Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2024-2692 | SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server Side XSS. | 9.0 | 0.73% | 2024-04-03 | 2026-06-17 |
| CVE-2024-23441 | Vba32 Antivirus v3.36.0 is vulnerable to a Denial of Service vulnerability by triggering the 0x2220A7 IOCTL code of the Vba32m64.sys driver. | 5.5 | 0.24% | 2024-01-29 | 2026-06-17 |
| CVE-2024-23440 | Vba32 Antivirus v3.36.0 is vulnerable to an Arbitrary Memory Read vulnerability. The 0x22200B IOCTL code of the Vba32m64.sys driver allows to read up to 0x802 of memory from ar arbitrary user-supplied pointer. | 7.1 | 0.21% | 2024-02-13 | 2026-06-17 |
| CVE-2024-23439 | Vba32 Antivirus v3.36.0 is vulnerable to an Arbitrary Memory Read vulnerability by triggering the 0x22201B, 0x22201F, 0x222023, 0x222027 ,0x22202B, 0x22202F, 0x22203F, 0x222057 and 0x22205B IOCTL codes of the Vba32m64.sys driver. | 7.1 | 0.21% | 2024-02-13 | 2026-06-17 |
| CVE-2024-2204 | Zemana AntiLogger v2.74.204.664 is vulnerable to a Denial of Service (DoS) vulnerability by triggering the 0x80002004 and 0x80002010 IOCTL codes of the zam64.sys and zamguard64.sys drivers. | 5.5 | 0.24% | 2024-03-15 | 2026-06-17 |
| CVE-2024-2180 | Zemana AntiLogger v2.74.204.664 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x80002020 IOCTL code of the zam64.sys and zamguard64.sys drivers | 5.5 | 0.28% | 2024-03-15 | 2026-06-17 |
| CVE-2024-2045 | Session version 1.17.5 allows obtaining internal application files and public files from the user's device without the user's consent. This is possible because the application is vulnerable to Local File Read via chat attachments. | 5.5 | 0.33% | 2024-02-29 | 2026-06-17 |
| CVE-2024-1853 | Zemana AntiLogger v2.74.204.664 is vulnerable to an Arbitrary Process Termination vulnerability by triggering the 0x80002048 IOCTL code of the zam64.sys and zamguard64.sys drivers. | 5.5 | 0.20% | 2024-03-14 | 2026-06-17 |
| CVE-2024-1651 | Torrentpier version 2.4.1 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to insecure deserialization. | 10.0 | 34.00% | 2024-02-19 | 2026-06-17 |
| CVE-2024-1648 | electron-pdf version 20.0.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the HTML content entered by the user. | 7.5 | 0.69% | 2024-02-19 | 2026-06-17 |
| CVE-2024-1647 | Pyhtml2pdf version 0.0.6 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the HTML content entered by the user. | 7.5 | 0.69% | 2024-02-19 | 2026-06-17 |
| CVE-2024-1644 | Suite CRM version 7.14.2 allows including local php files. This is possible because the application is vulnerable to LFI. | 9.9 | 0.86% | 2024-02-19 | 2026-06-17 |
| CVE-2024-1460 | MSI Afterburner v4.6.5.16370 is vulnerable to a Kernel Memory Leak vulnerability by triggering the 0x80002040 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process. | 5.6 | 0.24% | 2024-03-06 | 2026-06-17 |
| CVE-2024-1443 | MSI Afterburner v4.6.5.16370 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002000 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process. | 4.4 | 0.23% | 2024-03-06 | 2026-06-17 |
| CVE-2024-1297 | Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to OS Command Injection. | 7.2 | 2.76% | 2024-02-19 | 2026-06-17 |
| CVE-2024-1241 | Watchdog Antivirus v1.6.415 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002014 IOCTL code of the wsdk-driver.sys driver. | 5.5 | 0.17% | 2024-04-23 | 2026-06-17 |
| CVE-2024-1216 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.04% | 2024-02-13 | 2024-03-20 |
| CVE-2024-1140 | Twister Antivirus v8.17 is vulnerable to an Out-of-bounds Read vulnerability by triggering the 0x801120B8 IOCTL code of the filmfd.sys driver. | 6.1 | 0.16% | 2024-02-13 | 2026-06-17 |
| CVE-2024-1096 | Twister Antivirus v8.17 is vulnerable to a Denial of Service vulnerability by triggering the 0x80112067, 0x801120CB 0x801120CC 0x80112044, 0x8011204B, 0x8011204F, 0x80112057, 0x8011205B, 0x8011205F, 0x80112063, 0x8011206F, 0x80112073, 0x80112077, 0x80112078, 0x8011207C and 0x80112080 IOCTL codes of the fildds.sys driver. | 5.5 | 0.20% | 2024-02-13 | 2026-06-17 |
| CVE-2024-0849 | Leanote version 2.7.0 allows obtaining arbitrary local files. This is possible because the application is vulnerable to LFR. | 5.0 | 0.23% | 2024-02-06 | 2026-06-17 |