Skip to main content
CVE-2022-44588 CRITICAL POC THREAT Emergency

Unauth. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 34.0%.

WordPress SQLi Cryptocurrency Widgets Pack
NVD
CVSS 3.1
9.9
EPSS
34.0%
Threat
4.5
CVE-2022-45969 CRITICAL POC PATCH Act Now

Alist v3.4.0 is vulnerable to Directory Traversal,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Alist
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-46634 CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2022-46631 CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2022-44236 CRITICAL POC Act Now

Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) has a Weak password vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Brute Force Voip Simplicity Asg
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-46393 CRITICAL Act Now

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Mbed Tls Fedora
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-42842 CRITICAL Act Now

The issue was addressed with improved memory handling. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Apple RCE Buffer Overflow Ipados +4
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2022-42837 CRITICAL Act Now

An issue existed in the parsing of URLs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +1
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2022-40004 CRITICAL Act Now

Cross Site Scripting (XSS) vulnerability in Things Board 3.4.1 allows remote attackers to escalate privilege via crafted URL to the Audit Log. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Thingsboard
NVD GitHub
CVSS 3.1
9.6
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy