Skip to main content
CVE-2022-26318 CRITICAL POC KEV THREAT Emergency

On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Watchguard RCE Fireware
NVD
CVSS 3.1
9.8
EPSS
78.3%
CVE-2022-0839 CRITICAL POC PATCH Act Now

Improper Restriction of XML External Entity Reference in GitHub repository liquibase/liquibase prior to 4.8.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XXE Liquibase Sqlcl
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2022-26201 CRITICAL POC Act Now

Victor CMS v1.0 was discovered to contain a SQL injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Victor Cms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-0848 CRITICAL POC PATCH THREAT Act Now

OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Part Db
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
35.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy