Skip to main content
CVE-2022-28711 CRITICAL POC Act Now

A memory corruption vulnerability exists in the cgi.c unescape functionality of ArduPilot APWeb master branch 50b6b7ac - master branch 46177cb9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Apweb
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2022-27007 CRITICAL POC PATCH Act Now

nginx njs 0.7.2 is affected suffers from Use-after-free in njs_function_frame_alloc() when it try to invoke from a restored frame saved with njs_function_frame_save(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Use After Free Nginx Information Disclosure Njs
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2022-26507 CRITICAL Act Now

A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Xmill Ecostruxure Control Expert +2
NVD
CVSS 3.1
9.8
EPSS
2.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy