Skip to main content
CVE-2014-7205 CRITICAL POC PATCH THREAT Act Now

Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for the hapi server framework for Node.js allows remote attackers to execute. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 84.2%.

RCE Node.js Code Injection Bassmaster
NVD GitHub Exploit-DB
CVSS 2.0
10.0
EPSS
84.2%
Threat
6.0
CVE-2014-5308 CRITICAL POC THREAT Emergency

Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote authenticated users to execute arbitrary SQL commands via the (1) name parameter in a Search action to. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 17.0%.

PHP SQLi Testlink
NVD Exploit-DB
CVSS 2.0
9.0
EPSS
17.0%
CVE-2014-3188 CRITICAL Act Now

Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Google Code Injection Chrome Os Chrome +4
NVD
CVSS 2.0
10.0
EPSS
3.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy