Skip to main content
CVE-2024-54907 HIGH POC This Week

TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via formWsc. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE A3002r Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2024-12908 HIGH POC This Week

Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version 6.0.3.26) where, within the protocol handler function, URI's were compared before normalization and. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Code Injection RCE Secret Server
NVD
CVSS 3.1
8.3
EPSS
0.7%
CVE-2024-55950 HIGH This Week

Tabby (formerly Terminus) is a highly configurable terminal emulator. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Apple
NVD GitHub
CVSS 4.0
8.6
EPSS
0.3%
CVE-2024-53850 HIGH This Week

The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
8.2
EPSS
0.5%
CVE-2023-7300 HIGH This Week

Huawei Home Music System has a path traversal vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Huawei Path Traversal
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2024-47151 HIGH This Week

Some Honor products are affected by file writing vulnerability, successful exploitation could cause code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE File Upload Magicos
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-45600 HIGH This Week

Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi
NVD GitHub
CVSS 3.1
7.7
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy