Skip to main content
CVE-2023-38203 CRITICAL POC KEV PATCH THREAT Act Now

Adobe ColdFusion contains a second deserialization vulnerability enabling unauthenticated RCE, disclosed shortly after CVE-2023-29300 and similarly exploited against government and enterprise targets.

NVD
CVSS 3.1
9.8
EPSS
94.2%
Threat
9.8
CVE-2023-3799 CRITICAL POC Act Now

A vulnerability was found in IBOS OA 4.5.5 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ibos
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-3798 CRITICAL POC Act Now

A vulnerability has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Flash Flood Disaster Monitoring And Warning System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-31753 CRITICAL POC Act Now

SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an attacker to execute arbitrary SQL commands via the "rid=" parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Endonesia
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-37165 CRITICAL POC Act Now

Millhouse-Project v1.414 was discovered to contain a remote code execution (RCE) vulnerability via the component /add_post_sql.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP SQLi Millhouse Project
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
1.7%
CVE-2023-38408 CRITICAL POC PATCH THREAT Act Now

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSH RCE Openssh Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
76.8%
CVE-2023-3795 CRITICAL Act Now

A vulnerability classified as critical was found in Bug Finder ChainCity Real Estate Investment Platform 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Chaincity
NVD VulDB
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-3793 CRITICAL Act Now

A vulnerability was found in Weaver e-cology. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi E Cology
NVD VulDB
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-3791 CRITICAL Act Now

A vulnerability was found in IBOS OA 4.5.5 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft SQLi Ibos
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-37471 CRITICAL PATCH Act Now

Open Access Management (OpenAM) is an access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Openam
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-37289 CRITICAL Act Now

It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Document On Line Submission And Approval System
NVD
CVSS 3.1
9.8
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy