Skip to main content
CVE-2023-27372 CRITICAL POC PATCH THREAT Act Now

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Deserialization Spip Debian Linux
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
99.6%
CVE-2023-1100 CRITICAL POC Act Now

A vulnerability classified as critical has been found in SourceCodester Online Catering Reservation System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Catering Reservation System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1099 CRITICAL Act Now

A vulnerability was found in SourceCodester Online Student Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Online Student Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-20946 CRITICAL PATCH Act Now

In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Google Android
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-0511 CRITICAL Act Now

Relative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows Authentication Bypass.10.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Path Traversal Authentication Bypass Java Policy Agents
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-0339 CRITICAL Act Now

Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass.10.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Authentication Bypass Web Policy Agents
NVD
CVSS 3.1
9.8
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy