Skip to main content
CVE-2018-9995 CRITICAL POC THREAT Act Now

TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Tbk Dvr4216 Firmware Tbk Dvr4104 Firmware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
83.2%
CVE-2018-9924 CRITICAL POC Act Now

An issue was discovered in idreamsoft iCMS through 7.0.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Icms
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
CVE-2018-2404 CRITICAL Act Now

SAP Disclosure Management 10.1 allows an attacker to upload any file without proper file format validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload SAP Disclosure Management
NVD
CVSS 3.0
9.8
EPSS
2.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy