Skip to main content
CVE-2023-27569 CRITICAL POC Act Now

The eo_tags package before 1.3.0 for PrestaShop allows SQL injection via an HTTP User-Agent or Referer header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Eo Tags
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-1537 CRITICAL POC PATCH Act Now

Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Answer
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1153 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pacsrapor allows SQL Injection, Command Line Execution through SQL Injection.22. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Pacsrapor
NVD VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-26497 CRITICAL Act Now

An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5125. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Samsung Exynos Modem 5300 Firmware Exynos Modem 5123 Firmware +3
NVD
CVSS 3.1
9.8
EPSS
24.3%
CVE-2023-1529 CRITICAL Act Now

Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Google Chrome Fedora
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-25684 CRITICAL PATCH Act Now

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to SQL injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi IBM Security Key Lifecycle Manager
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-27570 CRITICAL PATCH Act Now

The eo_tags package before 1.4.19 for PrestaShop allows SQL injection via a crafted _ga cookie. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Eo Tags
NVD
CVSS 3.1
9.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy