Skip to main content
CVE-2022-24136 CRITICAL POC Act Now

Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type vulerability in treatmentrecord.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Hospital Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2022-26546 CRITICAL POC Act Now

Hospital Management System v1.0 was discovered to lack an authorization component, allowing attackers to access sensitive information and obtain the admin password. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Hospital Management System
NVD GitHub
CVSS 3.1
9.1
EPSS
1.4%
CVE-2022-24796 CRITICAL PATCH Act Now

RaspberryMatic is a free and open-source operating system for running a cloud-free smart-home using the homematicIP / HomeMatic hardware line of IoT devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Command Injection File Upload Raspberrymatic
NVD GitHub
CVSS 3.1
9.8
EPSS
3.5%
CVE-2022-24791 CRITICAL PATCH Act Now

Wasmtime is a standalone JIT-style runtime for WebAssembly, using Cranelift. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Wasmtime
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-24797 CRITICAL PATCH Act Now

Pomerium is an identity-aware access proxy. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Denial Of Service Information Disclosure Pomerium
NVD GitHub
CVSS 3.1
9.1
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy