Skip to main content
CVE-2024-50920 HIGH POC This Week

Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to create a fake node via supplying crafted packets. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Z Wave Software Development Kit
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-55544 HIGH POC THREAT This Week

Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.01e and below. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Iap 420 Firmware
NVD
CVSS 4.0
8.7
EPSS
11.7%
CVE-2024-55602 HIGH POC PATCH This Week

PwnDoc is a penetration test report generator. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Pwndoc
NVD GitHub
CVSS 3.1
8.5
EPSS
0.7%
CVE-2024-50699 HIGH POC This Week

TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were discovered to contain weak default credentials for the Administrator account. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Wr845n Firmware
NVD
CVSS 3.1
8.0
EPSS
0.4%
CVE-2024-51165 HIGH POC This Week

SQL injection vulnerability in JEPAAS7.2.8, via /je/rbac/rbac/loadLoginCount in the dateVal parameter, which could allow a remote user to submit a specially crafted query, allowing an attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jepaas
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-55546 HIGH POC This Week

Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).01e and below. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Iap 420 Firmware
NVD
CVSS 4.0
7.1
EPSS
0.3%
CVE-2024-55545 HIGH POC This Week

Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting (XSS).01e and below. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Iap 420 Firmware
NVD
CVSS 4.0
7.1
EPSS
0.3%
CVE-2024-9844 HIGH This Week

Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker to bypass restrictions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Ivanti Connect Secure
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2024-55500 HIGH This Week

Cross-Site Request Forgery (CSRF) in Avenwu Whistle v.2.9.90 and before allows attackers to perform malicious API calls, resulting in the execution of arbitrary code on the victim's machine. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE CSRF
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-50930 HIGH This Week

An issue in Silicon Labs Z-Wave Series 500 v6.84.0 allows attackers to execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Z Wave Software Development Kit
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-53247 HIGH This Week

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.4.261 and 3.7.13 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization RCE Splunk
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2024-52538 HIGH This Week

Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.10 and 19.10SP1 with patch 338869, contains an Improper Neutralization of Special Elements used in an SQL Command ('SQL. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Dell Avamar Server
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-47977 HIGH This Week

Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.10 and 19.10SP1 with patch 338869, contains an Improper Neutralization of Special Elements used in an SQL Command ('SQL. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Dell Avamar Server
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-54198 HIGH This Week

In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure SAP
NVD
CVSS 3.1
8.5
EPSS
0.6%
CVE-2024-10496 HIGH This Week

An out of bounds read due to improper input validation in BuildFontMap in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Labview
NVD
CVSS 4.0
8.4
EPSS
0.2%
CVE-2024-10495 HIGH This Week

An out of bounds read due to improper input validation when loading the font table in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Labview
NVD
CVSS 4.0
8.4
EPSS
0.2%
CVE-2024-10494 HIGH This Week

An out of bounds read due to improper input validation in HeapObjMapImpl.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Labview
NVD
CVSS 4.0
8.4
EPSS
0.2%
CVE-2024-49849 HIGH This Week

A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 Safety V16 (All versions), SIMATIC STEP 7 Safety V17 (All versions <. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE
NVD
CVSS 4.0
8.4
EPSS
0.2%
CVE-2024-54037 HIGH This Week

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Adobe XSS Connect
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2024-55634 HIGH PATCH This Week

A vulnerability in Drupal Core allows Privilege Escalation.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Drupal
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-46341 HIGH This Week

TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which can be easily decoded by an attacker executing a man-in-the-middle attack. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

TP-Link Information Disclosure Tl Wr845n Firmware
NVD
CVSS 3.1
8.0
EPSS
0.2%
CVE-2024-53959 HIGH This Week

Adobe Framemaker versions 2020.7, 2022.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Stack Overflow RCE Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-53958 HIGH This Week

Substance3D - Painter versions 10.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Substance 3d Painter
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-53957 HIGH This Week

Substance3D - Painter versions 10.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Substance 3d Painter
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-53956 HIGH This Week

Premiere Pro versions 25.0, 24.6.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Premiere Pro
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-53955 HIGH This Week

Bridge versions 14.1.3, 15.0 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Bridge
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-53003 HIGH This Week

Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Substance 3d Modeler
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-53002 HIGH This Week

Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Substance 3d Modeler
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-53001 HIGH This Week

Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Substance 3d Modeler
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-53000 HIGH This Week

Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Substance 3d Modeler
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-52999 HIGH This Week

Substance3D - Modeler versions 1.14.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Substance 3d Modeler
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-53954 HIGH This Week

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-53953 HIGH This Week

Animate versions 23.0.8, 24.0.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Denial Of Service Memory Corruption Animate
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-52997 HIGH This Week

Photoshop Desktop versions 26.0 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Denial Of Service Memory Corruption Photoshop
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-52996 HIGH This Week

Substance3D - Sampler versions 4.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Substance 3d Sampler
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-52995 HIGH This Week

Substance3D - Sampler versions 4.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Substance 3d Sampler
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-52994 HIGH This Week

Substance3D - Sampler versions 4.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Substance 3d Sampler
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-52990 HIGH This Week

Animate versions 23.0.8, 24.0.5 and earlier are affected by a Buffer Underwrite ('Buffer Underflow') vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-52989 HIGH This Week

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-52988 HIGH This Week

Animate versions 23.0.8, 24.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-52987 HIGH This Week

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-52986 HIGH This Week

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-52985 HIGH This Week

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-52984 HIGH This Week

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-52983 HIGH This Week

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-52982 HIGH This Week

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-49545 HIGH This Week

InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Indesign
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-49544 HIGH This Week

InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Indesign
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-49543 HIGH This Week

InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Indesign
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-49538 HIGH This Week

Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.3%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy