Skip to main content
CVE-2023-32314 CRITICAL POC PATCH Act Now

vm2 is a sandbox that can run untrusted code with Node's built-in modules. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Vm2
NVD GitHub
CVSS 3.1
10.0
EPSS
5.6%
CVE-2023-30245 CRITICAL POC Act Now

SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the crit_id parameter of the edit_criteria.php file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP SQLi Judging Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-29861 CRITICAL POC Act Now

An issue found in FLIR-DVTEL version not specified allows a remote attacker to execute arbitrary code via a crafted request to the management page of the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Dvtel Camera Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2023-29862 CRITICAL POC Act Now

An issue found in Agasio-Camera device version not specified allows a remote attacker to execute arbitrary code via the check and authLevel parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Agasio Camera Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-0600 CRITICAL POC Act Now

The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.9 does not escape user input which is concatenated to an SQL query, allowing unauthenticated visitors to conduct SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi Visitor Statistics
NVD WPScan
CVSS 3.1
9.8
EPSS
4.2%
CVE-2023-31986 CRITICAL POC Act Now

A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Br 6428Ns Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
8.2%
CVE-2023-1698 CRITICAL POC THREAT Act Now

In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Command Injection Compact Controller 100 Firmware Edge Controller Firmware Pfc100 Firmware +4
NVD
CVSS 3.1
9.8
EPSS
82.0%
CVE-2023-32308 CRITICAL PATCH Act Now

anuko timetracker is an open source time tracking system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

PHP SQLi Time Tracker
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-31131 CRITICAL PATCH Act Now

Greenplum Database (GPDB) is an open source data warehouse based on PostgreSQL. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PostgreSQL Greenplum Database
NVD GitHub
CVSS 3.1
9.1
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy