Skip to main content
CVE-2023-39023 CRITICAL POC Act Now

university compass v2.2.0 and below was discovered to contain a code injection vulnerability in the component org.compass.core.executor.DefaultExecutorManager.configure. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection University Compass
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-39022 CRITICAL POC Act Now

oscore v2.2.6 and below was discovered to contain a code injection vulnerability in the component com.opensymphony.util.EJBUtils.createStateless. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Oscore
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-39021 CRITICAL POC Act Now

wix-embedded-mysql v4.6.1 and below was discovered to contain a code injection vulnerability in the component com.wix.mysql.distribution.Setup.apply. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Wix Embedded Mysql
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-39020 CRITICAL POC PATCH Act Now

stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Stanford Parser
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-39018 CRITICAL POC Act Now

FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.<constructor>. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java RCE Code Injection Ffmpeg Cli Wrapper
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-39017 CRITICAL POC Act Now

quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Quartz
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-39016 CRITICAL POC Act Now

bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Bboss
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-39015 CRITICAL POC Act Now

webmagic-extension v0.9.0 and below was discovered to contain a code injection vulnerability via the component us.codecraft.webmagic.downloader.PhantomJSDownloader. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Webmagic
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-39013 CRITICAL POC Act Now

Duke v1.2 and below was discovered to contain a code injection vulnerability via the component no.priv.garshol.duke.server.CommonJTimer.init. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Duke
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-39010 CRITICAL POC PATCH Act Now

BoofCV 0.42 was discovered to contain a code injection vulnerability via the component boofcv.io.calibration.CalibrationIO.load. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Boofcv
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-38992 CRITICAL POC PATCH THREAT Act Now

jeecg-boot v3.5.1 was discovered to contain a SQL injection vulnerability via the title parameter at /sys/dict/loadTreeData. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jeecg Boot
NVD GitHub
CVSS 3.1
9.8
EPSS
72.0%
CVE-2023-37754 CRITICAL POC THREAT Act Now

PowerJob v4.3.3 was discovered to contain a remote command execution (RCE) vulnerability via the instanceId parameter at /instance/detail. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Powerjob
NVD GitHub
CVSS 3.1
9.8
EPSS
26.9%
CVE-2023-3988 CRITICAL POC Act Now

A vulnerability was found in Cafe Billing System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Cafe Billing System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-3987 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Simple Online Mens Salon Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Simple Online Men S Salon Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-3985 CRITICAL POC Act Now

A vulnerability has been found in SourceCodester Online Jewelry Store 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Jewelry Store
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-38604 CRITICAL Act Now

An out-of-bounds write issue was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Apple Ipados +4
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-38598 CRITICAL Act Now

A use-after-free issue was addressed with improved memory management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Apple RCE Memory Corruption Ipados +4
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-37285 CRITICAL Act Now

An out-of-bounds read was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Apple Ipados +2
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-36495 CRITICAL Act Now

An integer overflow was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Apple Ipados Iphone Os +3
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-34425 CRITICAL Act Now

The issue was addressed with improved memory handling. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +1
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-3984 CRITICAL Act Now

A vulnerability, which was classified as critical, was found in phpscriptpoint RecipePoint 1.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Recipepoint
NVD VulDB
CVSS 3.1
9.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy