Skip to main content
CVE-2022-42233 CRITICAL POC THREAT Act Now

Tenda 11N with firmware version V5.07.33_cn suffers from an Authentication Bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Tenda 11N Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
42.7%
CVE-2022-42021 CRITICAL POC Act Now

Best Student Result Management System v1.0 is vulnerable to SQL Injection via /upresult/upresult/notice-details.php?nid=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Student Result Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-37598 CRITICAL POC Act Now

Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Prototype Pollution Uglifyjs
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-3620 CRITICAL PATCH Act Now

A vulnerability was found in Exim and classified as problematic.c of the component DMARC Handler. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Exim Fedora
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-37298 CRITICAL PATCH Act Now

Shinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Incorrect Access Control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Shinken Monitoring
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2022-27625 CRITICAL Act Now

A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the message processing functionality of Out-of-Band (OOB) Management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Synology Buffer Overflow Diskstation Manager
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-27624 CRITICAL Act Now

A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the packet decryption functionality of Out-of-Band (OOB) Management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Synology Buffer Overflow Diskstation Manager
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-3327 CRITICAL PATCH Act Now

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Rdiffweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy