| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-11120 | — | 0.17 | — | 0.29 | KEV | Nov 15, 2024 | Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we… | |
| CVE-2024-43093 | 0.12 | — | 0.01 | KEV | Nov 13, 2024 | In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution… | ||
| CVE-2024-8069 | 0.16 | — | 0.15 | KEV | Nov 12, 2024 | Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server | ||
| CVE-2024-49039 | 0.23 | — | 0.14 | KEV | Nov 12, 2024 | Windows Task Scheduler Elevation of Privilege Vulnerability | ||
| CVE-2024-43451 | 0.19 | — | 0.82 | KEV | Nov 12, 2024 | NTLM Hash Disclosure Spoofing Vulnerability | ||
| CVE-2024-8068 | 0.13 | — | 0.01 | KEV | Nov 12, 2024 | Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain | ||
| CVE-2024-51567 | 0.28 | — | 0.87 | KEV | Oct 29, 2024 | upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell… | ||
| CVE-2024-51378 | 0.29 | — | 0.95 | KEV | Oct 29, 2024 | getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which is only for a POST… | ||
| CVE-2024-50623 | 0.26 | — | 0.99 | KEV | Oct 27, 2024 | In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution. | ||
| CVE-2024-20481 | 0.13 | — | 0.16 | KEV | Oct 23, 2024 | A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service. This… | ||
| CVE-2024-47575 | 0.23 | — | 0.95 | KEV | Oct 23, 2024 | A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1… | ||
| CVE-2024-41713 | 0.26 | — | 0.98 | KEV | Oct 21, 2024 | A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized… | ||
| CVE-2024-9537 | 0.17 | — | 0.04 | KEV | Oct 18, 2024 | ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions… | ||
| CVE-2024-9465 | 0.20 | — | 1.00 | KEV | Oct 9, 2024 | An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary… | ||
| CVE-2024-9463 | 0.20 | — | 0.98 | KEV | Oct 9, 2024 | An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. | ||
| CVE-2024-9680 | 0.20 | — | 0.33 | KEV | Oct 9, 2024 | An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR <… | ||
| CVE-2024-43572 | 0.16 | — | 0.61 | KEV | Oct 8, 2024 | Microsoft Management Console Remote Code Execution Vulnerability | ||
| CVE-2024-43468 | 0.19 | — | 0.61 | KEV | Oct 8, 2024 | Microsoft Configuration Manager Remote Code Execution Vulnerability | ||
| CVE-2024-43573 | 0.13 | — | 0.44 | KEV | Oct 8, 2024 | Windows MSHTML Platform Spoofing Vulnerability | ||
| CVE-2024-9380 | 0.19 | — | 0.63 | KEV | Oct 8, 2024 | An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution. | ||
| CVE-2024-9379 | 0.18 | — | 0.44 | KEV | Oct 8, 2024 | SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements. | ||
| CVE-2024-43047 | — | 0.12 | — | 0.01 | KEV | Oct 7, 2024 | Memory corruption while maintaining memory maps of HLOS memory. | |
| CVE-2024-45519 | 0.20 | — | 1.00 | KEV | Oct 2, 2024 | The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands. | ||
| CVE-2024-8963 | 0.20 | — | 0.99 | KEV | Sep 19, 2024 | Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. | ||
| CVE-2024-8957 | 0.16 | — | 0.82 | KEV | Sep 17, 2024 | PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrary command execution when ntp_client is started. When chained with CVE-2024-8956,… | ||
| CVE-2024-8956 | 0.19 | — | 0.61 | KEV | Sep 17, 2024 | PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and… | ||
| CVE-2024-38813 | 0.14 | — | 0.17 | KEV | Sep 17, 2024 | The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet. | ||
| CVE-2024-38812 | 0.18 | — | 0.54 | KEV | Sep 17, 2024 | The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code… | ||
| CVE-2024-8190 | 0.19 | — | 0.89 | KEV | Sep 10, 2024 | An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability. | ||
| CVE-2024-43461 | 0.13 | — | 0.52 | KEV | Sep 10, 2024 | Windows MSHTML Platform Spoofing Vulnerability | ||
| CVE-2024-38226 | 0.12 | — | 0.03 | KEV | Sep 10, 2024 | Microsoft Publisher Security Feature Bypass Vulnerability | ||
| CVE-2024-38217 | 0.13 | — | 0.10 | KEV | Sep 10, 2024 | Windows Mark of the Web Security Feature Bypass Vulnerability | ||
| CVE-2024-38014 | 0.13 | — | 0.06 | KEV | Sep 10, 2024 | Windows Installer Elevation of Privilege Vulnerability | ||
| CVE-2024-40711 | — | 0.24 | — | 0.88 | KEV | Sep 7, 2024 | A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE). | |
| CVE-2024-20439 | 0.19 | — | 0.92 | KEV | Sep 4, 2024 | A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential. This vulnerability is due to an undocumented static user credential for an administrative… | ||
| CVE-2024-45195 | 0.20 | — | 1.00 | KEV | Sep 4, 2024 | Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.16. Users are recommended to upgrade to version 18.12.16, which fixes the issue. | ||
| CVE-2024-6670 | — | 0.29 | — | 0.95 | KEV | Aug 29, 2024 | In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password. | |
| CVE-2024-40766 | 0.18 | — | 0.16 | KEV | Aug 23, 2024 | An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices,… | ||
| CVE-2024-39717 | 0.12 | — | 0.04 | KEV | Aug 22, 2024 | The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin. (Tenant level users do not have this privilege). The “Change… | ||
| CVE-2024-28987 | 0.23 | — | 0.93 | KEV | Aug 21, 2024 | The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data. | ||
| CVE-2024-7971 | 0.12 | — | 0.19 | KEV | Aug 21, 2024 | Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-7965 | 0.14 | — | 0.17 | KEV | Aug 21, 2024 | Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-7262 | 0.13 | — | 0.02 | KEV | Aug 15, 2024 | Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the… | ||
| CVE-2024-28986 | 0.19 | — | 0.85 | KEV | Aug 13, 2024 | SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported as an unauthenticated vulnerability, SolarWinds has been… | ||
| CVE-2024-7593 | Cri | 0.86 | 9.8 | 1.00 | KEV | Aug 13, 2024 | Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel. | |
| CVE-2024-38189 | 0.15 | — | 0.08 | KEV | Aug 13, 2024 | Microsoft Project Remote Code Execution Vulnerability | ||
| CVE-2024-38107 | 0.12 | — | 0.02 | KEV | Aug 13, 2024 | Windows Power Dependency Coordinator Elevation of Privilege Vulnerability | ||
| CVE-2024-38106 | 0.12 | — | 0.06 | KEV | Aug 13, 2024 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2024-38213 | 0.17 | — | 0.13 | KEV | Aug 13, 2024 | Windows Mark of the Web Security Feature Bypass Vulnerability | ||
| CVE-2024-38193 | 0.21 | — | 0.28 | KEV | Aug 13, 2024 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
- risk 0.17cvss —epss 0.29
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we…
- risk 0.12cvss —epss 0.01
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution…
- risk 0.16cvss —epss 0.15
Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server
- risk 0.23cvss —epss 0.14
Windows Task Scheduler Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.82
NTLM Hash Disclosure Spoofing Vulnerability
- risk 0.13cvss —epss 0.01
Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain
- risk 0.28cvss —epss 0.87
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell…
- risk 0.29cvss —epss 0.95
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which is only for a POST…
- risk 0.26cvss —epss 0.99
In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution.
- risk 0.13cvss —epss 0.16
A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service. This…
- risk 0.23cvss —epss 0.95
A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1…
- risk 0.26cvss —epss 0.98
A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized…
- risk 0.17cvss —epss 0.04
ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions…
- risk 0.20cvss —epss 1.00
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary…
- risk 0.20cvss —epss 0.98
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
- risk 0.20cvss —epss 0.33
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR <…
- risk 0.16cvss —epss 0.61
Microsoft Management Console Remote Code Execution Vulnerability
- risk 0.19cvss —epss 0.61
Microsoft Configuration Manager Remote Code Execution Vulnerability
- risk 0.13cvss —epss 0.44
Windows MSHTML Platform Spoofing Vulnerability
- risk 0.19cvss —epss 0.63
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.
- risk 0.18cvss —epss 0.44
SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.
- risk 0.12cvss —epss 0.01
Memory corruption while maintaining memory maps of HLOS memory.
- risk 0.20cvss —epss 1.00
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands.
- risk 0.20cvss —epss 0.99
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
- risk 0.16cvss —epss 0.82
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrary command execution when ntp_client is started. When chained with CVE-2024-8956,…
- risk 0.19cvss —epss 0.61
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and…
- risk 0.14cvss —epss 0.17
The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet.
- risk 0.18cvss —epss 0.54
The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code…
- risk 0.19cvss —epss 0.89
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.
- risk 0.13cvss —epss 0.52
Windows MSHTML Platform Spoofing Vulnerability
- risk 0.12cvss —epss 0.03
Microsoft Publisher Security Feature Bypass Vulnerability
- risk 0.13cvss —epss 0.10
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.13cvss —epss 0.06
Windows Installer Elevation of Privilege Vulnerability
- risk 0.24cvss —epss 0.88
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).
- risk 0.19cvss —epss 0.92
A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential. This vulnerability is due to an undocumented static user credential for an administrative…
- risk 0.20cvss —epss 1.00
Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.16. Users are recommended to upgrade to version 18.12.16, which fixes the issue.
- risk 0.29cvss —epss 0.95
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
- risk 0.18cvss —epss 0.16
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices,…
- risk 0.12cvss —epss 0.04
The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin. (Tenant level users do not have this privilege). The “Change…
- risk 0.23cvss —epss 0.93
The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
- risk 0.12cvss —epss 0.19
Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.14cvss —epss 0.17
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.13cvss —epss 0.02
Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the…
- risk 0.19cvss —epss 0.85
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported as an unauthenticated vulnerability, SolarWinds has been…
- risk 0.86cvss 9.8epss 1.00
Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.
- risk 0.15cvss —epss 0.08
Microsoft Project Remote Code Execution Vulnerability
- risk 0.12cvss —epss 0.02
Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.06
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.17cvss —epss 0.13
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.21cvss —epss 0.28
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability