CVE Trends

Beta

Updated 33 minutes ago

At a glance

Hypemeter

Current score

Not much chatter

Top 10 CVEs trending on social media within the last 24 hours.

Trending

Hype score

Published

Description

Last 24 hours

show more detail
1
CVE-2024-49415
high 8.1
17
Dec 3, 2024
Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code.
show more detail
2
CVE-2025-0282
critical 9.0
Exploit known
13
Jan 8, 2025
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.
show more detail
3
CVE-2024-50603
critical 10.0
3
Jan 8, 2025
An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to the improper neutralization of special elements used in an OS command, an unauthenticated attacker is able to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloud_type for list_flightpath_destination_instances, or src_cloud_type for flightpath_connection_test.
show more detail
4
CVE-2024-12847
critical 9.8
2
Jan 10, 2025
NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been exploited in the wild since at least 2017.
show more detail
5
CVE-2025-0283
high 7.0
2
Jan 8, 2025
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges.
show more detail
6
CVE-2024-49113
high 7.5
1
Dec 12, 2024
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
show more detail
7
CVE-2024-54007
high 7.2
1
Jan 7, 2025
Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as a privileged user on the underlying operating system. Exploitation requires administrative authentication credentials on the host system.
show more detail
8
CVE-2024-54006
high 7.2
1
Jan 7, 2025
Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as a privileged user on the underlying operating system. Exploitation requires administrative authentication credentials on the host system.
show more detail
9
CVE-2024-54527
medium 5.5
1
Dec 12, 2024
This issue was addressed with improved checks. This issue is fixed in watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access sensitive user data.
show more detail
10
CVE-2024-52875
1
Not available in NVD

show more detail
1
·
CVE-2024-49415
Hype score
17
·
high 8.1
show more detail
2
·
CVE-2025-0282
Hype score
13
·
critical 9.0
Exploit known
show more detail
3
·
CVE-2024-50603
Hype score
3
·
critical 10.0
show more detail
4
·
CVE-2024-12847
Hype score
2
·
critical 9.8
show more detail
5
·
CVE-2025-0283
Hype score
2
·
high 7.0
show more detail
6
·
CVE-2024-49113
Hype score
1
·
high 7.5
show more detail
7
·
CVE-2024-54007
Hype score
1
·
high 7.2
show more detail
8
·
CVE-2024-54006
Hype score
1
·
high 7.2
show more detail
9
·
CVE-2024-54527
Hype score
1
·
medium 5.5
show more detail
10
·
CVE-2024-52875
Hype score
1