unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2022-47854
i-librarian 4.10 is vulnerable to Arbitrary file upload in ajaxsupplement.php. CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:22 +0000 UTC Push: 2023-02-01 03:58:25 +0000 UTC |
Live-Hack-CVE/CVE-2022-47701
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting (XSS). CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:19 +0000 UTC Push: 2023-02-01 03:58:21 +0000 UTC |
Live-Hack-CVE/CVE-2022-47700
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Incorrect Access Control. Improper authentication allows requests to be made to back-end scripts without a valid session or authentication. CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:15 +0000 UTC Push: 2023-02-01 03:58:17 +0000 UTC |
Live-Hack-CVE/CVE-2022-47699
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control. CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:12 +0000 UTC Push: 2023-02-01 03:58:14 +0000 UTC |
Live-Hack-CVE/CVE-2022-47698
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting (XSS) via the URL filtering feature in the router. CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:08 +0000 UTC Push: 2023-02-01 03:58:10 +0000 UTC |
Live-Hack-CVE/CVE-2022-47697
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts. CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:04 +0000 UTC Push: 2023-02-01 03:58:06 +0000 UTC |
Live-Hack-CVE/CVE-2023-22610
A CWE-285: Improper Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port. Affected Products: EcoStruxure™ Geo SCADA Expert 2019, EcoStruxure™ Geo SCADA Expert 2020, EcoStruxure™ Geo SCADA Expert CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:01 +0000 UTC Push: 2023-02-01 03:58:03 +0000 UTC |
Live-Hack-CVE/CVE-2022-0316
The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from ChimpStudio and PixFill doe CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:57 +0000 UTC Push: 2023-02-01 03:57:59 +0000 UTC |
Live-Hack-CVE/CVE-2016-4279
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:53 +0000 UTC Push: 2023-02-01 03:57:56 +0000 UTC |
Live-Hack-CVE/CVE-2016-6929
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:49 +0000 UTC Push: 2023-02-01 03:57:52 +0000 UTC |
Live-Hack-CVE/CVE-2016-6930
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:46 +0000 UTC Push: 2023-02-01 03:57:48 +0000 UTC |
Live-Hack-CVE/CVE-2016-6921
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6923, CVE-2016-6925, CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:42 +0000 UTC Push: 2023-02-01 03:57:44 +0000 UTC |
Live-Hack-CVE/CVE-2016-6932
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:38 +0000 UTC Push: 2023-02-01 03:57:41 +0000 UTC |
Live-Hack-CVE/CVE-2022-4017
The Booster for WooCommerce WordPress plugin before 6.0.1, Booster Plus for WooCommerce WordPress plugin before 6.0.1, Booster Elite for WooCommerce WordPress plugin before 6.0.1 have either flawed CSRF checks or are missing them completely in numerous places, allowing attackers to make logged in users perform unwanted CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:32 +0000 UTC Push: 2023-02-01 03:57:34 +0000 UTC |
Live-Hack-CVE/CVE-2022-4303
The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based restrictions on login forms. CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:28 +0000 UTC Push: 2023-02-01 03:57:30 +0000 UTC |
tin-z/solidity_CVE-2021-42574-POC
Simple POC of the CVE-2021-42574 with solidity and solc compiler
Create: 2023-02-01 02:15:00 +0000 UTC Push: 2023-02-01 02:15:00 +0000 UTC |
Live-Hack-CVE/CVE-2021-43445
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An attacker can authenticate with the web socket service of the ONLYOFFICE document editor which is protected by JWT auth by using a default JWT signing key. CVE project by @Sn0wAlice
Create: 2023-02-01 01:47:33 +0000 UTC Push: 2023-02-01 01:47:35 +0000 UTC |
Live-Hack-CVE/CVE-2021-43444
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak default URL signing key. CVE project by @Sn0wAlice
Create: 2023-02-01 01:47:29 +0000 UTC Push: 2023-02-01 01:47:31 +0000 UTC |
Live-Hack-CVE/CVE-2021-36539
Instructure Canvas LMS didn't properly deny access to locked/unpublished files when the unprivileged user access the DocViewer based file preview URL (canvadoc_session_url). CVE project by @Sn0wAlice
Create: 2023-02-01 01:47:26 +0000 UTC Push: 2023-02-01 01:47:28 +0000 UTC |
Live-Hack-CVE/CVE-2022-4672
The WordPress Simple Shopping Cart WordPress plugin before 4.6.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege user CVE project by @Sn0wAlice
Create: 2023-02-01 01:47:22 +0000 UTC Push: 2023-02-01 01:47:24 +0000 UTC |
Previous
647
648
649
650
651
652
653
654
Next