Skip to main content
CVE-2018-17207 CRITICAL POC THREAT Emergency

An issue was discovered in Snap Creek Duplicator before 1.2.42. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE PHP Duplicator
NVD
CVSS 3.1
9.8
EPSS
58.8%
CVE-2018-17228 CRITICAL POC Act Now

nmap4j 1.1.0 allows attackers to execute arbitrary commands via shell metacharacters in an includeHosts call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Nmap4J
NVD GitHub
CVSS 3.0
9.8
EPSS
1.6%
CVE-2018-1149 CRITICAL POC THREAT Act Now

cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Nvrmini2 Firmware
NVD GitHub
CVSS 3.0
9.8
EPSS
15.2%
CVE-2018-12242 CRITICAL Act Now

The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of issue that can allow attackers to potentially circumvent security. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Messaging Gateway
NVD
CVSS 3.0
9.8
EPSS
3.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy