Skip to main content
CVE-2024-46310 CRITICAL POC THREAT Emergency

Cfx.re FXServer (FiveM/RedM game server framework) version 9601 and earlier exposes unauthenticated API endpoints that allow reading and modifying arbitrary user data. Attackers can enumerate player information, modify account details, and access server administration functions without any credentials.

Information Disclosure
NVD GitHub
CVSS 3.1
9.1
EPSS
83.0%
Threat
5.8
CVE-2025-22777 CRITICAL Act Now

Deserialization of Untrusted Data vulnerability in GiveWP GiveWP allows Object Injection.19.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-57811 CRITICAL This Week

In Eaton X303 3.5.16 - X303 3.5.17 Build 712, an attacker with network access to a XC-303 PLC can login as root over SSH. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 3.1
9.1
EPSS
0.2%
CVE-2025-22144 CRITICAL POC Act Now

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Nameless
NVD GitHub
CVSS 4.0
9.0
EPSS
0.4%
CVE-2024-5743 CRITICAL This Week

An attacker could exploit the 'Use of Password Hash With Insufficient Computational Effort' vulnerability in EveHome Eve Play to execute arbitrary code.1.42. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2024-46479 CRITICAL This Week

Venki Supravizio BPM through 18.0.1 was discovered to contain an arbitrary file upload vulnerability. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Supravizio Bpm
NVD GitHub
CVSS 3.1
9.9
EPSS
4.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy