CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2024-20082 In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed f... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-27730 Insecure Permissions vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information and execute arbitrary code via the cid parameter of the calendar event feature. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-20083 In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-22204 Improper control of generation of code in the sourcerer extension for Joomla in versions before 11.0.0 lead to a remote code execution vulnerability. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-24649 The WP User Frontend WordPress plugin before 3.5.29 uses a user supplied argument called urhidden in its registration form, which contains the role for the account to be created with, encrypted via wp... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-3600 The Easy Digital Downloads WordPress plugin before 3.1.0.2 does not validate data when its output in a CSV file, which could lead to CSV injection. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-3634 The Contact Form 7 Database Addon WordPress plugin before 1.2.6.5 does not validate data when output it back in a CSV file, which could lead to CSV injection | 9.8 | CRITICAL | β | 0 |
| CVE-2024-57590 TRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl interface "ntp_sync.cgi",which allows remote attackers to execute arbitrary commands via parameter "ntp_serv... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-50698 SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to heap-based buffer overflow due to bounds checks of the MQTT message content. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-44180 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-40392 SourceCodester Pharmacy/Medical Store Point of Sale System Using PHP/MySQL and Bootstrap Framework with Source Code 1.0 was discovered to contain a SQL injection vulnerability via the name parameter u... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-36526 ZKTeco ZKBio CVSecurity v6.1.1 was discovered to contain a hardcoded cryptographic key. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-55210 An issue in TOTVS Framework (Linha Protheus) 12.1.2310 allows attackers to bypass multi-factor authentication (MFA) via a crafted websocket message. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-20080 In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. U... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-20078 In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exp... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-39243 An issue discovered in skycaiji 2.8 allows attackers to run arbitrary code via crafted POST request to /index.php?s=/admin/develop/editor_save. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-37759 DataGear v5.0.0 and earlier was discovered to contain a SpEL (Spring Expression Language) expression injection vulnerability via the Data Viewing interface. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-28137 The TOTOLINK A810R V4.1.2cu.5182_B20201026 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-38902 H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-42571 School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at insertattendance.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-38396 An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with the built-in tmux integration feature (enabled by default), all... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-28399 An issue in Erick xmall v.1.1 and before allows a remote attacker to escalate privileges via the updateAddress method of the Address Controller class. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-38395 In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially exploitable." | 9.8 | CRITICAL | β | 0 |
| CVE-2025-30727 Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: iSurvey Module). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-33375 LB-LINK BL-W1210M v2.0 was discovered to store user credentials in plaintext within the router's firmware. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-31777 File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary code via a crafted file to the certbadge.php endpoint. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-50695 SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-50694 In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when copying the timestamp read from an MQTT message, the underlying code does not check the bounds of the buffer that is used to store the mes... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-26014 A Remote Code Execution (RCE) vulnerability in Loggrove v.1.0 allows a remote attacker to execute arbitrary code via the path parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-29040 An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c | 9.8 | CRITICAL | β | 0 |
| CVE-2025-29041 An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c | 9.8 | CRITICAL | β | 0 |
| CVE-2025-29046 Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the GAPSMinute3 key value | 9.8 | CRITICAL | β | 0 |
| CVE-2025-29047 Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the hiddenIndex in the function StorageEditUser | 9.8 | CRITICAL | β | 0 |
| CVE-2025-29042 An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c | 9.8 | CRITICAL | β | 0 |
| CVE-2025-29043 An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234 | 9.8 | CRITICAL | β | 0 |
| CVE-2023-27113 pearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the organizationCode parameter at project.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-28441 File Upload vulnerability in magicflue v.7.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the messageid parameter of the mail/mailupdate.jsp endpoint. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-29209 TOTOLINK X18 v9.1.0cu.2024_B20220329 has an unauthorized arbitrary command execution in the enable parameter' of the sub_41105C function of cstecgi .cgi. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-29243 Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpn_client_ip parameter at /apply.cgi. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-44171 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-27438 Download of Code Without Integrity Check vulnerability in Apache Doris. The jdbc driver files used for JDBC catalog is not checked and mayΒ resulting in remote command execution. Once the attacker is a... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-29864 Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into exported executables. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-29858 In MISP before 2.4.187, __uploadLogo in app/Controller/OrganisationsController.php does not properly check for a valid logo upload. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-44172 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-44174 Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function formSetDeviceName. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-44175 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-44176 Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-28391 SQL injection vulnerability in FME Modules quickproducttable module for PrestaShop v.1.2.1 and before, allows a remote attacker to escalate privileges and obtain information via the readCsv(), display... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-25830 F-logic DataCube3 v1.0 is vulnerable to Incorrect Access Control due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this, by sending a URI that contains t... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-27447 pretix before 2024.1.1 mishandles file validation. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.