Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-54367 |
Description: Deserialization of Untrusted Data vulnerability in ForumWP ForumWP allows Object Injection.This issue affects ForumWP: from n/a through 2.1.0.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
December 17th, 2024 (6 months ago)
|
|
CVE-2024-54363 |
Description: Incorrect Privilege Assignment vulnerability in nssTheme Wp NssUser Register allows Privilege Escalation.This issue affects Wp NssUser Register: from n/a through 1.0.0.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
December 17th, 2024 (6 months ago)
|
|
CVE-2024-54361 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in outstrip Instant Appointment allows SQL Injection.This issue affects Instant Appointment: from n/a through 1.2.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
December 17th, 2024 (6 months ago)
|
|
CVE-2024-54285 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in SeedProd LLC SeedProd Pro allows Upload a Web Shell to a Web Server.This issue affects SeedProd Pro: from n/a through 6.18.10.
CVSS: CRITICAL (9.1) EPSS Score: 0.04%
December 17th, 2024 (6 months ago)
|
|
CVE-2024-54280 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design WPBookit allows SQL Injection.This issue affects WPBookit: from n/a through 1.6.0.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
December 17th, 2024 (6 months ago)
|
|
CVE-2024-54229 |
Description: Incorrect Privilege Assignment vulnerability in Straightvisions GmbH SV100 Companion allows Privilege Escalation.This issue affects SV100 Companion: from n/a through 2.0.02.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
December 17th, 2024 (6 months ago)
|
|
CVE-2024-49775 |
Description: A vulnerability has been identified in Opcenter Execution Foundation (All versions), Opcenter Intelligence (All versions), Opcenter Quality (All versions), Opcenter RDL (All versions), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions if operated in conjunction with UMC < V2.15), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component.
This could allow an unauthenticated remote attacker to execute arbitrary code.
CVSS: CRITICAL (9.8) EPSS Score: 0.09%
December 17th, 2024 (6 months ago)
|
|
CVE-2024-37310 |
Description: EVerest is an EV charging software stack. An integer overflow in the "v2g_incoming_v2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. This vulnerability is fixed in 2024.3.1 and 2024.6.0.
CVSS: CRITICAL (9.1) EPSS Score: 0.05%
December 17th, 2024 (6 months ago)
|
|
CVE-2024-12641 |
Description: TenderDocTransfer from Chunghwa Telecom has a Reflected Cross-site scripting vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection for the APIs, unauthenticated remote attackers could use specific APIs through phishing to execute arbitrary JavaScript code in the user’s browser. Since the web server set by the application supports Node.Js features, attackers can further leverage this to run OS commands.
CVSS: CRITICAL (9.6) EPSS Score: 0.09%
December 17th, 2024 (6 months ago)
|
|
CVE-2024-10127 |
Description: Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed user authentication without a password when the LDAP server itself had the vulnerable configuration.
CVSS: CRITICAL (9.2) EPSS Score: 0.04%
December 17th, 2024 (6 months ago)
|