Critical exposure
CVE-2024-46103 SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php.
- CVSS 9.8
New critical Sem-cms Semcms SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Sem-cms Semcms SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Seacms RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Medialibs Webo-facto Privilege Escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Arc before 2024-08-26 allows remote code execution in JavaScript boosts.
GDidees CMS <= v3.9.1 has a file upload vulnerability.
SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php.
SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp.
Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function.
Navidrome is an open source web-based music collection server and streamer.
The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient rest...
Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process.