Skip to main content
CVE-2018-18963 CRITICAL POC Act Now

Busca.aspx.cs in Degrau Publicidade e Internet Plataforma de E-commerce allows SQL Injection via the busca/ URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Degraupublicidade
NVD
CVSS 3.0
9.8
EPSS
1.5%
CVE-2018-14667 CRITICAL KEV PATCH THREAT Act Now

The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Code Injection RCE Richfaces Enterprise Linux
NVD
CVSS 3.1
9.8
EPSS
74.2%
CVE-2018-9446 CRITICAL PATCH Act Now

In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds write due to memory corruption. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Google Memory Corruption RCE Buffer Overflow Android
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2018-9356 CRITICAL PATCH Act Now

In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google RCE Android
NVD
CVSS 3.0
9.8
EPSS
3.2%
CVE-2018-9355 CRITICAL Act Now

In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of bounds stack write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Memory Corruption RCE Buffer Overflow Android
NVD
CVSS 3.0
9.8
EPSS
3.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy