Skip to main content
CVE-2023-49070 CRITICAL POC PATCH THREAT Act Now

Pre-auth RCE in Apache Ofbiz 18.12.09. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Code Injection Apache Ofbiz
NVD
CVSS 3.1
9.8
EPSS
95.4%
CVE-2023-6269 CRITICAL POC Act Now

An argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Unify Openscape Bcf Unify Openscape Branch Unify Openscape Session Border Controller
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-49291 CRITICAL POC PATCH Act Now

tj-actions/branch-names is a Github action to retrieve branch or tag names with support for all events. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Branch Names
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-6448 CRITICAL KEV THREAT Act Now

Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Vision1210 Firmware Vision1040 Firmware Vision700 Firmware Vision570 Firmware +13
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2023-42580 CRITICAL Act Now

Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Galaxy Store
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-33083 CRITICAL Act Now

Memory corruption in WLAN Host while processing RRM beacon on the AP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn685X 5 Firmware +111
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-33082 CRITICAL Act Now

Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn685X 5 Firmware +111
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-48698 CRITICAL Act Now

Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Threadx Usbx
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-48697 CRITICAL Act Now

Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Null Pointer Dereference Microsoft Threadx Usbx
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-48696 CRITICAL Act Now

Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Threadx Usbx
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-48695 CRITICAL Act Now

Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Microsoft Threadx Usbx
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-48694 CRITICAL Act Now

Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Threadx Usbx
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-48693 CRITICAL Act Now

Azure RTOS ThreadX is an advanced real-time operating system (RTOS) designed specifically for deeply embedded applications. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Azure Rtos Threadx
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-48692 CRITICAL Act Now

Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Microsoft Azure Rtos Netx Duo
NVD GitHub
CVSS 3.1
9.8
EPSS
3.1%
CVE-2023-48691 CRITICAL Act Now

Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Microsoft Azure Rtos Netx Duo
NVD GitHub
CVSS 3.1
9.8
EPSS
3.1%
CVE-2023-48316 CRITICAL Act Now

Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Microsoft Azure Rtos Netx Duo
NVD GitHub
CVSS 3.1
9.8
EPSS
4.3%
CVE-2023-48315 CRITICAL Act Now

Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Microsoft Azure Rtos Netx Duo
NVD GitHub
CVSS 3.1
9.8
EPSS
3.9%
CVE-2023-33054 CRITICAL Act Now

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Authentication Bypass 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware +164
NVD
CVSS 3.1
9.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy