unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2023-22323
In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software versions which have re CVE project by @Sn0wAlice
Create: 2023-02-02 04:18:49 +0000 UTC Push: 2023-02-02 04:18:51 +0000 UTC |
Live-Hack-CVE/CVE-2023-22326
In BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, and all versions of BIG-IQ 8.x and 7.1.x, incorrect permission assignment vulnerabilities exist in the iControl REST and TMOS shell (tmsh) dig command which may allow an authent CVE project by @Sn0wAlice
Create: 2023-02-02 04:18:46 +0000 UTC Push: 2023-02-02 04:18:48 +0000 UTC |
Live-Hack-CVE/CVE-2023-22302
In BIG-IP versions 17.0.x before 17.0.0.2, and 16.1.x beginning in 16.1.2.2 to before 16.1.3.3, when an HTTP profile is configured on a virtual server and conditions beyond the attacker’s control exist on the target pool member, undisclosed requests sent to the BIG-IP system can cause the Traffic Management Microkernel CVE project by @Sn0wAlice
Create: 2023-02-02 04:18:42 +0000 UTC Push: 2023-02-02 04:18:44 +0000 UTC |
Live-Hack-CVE/CVE-2023-22283
On versions beginning in 7.1.5 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the system and the attacker requires administrati CVE project by @Sn0wAlice
Create: 2023-02-02 04:18:38 +0000 UTC Push: 2023-02-02 04:18:40 +0000 UTC |
Live-Hack-CVE/CVE-2023-22281
On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP AFM NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. No CVE project by @Sn0wAlice
Create: 2023-02-02 04:18:33 +0000 UTC Push: 2023-02-02 04:18:35 +0000 UTC |
Live-Hack-CVE/CVE-2022-47983
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 243161. CVE project by @Sn0wAlice
Create: 2023-02-02 04:18:29 +0000 UTC Push: 2023-02-02 04:18:32 +0000 UTC |
Live-Hack-CVE/CVE-2022-43922
IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583. CVE project by @Sn0wAlice
Create: 2023-02-02 04:18:26 +0000 UTC Push: 2023-02-02 04:18:28 +0000 UTC |
Live-Hack-CVE/CVE-2023-20922
In setMimeGroup of PackageManagerService.java, there is a possible crash loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Andro CVE project by @Sn0wAlice
Create: 2023-02-02 04:18:21 +0000 UTC Push: 2023-02-02 04:18:23 +0000 UTC |
Live-Hack-CVE/CVE-2023-20920
In queue of UsbRequest.java, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android- CVE project by @Sn0wAlice
Create: 2023-02-02 04:18:17 +0000 UTC Push: 2023-02-02 04:18:20 +0000 UTC |
Live-Hack-CVE/CVE-2023-20921
In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVer CVE project by @Sn0wAlice
Create: 2023-02-02 04:18:13 +0000 UTC Push: 2023-02-02 04:18:16 +0000 UTC |
Live-Hack-CVE/CVE-2023-20916
In getMainActivityLaunchIntent of LauncherAppsService.java, there is a possible way to bypass the restrictions on starting activities from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for CVE project by @Sn0wAlice
Create: 2023-02-02 04:18:08 +0000 UTC Push: 2023-02-02 04:18:11 +0000 UTC |
Live-Hack-CVE/CVE-2023-20919
In getStringsForPrefix of Settings.java, there is a possible prevention of package uninstallation due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android CVE project by @Sn0wAlice
Create: 2023-02-02 04:18:04 +0000 UTC Push: 2023-02-02 04:18:07 +0000 UTC |
motikan2010/CVE-2023-23924
Create: 2023-02-02 02:21:23 +0000 UTC Push: 2023-02-02 02:21:23 +0000 UTC |
Live-Hack-CVE/CVE-2022-21810
All versions of the package smartctl are vulnerable to Command Injection via the info method due to improper input sanitization. CVE project by @Sn0wAlice
Create: 2023-02-02 02:04:11 +0000 UTC Push: 2023-02-02 02:04:13 +0000 UTC |
Live-Hack-CVE/CVE-2023-0416
GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice
Create: 2023-02-02 02:04:07 +0000 UTC Push: 2023-02-02 02:04:09 +0000 UTC |
Live-Hack-CVE/CVE-2023-0417
Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice
Create: 2023-02-02 02:04:03 +0000 UTC Push: 2023-02-02 02:04:06 +0000 UTC |
Live-Hack-CVE/CVE-2023-0415
iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice
Create: 2023-02-02 02:03:59 +0000 UTC Push: 2023-02-02 02:04:02 +0000 UTC |
Live-Hack-CVE/CVE-2019-13767
Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE project by @Sn0wAlice
Create: 2023-02-02 02:03:55 +0000 UTC Push: 2023-02-02 02:03:57 +0000 UTC |
Live-Hack-CVE/CVE-2023-0413
Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice
Create: 2023-02-02 02:03:51 +0000 UTC Push: 2023-02-02 02:03:53 +0000 UTC |
Live-Hack-CVE/CVE-2023-0414
Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file CVE project by @Sn0wAlice
Create: 2023-02-02 02:03:47 +0000 UTC Push: 2023-02-02 02:03:49 +0000 UTC |
Previous
638
639
640
641
642
643
644
645
Next