Skip to main content
CVE-2022-27342 CRITICAL POC Act Now

Link-Admin v0.0.1 was discovered to contain a SQL injection vulnerability via DictRest.ResponseResult(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Link Admin
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-27341 CRITICAL POC Act Now

JFinalCMS v2.0 was discovered to contain a SQL injection vulnerability via the Article Management function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jfinalcms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-1440 CRITICAL POC PATCH Act Now

Command Injection vulnerability in git-interface@2.1.1 in GitHub repository yarkeev/git-interface prior to 2.1.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Git Interface
NVD GitHub
CVSS 3.1
9.8
EPSS
3.9%
CVE-2022-27404 CRITICAL POC Act Now

FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Freetype Fedora
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2022-26674 CRITICAL Act Now

ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker to write to arbitrary memory address and perform remote arbitrary code execution, arbitrary system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Rt Ax88U Firmware
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2022-26672 CRITICAL Act Now

ASUS WebStorage has a hardcoded API Token in the APP source code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Webstorage
NVD
CVSS 3.1
9.8
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy