.2.0. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Fortinet Privilege Escalation Fortianalyzer +2
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2024-21958 HIGH This Week

Incorrect default permissions in the AMD Provisioning Console installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Amd Provisioning Console
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2024-21957 HIGH This Week

Incorrect default permissions in the AMD Management Console installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Amd Management Console
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2024-21946 HIGH This Week

Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Amd Ryzen Master Utility For Overclocking Control
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2024-21945 HIGH This Week

Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Amd Ryzen Master Monitoring Software Development Kit
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2024-21939 HIGH This Week

Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Amd Cloud Manageability Service
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2024-47941 HIGH This Week

A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge Se2024
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-47940 HIGH This Week

A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge Se2024
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-49042 HIGH This Week

Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PostgreSQL Command Injection Microsoft Azure Database For Postgresql Flexible Server
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2024-43613 HIGH This Week

Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PostgreSQL Command Injection Microsoft Azure Database For Postgresql Flexible Server
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2024-11006 HIGH This Week

Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Ivanti Connect Secure Policy Secure
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2024-11005 HIGH This Week

Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Ivanti Connect Secure Policy Secure
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2024-50328 HIGH This Week

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi RCE Ivanti Endpoint Manager
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2024-50327 HIGH This Week

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi RCE Ivanti Endpoint Manager
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2024-50326 HIGH This Week

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi RCE Ivanti Endpoint Manager
NVD
CVSS 3.1
7.2
EPSS
25.8%
CVE-2024-50324 HIGH This Week

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal Ivanti Endpoint Manager
NVD
CVSS 3.1
7.2
EPSS
18.2%
CVE-2024-11007 HIGH This Week

Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Ivanti Connect Secure Policy Secure
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2024-49049 HIGH PATCH This Week

Visual Studio Code Remote Extension Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Authentication Bypass Remote Ssh
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2024-8539 HIGH This Week

Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ivanti Secure Access Client
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-10944 HIGH This Week

A Remote Code Execution vulnerability exists in the affected product. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE
NVD
CVSS 4.0
7.1
EPSS
0.5%
CVE-2024-47595 HIGH This Week

An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Host Agent
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-7516 HIGH This Week

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Fabric Operating System
NVD
CVSS 4.0
7.0
EPSS
0.2%
CVE-2024-10945 HIGH This Week

A Local Privilege Escalation vulnerability exists in the affected product. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation
NVD
CVSS 4.0
7.0
EPSS
0.2%
CVE-2024-37365 HIGH This Week

A remote code execution vulnerability exists in the affected product. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

RCE Factorytalk View
NVD
CVSS 4.0
7.0
EPSS
0.2%
CVE-2024-47942 HIGH This Week

A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

RCE Solid Edge Se2024
NVD
CVSS 4.0
7.0
EPSS
0.2%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy