Skip to main content
CVE-2022-31499 CRITICAL POC THREAT Act Now

Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Emerge E3 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
64.6%
CVE-2022-36719 CRITICAL POC Act Now

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the ok parameter at /admin/history.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Library Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-36716 CRITICAL POC Act Now

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/changestock.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Library Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-36715 CRITICAL POC Act Now

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/search.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Library Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-36697 CRITICAL POC Act Now

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_waste. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-36696 CRITICAL POC Act Now

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_stockout. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-36695 CRITICAL POC Act Now

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_stockin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-36693 CRITICAL POC Act Now

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_item. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-36692 CRITICAL POC Act Now

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-37159 CRITICAL POC THREAT Act Now

Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Claroline
NVD GitHub
CVSS 3.1
9.8
EPSS
24.9%
CVE-2022-37158 CRITICAL POC Act Now

RuoYi v3.8.3 has a Weak password vulnerability in the management system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Brute Force Ruoyi Vue Pro
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-37816 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromSetIpMacBind. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37815 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the PPPOEPassword parameter in the function formQuickIndex. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37814 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the device_id parameters in the function addWifiMacFilter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37813 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromSetSysTime. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37812 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the firewallEn parameter in the function formSetFirewallCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37811 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the startIp parameter in the function formSetPPTPServer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37810 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.5%
CVE-2022-37809 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the speed_dir parameter in the function formSetSpeedWan. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37808 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the index parameter in the function formWifiWpsOOB. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37807 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function formSetClientState. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37806 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromDhcpListClient. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37805 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromWizardHandle. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37804 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37803 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromAddressNat. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37802 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromNatStaticSetting. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37801 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37800 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function fromSetRouteStatic. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37799 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37798 CRITICAL POC Act Now

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetVirtualSer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac1206 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37242 CRITICAL POC Act Now

MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP Response splitting via the data parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Security Gateway For Email Servers
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-37240 CRITICAL POC Act Now

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Security Gateway For Email Servers
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-37100 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateMacClone. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37099 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateSnat. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37098 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateIpv6Params. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37097 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetAPInfoById. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37096 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function EnableIpv6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37095 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateWanParams. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37094 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37093 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function AddMacList. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37092 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37091 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function EditWlanMacList. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37090 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function Edit_BasicSSID. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37089 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function EditMacList. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37088 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetAP5GWifiById. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37087 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetMobileAPInfoById. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37086 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37085 CRITICAL POC Act Now

H3C H200 H200V100R004 was discovered to contain a stack overflow via the AddWlanMacList function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow H200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37073 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanModeMulti. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37072 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanLinkspyMulti. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy