Skip to main content
CVE-2024-53604 CRITICAL POC Act Now

A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection PHP RCE SQLi Covid19 Testing Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-53676 CRITICAL POC THREAT Act Now

A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Path Traversal HP Information Disclosure Insight Remote Support
NVD GitHub
CVSS 3.1
9.8
EPSS
51.3%
CVE-2024-46054 CRITICAL Act Now

OpenVidReview 1.0 is vulnerable to Incorrect Access Control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Openvidreview
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-11667 CRITICAL KEV THREAT Act Now

A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zyxel Path Traversal Zld
NVD
CVSS 3.1
9.8
EPSS
3.0%
CVE-2024-41126 CRITICAL PATCH Act Now

Contiki-NG is an open-source, cross-platform operating system for IoT devices. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Contiki Ng
NVD GitHub
CVSS 3.1
9.6
EPSS
0.3%
CVE-2024-41125 CRITICAL PATCH Act Now

Contiki-NG is an open-source, cross-platform operating system for IoT devices. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Contiki Ng
NVD GitHub
CVSS 3.1
9.6
EPSS
0.3%
CVE-2024-52959 CRITICAL Act Now

A Improper Control of Generation of Code ('Code Injection') vulnerability in plugin management in iota C.ai Conversational Platform from 1.0.0 through 2.1.3 allows remote authenticated users to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Iota C Ai
NVD
CVSS 4.0
9.3
EPSS
0.6%
CVE-2024-52958 CRITICAL Act Now

A improper verification of cryptographic signature vulnerability in plugin management in iota C.ai Conversational Platform from 1.0.0 through 2.1.3 allows remote authenticated users to load a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Iota C Ai
NVD
CVSS 4.0
9.3
EPSS
0.3%
CVE-2024-42330 CRITICAL Act Now

The HttpRequest object allows to get the HTTP headers from the server's response after sending the request. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
9.1
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy