Skip to main content
CVE-2022-35161 CRITICAL POC Act Now

GVRET Stable Release as of Aug 15, 2015 was discovered to contain a buffer overflow via the handleConfigCmd function at SerialConsole.cpp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Generalized Electric Vehicle Reverse Engineering Tool
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-35620 CRITICAL POC THREAT Act Now

D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function binary.soapcgi_main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link RCE Dir 818L Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
31.3%
CVE-2022-35619 CRITICAL POC Act Now

D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function ssdpcgi_main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link RCE Dir 818L Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2022-34974 CRITICAL POC THREAT Act Now

D-Link DIR810LA1_FW102B22 was discovered to contain a command injection vulnerability via the Ping_addr function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 810L Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
23.0%
CVE-2022-35866 CRITICAL Act Now

This vulnerability allows remote attackers to bypass authentication on affected installations of Vinchin Backup and Recovery 6.5.0.17561. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Vinchin Backup And Recovery
NVD
CVSS 3.1
9.8
EPSS
3.2%
CVE-2022-35865 CRITICAL PATCH Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It!. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

RCE Authentication Bypass Track It
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-2272 CRITICAL Act Now

This vulnerability allows remote attackers to bypass authentication on affected installations of Sante PACS Server 3.0.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Sante Pacs Server
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2022-32292 CRITICAL PATCH Act Now

In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Connman Debian Linux
NVD
CVSS 3.1
9.8
EPSS
2.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy