FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get() that can result in CPU Page Fault (error code 0x00000010). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
GIG Technology NV JumpScale Portal 7 version before commit 15443122ed2b1cbfd7bdefc048bf106f075becdb contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability has been discovered in login.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1RX before 8.1R12 and 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.2RX before 5.2R9 and 5.4RX. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.