FortiOS SSL-VPN contains a heap-based buffer overflow allowing unauthenticated remote code execution, exploited as a zero-day from October 2022 by suspected Chinese state-sponsored actors targeting government networks.
NVD
CVSS 3.1
9.8
EPSS
94.0%
Threat
9.8
Kiwi TCMS is an open source test management system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Information Disclosure
Brute Force
Kiwi Tcms
NVD
GitHub
CVSS 3.1
8.8
EPSS
0.7%
kenny2automate is a Discord bot. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Information Disclosure
Kenny2Automate
NVD
GitHub
CVSS 3.1
6.5
EPSS
0.5%