Skip to main content
CVE-2023-25344 CRITICAL POC Act Now

An issue was discovered in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to execute arbitrary code via crafted Object.prototype anonymous function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Swig Templates Swig
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-1416 CRITICAL POC Act Now

A vulnerability classified as critical has been found in Simple Art Gallery 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple Art Gallery
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1379 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Friendly Island Pizza Website And Ordering System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-24726 CRITICAL POC Act Now

Art Gallery Management System v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter on the enquiry page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Art Gallery Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-27240 CRITICAL POC Act Now

Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tenda Ax3 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.8%
CVE-2023-27239 CRITICAL POC Act Now

Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the shareSpeed parameter at /goform/WifiGuestSet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tenda Ax3 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-27757 CRITICAL POC Act Now

An arbitrary file upload vulnerability in the /admin/user/uploadImg component of PerfreeBlog v3.1.1 allows attackers to execute arbitrary code via a crafted JPG file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Perfreeblog
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-28461 CRITICAL KEV THREAT Act Now

Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Authentication Bypass Arrayos Ag
NVD
CVSS 3.1
9.8
EPSS
67.6%
CVE-2023-24468 CRITICAL Act Now

Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Netiq Advanced Authentication
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-28371 CRITICAL PATCH Act Now

In Stellarium through 1.2, attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Stellarium
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy