Skip to main content
CVE-2024-22419 CRITICAL POC PATCH Act Now

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Vyper
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-0655 CRITICAL POC Act Now

A vulnerability has been found in Novel-Plus 4.3.0-RC1 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Novel Plus
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-6816 CRITICAL Act Now

A heap overflow vulnerability exists in X.Org Server and Xwayland where improper memory allocation for logical button mappings allows remote attackers to execute arbitrary code with high privileges. The flaw affects multiple Linux distributions including RHEL 7, Fedora 39, and Debian 10, with a critical CVSS score of 9.8 and an EPSS score of 3.26% (87th percentile), indicating moderate real-world exploitation likelihood. Multiple security advisories have been issued by Red Hat with patches available, though no evidence of active exploitation (not in KEV) or public proof-of-concept exists.

Buffer Overflow
NVD
CVSS 3.1
9.8
EPSS
3.3%
CVE-2023-5806 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mergen Software Quality Management System allows SQL Injection.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Quality Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2024-22415 CRITICAL PATCH Act Now

jupyter-lsp is a coding assistance tool for JupyterLab (code navigation + hover suggestions + linters + autocompletion + rename) using Language Server Protocol. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Language Server Protocol Integration
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-22212 CRITICAL PATCH Act Now

Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Nextcloud Global Site Selector
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-22317 CRITICAL PATCH Act Now

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow a remote attacker to obtain sensitive information or cause a denial of service due to improper. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Denial Of Service App Connect Enterprise
NVD
CVSS 3.1
9.1
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy