Skip to main content
CVE-2022-23901 CRITICAL POC Act Now

A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/dead_rules.cc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Re2C
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2022-25420 CRITICAL POC Act Now

NTT Resonant Incorporated goo blog App Web Application 1.0 is vulnerable to CLRF injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Goo Blog
NVD GitHub
CVSS 3.1
9.8
EPSS
2.4%
CVE-2022-25521 CRITICAL Act Now

NUUO v03.11.00 was discovered to contain access control issue. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Network Video Recorder Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
1.7%
CVE-2022-26871 CRITICAL KEV PATCH THREAT Act Now

An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE File Upload Trend Micro Apex Central Apex One
NVD
CVSS 3.1
9.8
EPSS
19.6%
CVE-2022-27175 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in GetCalcTagList. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-26887 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_loopmapHandler.ashx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
9.5%
CVE-2022-26836 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerExport.ashx/Calendar. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-26667 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in GetDemandAnalysisData. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-26666 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerECC.ashx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-26514 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in DIAE_tagHandler.ashx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-26349 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in DIAE_eccoefficientHandler.ashx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-26338 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerPageP_KID.ashx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-26069 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerPage_KID.ashx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-26065 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in GetLatestDemandNode. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-26059 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in GetQueryData. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-26013 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in DIAE_dmdsetHandler.ashx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
8.9%
CVE-2022-25980 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerCommon.ashx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-25880 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerTag_KID.ashx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-0923 CRITICAL Act Now

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerDialog_KID.ashx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-1084 CRITICAL Act Now

A vulnerability classified as critical was found in SourceCodester One Church Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Authentication Bypass One Church Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-1083 CRITICAL Act Now

A vulnerability classified as critical has been found in Microfinance Management System. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Microfinance Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-1082 CRITICAL Act Now

A vulnerability was found in SourceCodester Microfinance Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Microfinance Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-1080 CRITICAL Act Now

A vulnerability was found in SourceCodester One Church Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi One Church Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-1078 CRITICAL Act Now

A vulnerability was found in SourceCodester College Website Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi College Website Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-1073 CRITICAL Act Now

A vulnerability was found in Automatic Question Paper Generator 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Automatic Question Paper Generator System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy