Skip to main content
CVE-2015-9098 CRITICAL POC THREAT Emergency

In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated access to the Base Monitor, resulting in the ability to execute arbitrary SQL commands on any. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 40.0%.

RCE Microsoft SQLi Sql Monitor
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
40.0%
Threat
4.7
CVE-2017-9807 CRITICAL POC THREAT Emergency

An issue was discovered in the OpenWebif plugin through 1.2.4 for E2 open devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.0%.

RCE Python Code Injection Openwebif
NVD GitHub
CVSS 3.0
9.8
EPSS
14.0%
CVE-2017-2780 CRITICAL POC Act Now

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption RCE Matrixssl
NVD
CVSS 3.1
9.8
EPSS
4.1%
CVE-2017-2781 CRITICAL POC Act Now

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption RCE Matrixssl
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2012-6706 CRITICAL POC Act Now

A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Sophos Buffer Overflow Threat Detection Engine +1
NVD
CVSS 3.0
9.8
EPSS
2.4%
CVE-2017-9424 CRITICAL Act Now

IdeaBlade Breeze Breeze.Server.NET before 1.6.5 allows remote attackers to execute arbitrary code, related to use of TypeNameHandling in JSON deserialization. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE Breeze Server Net
NVD
CVSS 3.0
9.8
EPSS
4.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy