Skip to main content
CVE-2022-30054 CRITICAL POC Act Now

In Covid 19 Travel Pass Management 1.0, the code parameter is vulnerable to SQL injection attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Covid 19 Travel Pass Management
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-30053 CRITICAL POC Act Now

In Toll Tax Management System 1.0, the id parameter appears to be vulnerable to SQL injection attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Toll Tax Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-30052 CRITICAL POC Act Now

In Home Clean Service System 1.0, the password parameter is vulnerable to SQL injection attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Home Clean Service System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-24108 CRITICAL POC THREAT Act Now

The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remote attacker to inject a serialized PHP object via the setting parameter, potentially resulting in the ability to write to files on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization RCE PHP So Listing Tabs
NVD
CVSS 3.1
9.8
EPSS
33.0%
CVE-2022-28181 CRITICAL PATCH Act Now

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.

Memory Corruption RCE Microsoft Linux Buffer Overflow +5
NVD
CVSS 3.1
9.9
EPSS
1.1%
CVE-2022-28616 CRITICAL PATCH Act Now

A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SSRF Oneview
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-1360 CRITICAL Act Now

The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Cnmaestro
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2022-1357 CRITICAL Act Now

The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the privileges of the web server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Cnmaestro
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2022-28617 CRITICAL PATCH Act Now

A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oneview
NVD
CVSS 3.1
9.8
EPSS
2.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy