Skip to main content
CVE-2022-29778 HIGH POC This Week

D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter 'descriptor' at SetVirtualServerSettings.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass RCE D-Link Dir 890L Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
2.5%
CVE-2022-1987 HIGH POC PATCH This Week

Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Libmobi
NVD GitHub
CVSS 3.1
8.1
EPSS
0.8%
CVE-2022-26493 HIGH This Week

Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Saml Sp 2 0 Single Sign On
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-32268 HIGH This Week

StarWind SAN and NAS v0.2 build 1914 allow remote code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Starwind San Nas
NVD
CVSS 3.1
8.8
EPSS
2.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy