Vulnerabilities
Vulnerable Software
Security Vulnerabilities - Known exploited
CVE-2024-1709
Known exploited
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems.
CVSS Score
10.0
EPSS Score
1.0
Published
2024-02-21
CVE-2024-20953
Known exploited
Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Export). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks of this vulnerability can result in takeover of Oracle Agile PLM. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
CVSS Score
8.8
EPSS Score
0.034
Published
2024-02-17
CVE-2024-23113
Known exploited
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
CVSS Score
9.8
EPSS Score
0.617
Published
2024-02-15
CVE-2024-21413
Known exploited
Microsoft Outlook Remote Code Execution Vulnerability
CVSS Score
9.8
EPSS Score
0.947
Published
2024-02-13
CVE-2024-21410
Known exploited
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVSS Score
9.8
EPSS Score
0.127
Published
2024-02-13
CVE-2024-21412
Known exploited
Internet Shortcut Files Security Feature Bypass Vulnerability
CVSS Score
8.1
EPSS Score
0.954
Published
2024-02-13
CVE-2024-21351
Known exploited
Windows SmartScreen Security Feature Bypass Vulnerability
CVSS Score
7.6
EPSS Score
0.303
Published
2024-02-13
CVE-2024-21338
Known exploited
Windows Kernel Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.519
Published
2024-02-13
CVE-2024-21762
Known exploited
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests
CVSS Score
9.8
EPSS Score
0.808
Published
2024-02-09
CVE-2024-21893
Known exploited
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
CVSS Score
8.2
EPSS Score
1.0
Published
2024-01-31


Contact Us

Shodan ® - All rights reserved