Skip to main content
CVE-2023-51771 CRITICAL POC Act Now

In MicroHttpServer (aka Micro HTTP Server) through a8ab029, _ParseHeader in lib/server.c allows a one-byte recv buffer overflow via a long URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Micro Http Server
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-7097 CRITICAL POC Act Now

A vulnerability classified as critical has been found in code-projects Water Billing System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Water Billing System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-7095 CRITICAL POC THREAT Act Now

A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow A7100Ru Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
13.7%
CVE-2023-49954 CRITICAL Act Now

The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a first name, search string, or email address. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi 3Cx
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2023-31224 CRITICAL Act Now

There is broken access control during authentication in Jamf Pro Server before 10.46.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Jamf
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-48654 CRITICAL Act Now

One Identity Password Manager before 5.13.1 allows Kiosk Escape. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Google Microsoft Password Manager
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-7099 CRITICAL Act Now

A vulnerability, which was classified as critical, has been found in PHPGurukul Nipah Virus Testing Management System 1.0.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Nipah Virus Testing Management System
NVD VulDB GitHub
CVSS 3.1
9.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy