Skip to main content
CVE-2023-38646 CRITICAL POC THREAT Emergency

Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Metabase
NVD GitHub
CVSS 3.1
9.8
EPSS
97.9%
CVE-2023-3811 CRITICAL POC Act Now

A vulnerability was found in Hospital Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-3810 CRITICAL POC Act Now

A vulnerability was found in Hospital Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-3809 CRITICAL POC Act Now

A vulnerability was found in Hospital Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-3806 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in SourceCodester House Rental and Property Listing System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP House Rental And Property Listing Php
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-3805 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in Xiamen Four Letter Video Surveillance Management System up to 20230712.class of the component Login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Video Surveillance Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-38632 CRITICAL POC Act Now

async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in tcpsocket.hpp when processing malformed TCP packets. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Asynchronous Sockets For C
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2023-3804 CRITICAL POC Act Now

A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Flash Flood Disaster Monitoring And Warning System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-3802 CRITICAL POC Act Now

A vulnerability was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Flash Flood Disaster Monitoring And Warning System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-37903 CRITICAL Act Now

vm2 is an open source vm/sandbox for Node.js. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Node.js RCE Command Injection Vm2
NVD GitHub
CVSS 3.1
10.0
EPSS
2.8%
CVE-2023-26301 CRITICAL Act Now

Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure HP Authentication Bypass Color Laserjet Pro 4201 4203 4Ra87F Firmware Color Laserjet Pro 4201 4203 4Ra88F Firmware +17
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-35087 CRITICAL Act Now

It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Rt Ac86U Firmware Rt Ax56U V2 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-37292 CRITICAL Act Now

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in HGiga iSherlock 4.5 (iSherlock-user modules), HGiga iSherlock 5.5 (iSherlock-user modules). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Isherlock
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-37291 CRITICAL Act Now

Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Vitals Enterprise Social Platform
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2023-3801 CRITICAL Act Now

A vulnerability was found in IBOS OA 4.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Ibos
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy