Skip to main content
CVE-2022-42075 CRITICAL POC Act Now

Wedding Planner v1.0 is vulnerable to arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Wedding Planner
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-40872 CRITICAL POC Act Now

An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple E Learning System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-40835 CRITICAL POC Act Now

B.C. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Codeigniter
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-40834 CRITICAL POC Act Now

B.C. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Codeigniter
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-40833 CRITICAL POC Act Now

B.C. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Codeigniter
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-40832 CRITICAL POC Act Now

B.C. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Codeigniter
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-40831 CRITICAL POC Act Now

B.C. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Codeigniter
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-40830 CRITICAL POC Act Now

B.C. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Codeigniter
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-40829 CRITICAL POC Act Now

B.C. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Codeigniter
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-40828 CRITICAL POC Act Now

B.C. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Codeigniter
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-40827 CRITICAL POC Act Now

B.C. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Codeigniter
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-40826 CRITICAL POC Act Now

B.C. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Codeigniter
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-40825 CRITICAL POC Act Now

B.C. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Codeigniter
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-40824 CRITICAL POC Act Now

B.C. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Codeigniter
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-3414 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Web-Based Student Clearance System. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Web Based Student Clearance System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2022-31680 CRITICAL POC THREAT Act Now

The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Deserialization VMware Vcenter Server
NVD
CVSS 3.1
9.1
EPSS
33.1%
CVE-2022-3275 CRITICAL Act Now

Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Puppetlabs Mysql Fedora
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2022-37891 CRITICAL Act Now

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Buffer Overflow Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37890 CRITICAL Act Now

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Buffer Overflow Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37889 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-37887 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-37886 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-37885 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-39862 CRITICAL Act Now

Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Dynamic Lockscreen
NVD
CVSS 3.1
9.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy