Skip to main content
CVE-2020-36084 CRITICAL POC Act Now

SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote attackers to inject sql query in /elearning/delete_teacher_students.php?id= parameter via id field. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Responsive E Learning System
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-20125 CRITICAL POC CERT-EU Act Now

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Cisco Identity Services Engine
NVD Exploit-DB
CVSS 3.1
9.1
EPSS
2.1%
CVE-2024-57077 CRITICAL Act Now

The latest version of utils-extend (1.0.8) is vulnerable to Prototype Pollution through the entry function(s) lib.extend. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Prototype Pollution Denial Of Service
NVD GitHub
CVSS 3.1
9.1
EPSS
0.2%
CVE-2025-23114 CRITICAL Act Now

A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE
NVD
CVSS 3.0
9.0
EPSS
0.4%
CVE-2024-57520 CRITICAL This Week

Insecure Permissions vulnerability in asterisk v22 allows a remote attacker to execute arbitrary code via the action_createconfig function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Asterisk
NVD GitHub
CVSS 3.1
9.8
EPSS
3.5%
CVE-2025-20124 CRITICAL POC CERT-EU Act Now

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute arbitrary commands as the root user on an affected device. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Deserialization Java Identity Services Engine
NVD Exploit-DB
CVSS 3.1
9.9
EPSS
8.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy