Skip to main content
CVE-2018-3779 CRITICAL POC Act Now

active-support ruby gem 5.2.0 could allow a remote attacker to execute arbitrary code on the system, caused by containing a malicious backdoor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Activesupport
NVD
CVSS 3.0
9.8
EPSS
6.1%
CVE-2018-3110 CRITICAL PATCH Act Now

A vulnerability was discovered in the Java VM component of Oracle Database Server. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Information Disclosure Database Server
NVD
CVSS 3.0
9.9
EPSS
2.5%
CVE-2018-10630 CRITICAL PATCH Act Now

For Crestron TSW-X60 version prior to 2.001.0037.001 and MC3 version prior to 1.502.0047.001, The devices are shipped with authentication disabled, and there is no indication to users that they need. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Tsw X60 Firmware Mc3 Firmware
NVD
CVSS 3.0
9.8
EPSS
10.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy