Critical exposure
CVE-2024-11704 Mozilla Firefox Memory Corruption
- CVSS 9.8
New critical Mozilla Firefox Memory Corruption (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Mozilla Firefox Memory Corruption (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Hpe Insight Remote Support RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Insufficiently Protected Credentials vulnerability in OpenText™ AccuRev allows Authentication Bypass.
Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an unauthenticated, remote attacker to execute arbitra...
The executable file warning was not presented when downloading .library-ms files.
A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal d...
A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an error path.
`NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL.
Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot Studio by an unauthorized attacker leads...
A CWE-306 "Missing Authentication for Critical Function" was discovered affecting the following devices manufactured by Advantech: EKI-63...
qiwen-file v1.4.0 was discovered to contain a SQL injection vulnerability via the component /mapper/NoticeMapper.xml.
A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may allow remote code execution.