Skip to main content
CVE-2022-30927 CRITICAL POC Act Now

A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Simple Task Scheduling System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2022-32511 CRITICAL PATCH GHSA Act Now

jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Jmespath Fedora
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
2.1%
CVE-2022-31481 CRITICAL Act Now

An unauthenticated attacker can send a specially crafted update file to the device that can overflow a buffer. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Lp1501 Firmware Lp1502 Firmware Lp2500 Firmware +11
NVD
CVSS 3.1
10.0
EPSS
1.5%
CVE-2022-31768 CRITICAL PATCH Act Now

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM SQLi Infosphere Information Server
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-31479 CRITICAL Act Now

An unauthenticated attacker can update the hostname with a specially crafted name that will allow for shell commands to be executed during the core collection process. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Lp1501 Firmware Lp1502 Firmware Lp2500 Firmware Lp4502 Firmware +10
NVD
CVSS 3.1
9.8
EPSS
2.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy