Skip to main content
CVE-2023-51277 CRITICAL POC PATCH Act Now

nbviewer-app (aka Jupyter Notebook Viewer) before 0.1.6 has the get-task-allow entitlement for release builds. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Jupyter Notebook Viewer
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2023-50027 CRITICAL POC Act Now

SQL Injection vulnerability in Buy Addons baproductzoommagnifier module for PrestaShop versions 1.0.16 and before, allows remote attackers to escalate privileges and gain sensitive information via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Bazoom Magnifier
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2022-46839 CRITICAL Act Now

Unrestricted file upload in JS Help Desk WordPress plugin. CVSS 10.0.

File Upload
NVD
CVSS 3.1
10.0
EPSS
0.3%
CVE-2020-13880 CRITICAL Act Now

IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+1cbf heap-based out-of-bounds write. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption B3D
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2020-13879 CRITICAL Act Now

IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+214f heap-based out-of-bounds write. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption B3D
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2020-13878 CRITICAL Act Now

IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+27ef heap-based out-of-bounds write. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption B3D
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2024-22088 CRITICAL POC Act Now

Lotos WebServer through 0.1.1 (commit 3eb36cc) has a use-after-free in buffer_avail() at buffer.h via a long URI, because realloc is mishandled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure Lotos Webserver
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2024-22087 CRITICAL POC THREAT Act Now

route in main.c in Pico HTTP Server in C through f3b69a6 has an sprintf stack-based buffer overflow via a long URI, leading to remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.8%.

Buffer Overflow RCE Memory Corruption Pico Http Server In C
NVD GitHub
CVSS 3.1
9.8
EPSS
10.8%
CVE-2024-22086 CRITICAL POC Act Now

handle_request in http.c in cherry through 4b877df has an sscanf stack-based buffer overflow via a long URI, leading to remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Cherry
NVD GitHub
CVSS 3.1
9.8
EPSS
3.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy