Skip to main content
CVE-2023-36177 CRITICAL POC THREAT Emergency

An issue was discovered in badaix Snapcast version 0.27.0, allows remote attackers to execute arbitrary code and gain sensitive information via crafted request in JSON-RPC-API. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 28.9%.

Code Injection RCE Snapcast
NVD VulDB
CVSS 3.1
9.8
EPSS
28.9%
Threat
4.3
CVE-2024-22205 CRITICAL POC PATCH Act Now

Whoogle Search is a self-hosted metasearch engine. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSRF Whoogle Search
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-22203 CRITICAL POC PATCH Act Now

Whoogle Search is a self-hosted metasearch engine. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSRF Whoogle Search
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-22663 CRITICAL POC Act Now

TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A3700r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2024-22662 CRITICAL POC Act Now

TOTOLINK A3700R_V9.1.2u.6165_20211012 has a stack overflow vulnerability via setParentalRules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption A3700r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-22660 CRITICAL POC Act Now

TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption A3700r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-23636 CRITICAL PATCH Act Now

SOFARPC is a Java RPC framework. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Apache Java Sofarpc
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-22076 CRITICAL Act Now

MyQ Print Server before 8.2 patch 43 allows remote authenticated administrators to execute arbitrary code via PHP scripts that are reached through the administrative interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE PHP Print Server
NVD
CVSS 3.1
9.8
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy