Skip to main content
CVE-2020-37123 CRITICAL POC THREAT Emergency

Remote code execution via OS command injection in Pinger 1.0 allows attackers to inject shell commands through the ping target parameter. EPSS 12.2% indicates significant exploitation likelihood. PoC available.

PHP RCE
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
12.2%
CVE-2020-37125 CRITICAL POC Act Now

Unauthenticated remote code execution via OS command injection in Edimax EW-7438RPn-v3 Mini wireless extender firmware 1.27. EPSS 1.3% with PoC available.

RCE Command Injection Ew 7438rpn Mini Firmware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2025-68121 CRITICAL POC PATCH Act Now

Critical certificate validation bypass in Go crypto/tls during session resumption. If ClientCAs or RootCAs fields are mutated between creating the config and resuming a session, the TLS stack uses the modified trust store, potentially accepting certificates from unintended CAs. CVSS 10.0, PoC available, patch available.

Information Disclosure Go
NVD VulDB
CVSS 3.1
10.0
EPSS
0.0%
CVE-2020-37120 CRITICAL POC Act Now

Buffer overflow in Rubo DICOM Viewer 2.0 through the DICOM server name input field allows attackers to execute arbitrary code. PoC available.

RCE Buffer Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2020-37126 CRITICAL POC Act Now

Stack overflow in Free Desktop Clock 3.0 triggered by crafted Time Zones display name input allows attackers to execute arbitrary code. PoC available.

Stack Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2020-37124 CRITICAL POC Act Now

Buffer overflow in B64dec 1.1.2 base64 decoder allows attackers to execute arbitrary code by overwriting structured exception handler pointers. PoC available.

Buffer Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2020-37138 CRITICAL POC Act Now

Buffer overflow in 10-Strike Network Inventory Explorer 9.03 file import functionality allows attackers to execute arbitrary code via crafted import files. PoC available.

Buffer Overflow Stack Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2020-37119 CRITICAL POC Act Now

Stack-based buffer overflow in Nsauditor Network Auditing Tool 3.0.28 and 3.2.1.0 in the DNS Lookup tool allows attackers to execute arbitrary code via crafted input. PoC available.

DNS Buffer Overflow Nsauditor
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2020-37129 CRITICAL POC Act Now

Insecure folder permissions in MEmu Play 7.1.3 Android emulator allow low-privileged users to modify application binaries, enabling privilege escalation to SYSTEM. PoC available.

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-23796 CRITICAL Act Now

Session fixation vulnerability in Quick.Cart allows attackers to set a user's session identifier before authentication. The session ID persists through login, enabling session hijacking of authenticated users.

Information Disclosure Quick.Cart
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-24300 CRITICAL PATCH Act Now

Elevation of privilege vulnerability in Azure Front Door allows attackers to gain elevated access. Microsoft Azure cloud service vulnerability affecting CDN/WAF infrastructure.

Azure Azure Front Door
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-0106 CRITICAL Act Now

Missing bounds check in Android VPU (Video Processing Unit) driver's vpu_mmap allows arbitrary address memory mapping, potentially leading to local privilege escalation on Android devices.

Privilege Escalation Android Google
NVD
CVSS 3.1
9.3
EPSS
0.0%
CVE-2025-68723 CRITICAL Act Now

Multiple stored XSS vulnerabilities in Axigen Mail Server before 10.5.57 WebAdmin interface allow authenticated administrators to inject persistent malicious scripts that execute in other admin sessions.

TLS XSS Privilege Escalation Axigen Mail Server
NVD GitHub
CVSS 3.1
9.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy