Skip to main content
CVE-2023-50739 HIGH This Week

A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2018-9389 HIGH This Week

In ip6_append_data of ip6_output.c, there is a possible way to achieve code execution due to a heap buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Privilege Escalation Android +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2018-9464 HIGH This Week

In multiple locations, there is a possible way to read protected files due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2018-9387 HIGH This Week

In multiple functions of mnh-sm.c, there is a possible way to trigger a heap overflow due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2018-9401 HIGH This Week

In many locations, there is a possible way to access kernel memory in user space due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2018-9461 HIGH PATCH This Week

In onAttachFragment of ShareIntentActivity.java, there is a possible way for an app to read files in the messages app due to a race condition. Rated high severity (CVSS 7.0).

Privilege Escalation Race Condition Android Google
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2024-45662 HIGH This Month

IBM Safer Payments 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service Safer Payments
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-47113 HIGH This Month

IBM ICP - Voice Gateway 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Voice Gateway
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2024-13184 HIGH This Month

The The Ultimate WordPress Toolkit - WP Extended plugin for WordPress is vulnerable to time-based SQL Injection via the Login Attempts module in all versions up to, and including, 3.0.12 due to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress SQLi
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2025-0308 HIGH This Month

The Ultimate Member - User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the search. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress SQLi Ultimate Member PHP
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2025-23209 HIGH KEV PATCH THREAT Act Now

Craft CMS 4 and 5 contain a remote code execution vulnerability exploitable when the application's security key has been compromised, allowing attackers with the key to execute arbitrary code on the server.

RCE Code Injection Craft Cms
NVD GitHub
CVSS 3.1
8.0
EPSS
19.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy