Skip to main content
CVE-2022-40089 CRITICAL POC Act Now

A remote file inclusion (RFI) vulnerability in Simple College Website v1.0 allows attackers to execute arbitrary code via a crafted PHP file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP LFI Simple College Website
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2022-40087 CRITICAL POC Act Now

Simple College Website v1.0 was discovered to contain an arbitrary file write vulnerability via the function file_put_contents(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload Simple College Website
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2022-36934 CRITICAL POC Act Now

An integer overflow in WhatsApp could result in remote code execution in an established video call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Heap Overflow Buffer Overflow Whatsapp Whatsapp Business
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2022-3268 CRITICAL POC PATCH Act Now

Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Brute Force Minarca
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-31937 CRITICAL Act Now

Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Netgear Buffer Overflow Wnr2000V4 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-40186 CRITICAL PATCH Act Now

An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Hashicorp Vault
NVD
CVSS 3.1
9.1
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy