Skip to main content
CVE-2024-51363 CRITICAL POC Act Now

Insecure deserialization in Hodoku v2.3.0 to v2.3.2 allows attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization RCE
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-52544 CRITICAL POC Act Now

An unauthenticated attacker can trigger a stack based buffer overflow in the DP Service (TCP port 3500). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-25020 CRITICAL Act Now

IBM Cognos Controller 11.0.0 and 11.0.1 is vulnerable to malicious file upload by allowing unrestricted filetype attachments in the Journal entry page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM File Upload Cognos Controller
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-40691 CRITICAL Act Now

IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM File Upload Cognos Controller
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-25019 CRITICAL Act Now

IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not validating the type of file uploaded to Journal entry attachments. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM File Upload Cognos Controller
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-49415 CRITICAL Act Now

Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
9.8
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy