Skip to main content
CVE-2024-11733 HIGH This Month

The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.1.0. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection WordPress
NVD
CVSS 3.1
7.3
EPSS
0.6%
CVE-2024-13129 HIGH POC This Week

A vulnerability was found in Roxy-WI up to 8.1.3. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
4.2%
CVE-2024-35365 HIGH PATCH This Month

FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component of FFmpeg, specifically within the new_stream_audio function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ffmpeg Red Hat Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-21609 HIGH POC PATCH This Week

SiYuan is self-hosted, open source personal knowledge management software. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Siyuan Suse
NVD GitHub
CVSS 4.0
8.7
EPSS
0.4%
CVE-2024-56513 HIGH PATCH This Month

Karmada is a Kubernetes management system that allows users to run cloud-native applications across multiple Kubernetes clusters and clouds. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Kubernetes Suse
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2024-56409 HIGH POC PATCH This Week

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP XSS Phpspreadsheet
NVD GitHub
CVSS 4.0
8.3
EPSS
0.7%
CVE-2024-56366 HIGH POC PATCH This Week

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP XSS Phpspreadsheet
NVD GitHub
CVSS 4.0
8.3
EPSS
0.9%
CVE-2024-56365 HIGH POC PATCH This Week

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP XSS Phpspreadsheet
NVD GitHub
CVSS 4.0
8.3
EPSS
0.7%
CVE-2024-56408 HIGH POC PATCH This Week

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP XSS Phpspreadsheet
NVD GitHub
CVSS 4.0
8.3
EPSS
1.0%
CVE-2024-48814 HIGH POC PATCH This Month

SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive information via the ViewType parameter of the findbywhereclause function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi Silverpeas
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-9138 HIGH This Month

Moxa’s cellular routers, secure routers, and network security appliances are affected by a high-severity vulnerability, CVE-2024-9138. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
CVSS 4.0
8.6
EPSS
0.1%
CVE-2024-53841 HIGH This Month

In startListeningForDeviceStateChanges, there is a possible Permission Bypass due to a confused deputy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-53840 HIGH This Month

there is a possible biometric bypass due to an unusual root cause. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-53838 HIGH This Month

In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-53837 HIGH This Month

In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-53835 HIGH This Month

there is a possible biometric bypass due to an unusual root cause. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-53834 HIGH This Month

In sms_DisplayHexDumpOfPrivacyBuffer of sms_Utilities.c, there is a possible out of bounds read due to an incorrect bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2024-53833 HIGH This Month

In prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-47032 HIGH This Month

In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible out of bounds write due to a heap buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-11624 HIGH This Month

there is a possible to add apps to bypass VPN due to Undeclared Permission . Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-43769 HIGH This Month

In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could prevent the uninstallation of CloudDpc due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-43768 HIGH This Month

In skia_alloc_func of SkDeflate.cpp, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-43767 HIGH This Month

In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due to improper input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Android Google
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-43764 HIGH PATCH This Month

In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to partially bypass lock screen. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-43762 HIGH PATCH This Month

In multiple locations, there is a possible way to avoid unbinding of a service from the system due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-43097 HIGH PATCH This Month

In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Privilege Escalation Android Google +1
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2024-43077 HIGH This Month

In DevmemValidateFlags of devicemem_server.c , there is a possible out of bounds write due to memory corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy