Skip to main content
CVE-2024-56734 HIGH POC PATCH This Week

Better Auth is an authentication library for TypeScript. Rated high severity (CVSS 7.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Better Auth
NVD GitHub
CVSS 4.0
7.9
EPSS
0.4%
CVE-2024-11944 HIGH This Week

iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Truenas Firmware
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-12828 HIGH PATCH This Week

Webmin CGI Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Command Injection Webmin
NVD GitHub
CVSS 3.1
8.8
EPSS
32.0%
CVE-2024-47921 HIGH This Week

Smadar SPS - CWE-327: Use of a Broken or Risky Cryptographic Algorithm. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
8.4
EPSS
0.2%
CVE-2024-50703 HIGH PATCH This Week

TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Teampass
NVD GitHub
CVSS 3.1
8.1
EPSS
0.5%
CVE-2024-13051 HIGH This Week

Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Graphite
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-13050 HIGH This Week

Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Graphite
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-13049 HIGH This Week

Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Cobalt
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-13048 HIGH This Week

Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Cobalt
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-13047 HIGH This Week

Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Cobalt
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-13046 HIGH This Week

Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Cobalt
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-13045 HIGH This Week

Ashlar-Vellum Cobalt AR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Cobalt
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-13044 HIGH This Week

Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Cobalt
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-13043 HIGH This Week

Panda Security Dome Link Following Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Panda Dome
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-12752 HIGH This Week

Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2024-12751 HIGH This Week

Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2024-12836 HIGH This Week

Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Drasimucad
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2024-12835 HIGH This Week

Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Drasimucad
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2024-12834 HIGH This Week

Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Drasimucad
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2024-47925 HIGH This Week

Tecnick TCExam - Multiple CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-47924 HIGH This Week

Boa web server - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-47922 HIGH This Week

Priority - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-47920 HIGH This Week

Tiki Wiki CMS - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-47917 HIGH This Week

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-56800 HIGH This Week

Firecrawl is a web scraper that allows users to extract the content of a webpage for a large language model. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF
NVD GitHub
CVSS 3.1
7.4
EPSS
0.3%
CVE-2024-12753 HIGH This Week

Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2024-54181 HIGH This Week

IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to the swagger UI, to execute arbitrary code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM RCE Command Injection Websphere Automation
NVD
CVSS 3.1
7.2
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy