Skip to main content
CVE-2024-55947 HIGH POC PATCH THREAT This Week

Gogs is an open source self-hosted Git service. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Gogs
NVD GitHub
CVSS 4.0
8.7
EPSS
75.2%
CVE-2024-54148 HIGH POC PATCH This Week

Gogs is an open source self-hosted Git service. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Gogs
NVD GitHub
CVSS 4.0
8.7
EPSS
0.8%
CVE-2024-45387 HIGH PATCH This Week

An SQL injection vulnerability in Traffic Ops in Apache Traffic Control <= 8.0.1, >= 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Apache Traffic Control
NVD
CVSS 3.1
8.8
EPSS
41.8%
CVE-2024-12902 HIGH This Week

ANCHOR from Global Wisdom Software is an integrated product running on a Windows virtual machine. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft
NVD
CVSS 3.1
8.4
EPSS
0.2%
CVE-2024-53961 HIGH This Week

ColdFusion versions 2023.11, 2021.17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Path Traversal Coldfusion
NVD
CVSS 3.1
8.1
EPSS
13.4%
CVE-2024-56363 HIGH This Week

APTRS (Automated Penetration Testing Reporting System) is a Python and Django-based automated reporting tool designed for penetration testers and security organizations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Python
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-53256 HIGH This Week

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
CVSS 3.1
7.8
EPSS
1.2%
CVE-2024-12903 HIGH This Week

Incorrect default permissions vulnerability in Evoko Home, affecting version 2.4.2 to 2.7.4. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-54082 HIGH This Week

home 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the configuration restore function. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
CVSS 3.0
7.2
EPSS
1.2%
CVE-2024-45721 HIGH This Week

home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the HOST name configuration screen. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
CVSS 3.0
7.2
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy