CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2023-33025 Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-24326 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the arpEnable parameter in the setStaticDhcpRules function. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-24328 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setMacFilterRules function. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-23058 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pass parameter in the setTr069Cfg function. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-23057 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-6316 The MW WP Form plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the '_single_file_upload' function in versions up to, and including, 5.0.1. This... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-21623 OTCLient is an alternative tibia client for otserv. Prior to commit db560de0b56476c87a2f967466407939196dd254, the /mehah/otclient "`Analysis - SonarCloud`" workflow is vulnerable to an expression inje... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-48049 A SQL injection vulnerability in Cybrosys Techno Solutions Website Blog Search (aka website_search_blog) v. 13.0 through 13.0.1.0.1 allows a remote attacker to execute arbitrary code and to gain privi... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-23745 In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an a... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-31488 Hyland Perceptive Filters releases before 2023-12-08 (e.g., 11.4.0.2647), as used in Cisco IronPort Email Security Appliance Software, Cisco Secure Email Gateway, and various non-Cisco products, allow... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-51958 Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-51957 Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formGetIptv. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-51961 Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-51972 Tenda AX1803 v1.0.0.1 was discovered to contain a command injection vulnerability via the function fromAdvSetLanIp. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-40954 A SQL injection vulnerability in Grzegorz Marczynski Dynamic Progress Bar (aka web_progress) v. 11.0 through 11.0.2, v12.0 through v12.0.2, v.13.0 through v13.0.2, v.14.0 through v14.0.2.1, v.15.0 thr... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-49665 Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'quantity[]' parameter of the submit_delivery_list.php resource does not validate the characters rece... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32640 SimpleEval is a library for adding evaluatable expressions into python projects. Prior to 1.0.5, objects (including modules) can leak dangerous modules through to direct access inside the sandbox. If ... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-50743 Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'dd' parameter of the registration.php resource does not validate the characters received a... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-24482 Aprktool before 2.9.3 on Windows allows ../ and /.. directory traversal. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-49622 Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.Β The 'itemnameid' parameter of the material_bill.php?action=itemRelation resource does not validate the ch... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-49624 Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cancelid' parameter of the material_bill.php resource does not validate the characters received and ... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-49625 Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the partylist_edit_submit.php resource does not validate the characters received an... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-49633 Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'buyer_address' parameter of the buyer_detail_submit.php resource does not validate the characters re... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-49639 Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'customer_details' parameter of the buyer_invoice_submit.php resource does not validate the character... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-49658 Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'bank_details' parameter of the party_submit.php resource does not validate the characters received a... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-50752 Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'e' parameter of the login.php resource does not validate the characters received and they ... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-50753 Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'dd' parameter of the user/update_profile.php resource does not validate the characters rec... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-50862 Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelIDHidden' parameter of the booking.php resource does not validate the characters received and the... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-50863 Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelIDHidden' parameter of the generateReceipt.php resource does not validate the characters received... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-50864 Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelId' parameter of the hotelDetails.php resource does not validate the characters received and they... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-50865 Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'city' parameter of the hotelSearch.php resource does not validate the characters received and they are... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-50866 Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginAction.php resource does not validate the characters received and they... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-50867 Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the signupAction.php resource does not validate the characters received and the... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-22088 Lotos WebServer through 0.1.1 (commit 3eb36cc) has a use-after-free in buffer_avail() at buffer.h via a long URI, because realloc is mishandled. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-22320 IBM Operational Decision Manager 8.10.3 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, ... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-48050 SQL injection vulnerability in Cams Biometrics Zkteco, eSSL, Cams Biometrics Integration Module with HR Attendance (aka odoo-biometric-attendance) v. 13.0 through 16.0.1 allows a remote attacker to ex... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-21764 In Rapid Software LLC's Rapid SCADA versions prior toΒ Version 5.8.4, theΒ product uses hard-coded credentials, which may allow an attacker to connect to a specific port. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-7227 SystemK NVR 504/508/516 versions 2.3.5SK.30084998 and prior are vulnerable to a command injection vulnerability in the dynamic domain name system (DDNS) settings that could allow an attacker to execu... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-24561 Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflo... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-48371 ITPison OMICARD EDMβs file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary execut... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-48372 ITPison OMICARD EDM 's SMS-related function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, mo... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-32998 The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive us... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-31273 An issue in TopIDP3000 Topsec Operating System tos_3.3.005.665b.15_smpidp allows attackers to perform a brute-force attack via a crafted session_id cookie. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-32997 The RootInteractive package in PyPI v0.0.5 to v0.0.19b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user inform... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-32094 Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at doctorlogin.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-32092 D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-31767 IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 227980. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-31311 An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to execute arbitrary commands via a crafted POST request. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-40597 The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-32093 Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at adminlogin.php. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.