Skip to main content
CVE-2023-47397 CRITICAL POC Act Now

WeBid <=1.2.2 is vulnerable to code injection via admin/categoriestrans.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection PHP Webid
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-4249 CRITICAL Act Now

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 has a command injection vulnerability in their implementation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Command Injection Cf7500 Firmware Cf7300 Firmware +9
NVD
CVSS 3.1
9.8
EPSS
10.4%
CVE-2023-45225 CRITICAL Act Now

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE Cf7500 Firmware Cf7300 Firmware +9
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-43755 CRITICAL Act Now

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE Cf7500 Firmware Cf7300 Firmware +9
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-3959 CRITICAL Act Now

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE Cf7500 Firmware Cf7300 Firmware +9
NVD
CVSS 3.1
9.8
EPSS
40.4%
CVE-2023-39435 CRITICAL Act Now

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to stack-based overflows. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE Cf7500 Firmware Cf7300 Firmware +9
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-29974 CRITICAL Act Now

An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via weak password requirements. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Brute Force Pfsense
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2023-5913 CRITICAL Act Now

Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Fortify Scancentral Dast
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-45849 CRITICAL Act Now

An arbitrary code execution which results in privilege escalation was discovered in Helix Core versions prior to 2023.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation RCE Code Injection Helix Core
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-6012 CRITICAL Act Now

An improper input validation vulnerability has been found in Lanaccess ONSAFE MonitorHM affecting version 3.7.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Onsafe Monitorhm
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-5941 CRITICAL Act Now

In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Freebsd
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-5801 CRITICAL Act Now

Vulnerability of identity verification being bypassed in the face unlock module. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Harmonyos Emui
NVD
CVSS 3.1
9.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy