Skip to main content
CVE-2023-36665 CRITICAL POC PATCH Act Now

"protobuf.js (aka protobufjs) 6.10.0 through 7.x before 7.2.5 allows Prototype Pollution, a different vulnerability than CVE-2022-25878. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Prototype Pollution Protobufjs
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2023-36934 CRITICAL POC PATCH THREAT Act Now

In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass SQLi Moveit Transfer
NVD
CVSS 3.1
9.1
EPSS
95.0%
CVE-2023-36808 CRITICAL Act Now

GLPI is a free asset and IT management software package. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Glpi
NVD GitHub
CVSS 3.1
9.8
EPSS
47.6%
CVE-2023-35924 CRITICAL Act Now

GLPI is a free asset and IT management software package. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Glpi
NVD GitHub
CVSS 3.1
9.8
EPSS
52.4%
CVE-2023-34338 CRITICAL Act Now

AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Megarac Sp X
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2023-3455 CRITICAL Act Now

Key management vulnerability on system. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy