Skip to main content
CVE-2023-34800 CRITICAL POC THREAT Act Now

D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgi_main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Go Rt Ac750 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
29.3%
CVE-2023-31672 CRITICAL POC Act Now

In the PrestaShop < 2.4.3 module "Length, weight or volume sell" (ailinear) there is a SQL injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ailinear
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-34880 CRITICAL POC Act Now

cmseasy v7.7.7.7 20230520 was discovered to contain a path traversal vulnerability via the add_action method at lib/admin/language_admin.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Path Traversal PHP Cmseasy
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-2080 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Email Security Web Security
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-34852 CRITICAL Act Now

PublicCMS <=V4.0.202302 is vulnerable to Insecure Permissions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Publiccms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-2686 CRITICAL Act Now

Buffer overflow in Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier allows connected device to write payload onto the stack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Gecko Software Development Kit
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-21130 CRITICAL PATCH Act Now

In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution due to a buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-3275 CRITICAL Act Now

A vulnerability classified as critical was found in PHPGurukul Rail Pass Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Rail Pass Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy