Skip to main content
CVE-2022-30882 CRITICAL POC Act Now

pyanxdns package in PyPI version 0.2 is vulnerable to code execution backdoor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Pyanxdns
NVD GitHub
CVSS 3.1
9.8
EPSS
2.2%
CVE-2022-30877 CRITICAL POC Act Now

The keep for python, as distributed on PyPI, included a code-execution backdoor inserted by a third party. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python Information Disclosure Keep
NVD GitHub
CVSS 3.1
9.8
EPSS
2.3%
CVE-2022-30926 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the EditMacList parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30925 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AddMacList parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30924 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the SetAPWifiorLedInfoById parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30923 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTimingtimeWifiAndLed parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30922 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the EditWlanMacList parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30921 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the SetMobileAPInfoById parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30920 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_BasicSSID parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30919 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_BasicSSID_5G parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30918 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTelnet parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30917 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AddWlanMacList parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30916 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTelnetDebug parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30915 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateSnat parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30914 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateMacClone parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30913 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the ipqos_set_bandwidth parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30912 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateWanParams parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30910 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-30909 CRITICAL POC Act Now

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magic R100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-1692 CRITICAL POC THREAT Act Now

The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the ordering_by query parameter before using it in a SQL statement in pages where the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi WordPress Cp Image Store With Slideshow
NVD WPScan
CVSS 3.1
9.8
EPSS
10.4%
CVE-2022-0788 CRITICAL POC Act Now

The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi WordPress Fundengine
NVD WPScan
CVSS 3.1
9.8
EPSS
7.9%
CVE-2022-21122 CRITICAL POC PATCH Act Now

The package metacalc before 0.0.2 are vulnerable to Arbitrary Code Execution when it exposes JavaScript's Math class to the v8 context. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Code Injection Metacalc
NVD GitHub
CVSS 3.1
9.8
EPSS
2.4%
CVE-2022-24065 CRITICAL POC PATCH Act Now

The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Python Cookiecutter Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
4.2%
CVE-2022-1996 CRITICAL POC PATCH Act Now

Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Go Restful Fedora
NVD GitHub
CVSS 3.1
9.1
EPSS
2.7%
CVE-2022-31313 CRITICAL Act Now

api-res-py package in PyPI 0.1 is vulnerable to a code execution backdoor in the request package. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Api Res Py
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy