Skip to main content
CVE-2023-32874 CRITICAL Act Now

In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Lr13 Nr15 +2
NVD
CVSS 3.1
9.8
EPSS
6.0%
CVE-2023-6339 CRITICAL Act Now

Google Nest WiFi Pro root code-execution & user-data compromise. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Nest Wifi Pro Firmware
NVD VulDB
CVSS 3.1
10.0
EPSS
0.0%
CVE-2023-48418 CRITICAL Act Now

In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Pixel Watch Firmware
NVD
CVSS 3.1
10.0
EPSS
0.0%
CVE-2023-48419 CRITICAL Act Now

An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of Privilege. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Google Nest Audio Firmware Nest Mini Firmware Home Mini Firmware +1
NVD
CVSS 3.1
10.0
EPSS
0.0%
CVE-2023-47458 CRITICAL Act Now

An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via the lack of permissions control framework. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Springblade
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-33025 CRITICAL Act Now

Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware Qca8081 Firmware +20
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2023-6436 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ekol Informatics Website Template allows SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-4280 CRITICAL Act Now

An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Gecko Software Development Kit
NVD GitHub
CVSS 3.1
9.3
EPSS
0.1%
CVE-2023-33032 CRITICAL Act Now

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware +114
NVD
CVSS 3.1
9.3
EPSS
0.1%
CVE-2023-33030 CRITICAL Act Now

Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +289
NVD
CVSS 3.1
9.3
EPSS
0.1%
CVE-2024-21623 CRITICAL POC PATCH Act Now

OTCLient is an alternative tibia client for otserv. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Otclient
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy