Skip to main content
CVE-2022-44938 CRITICAL POC Act Now

Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attackers to execute a full account takeover via a brute force attack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Seeddms
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-45506 CRITICAL POC Act Now

Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection W30e Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.5%
CVE-2022-45497 CRITICAL POC Act Now

Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the tpi_get_ping_output function at /goform/exeCommand. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection W6 S Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.5%
CVE-2022-4354 CRITICAL POC Act Now

A vulnerability was found in LinZhaoguan pb-cms 2.0 and classified as problematic. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Pb Cms
NVD VulDB
CVSS 3.1
9.6
EPSS
0.5%
CVE-2022-4291 CRITICAL Act Now

The aswjsflt.dll library from Avast Antivirus windows contained a potentially exploitable heap corruption vulnerability that could enable an attacker to bypass the sandbox of the application it was. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Script Shield
NVD
CVSS 3.1
10.0
EPSS
0.4%
CVE-2022-33186 CRITICAL Act Now

A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier versions could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Fabric Operating System
NVD
CVSS 3.1
9.8
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy