Skip to main content
CVE-2024-56320 CRITICAL PATCH This Week

GoCD is a continuous deliver server. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Privilege Escalation Gocd
NVD GitHub
CVSS 4.0
9.4
EPSS
0.7%
CVE-2024-55507 CRITICAL POC Act Now

An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the delete_e.php component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation PHP Complaint Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-55078 CRITICAL POC Act Now

An arbitrary file upload vulnerability in the component /adminUser/updateImg of WukongCRM-11.0-JAVA v11.3.3 allows attackers to execute arbitrary code via uploading a crafted file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Java
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2024-9140 CRITICAL This Week

Moxa’s cellular routers, secure routers, and network security appliances are affected by a critical vulnerability, CVE-2024-9140. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection
NVD
CVSS 4.0
9.3
EPSS
0.5%
CVE-2025-22275 CRITICAL This Week

iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Python Information Disclosure Iterm2
NVD
CVSS 3.1
9.3
EPSS
0.1%
CVE-2024-53842 CRITICAL This Week

In cc_SendCcImsInfoIndMsg of cc_MmConManagement.c, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Android Google
NVD
CVSS 3.1
9.8
EPSS
2.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy