unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2022-4304
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulne CVE project by @Sn0wAlice
Create: 2023-02-09 05:33:35 +0000 UTC Push: 2023-02-09 05:33:38 +0000 UTC |
Live-Hack-CVE/CVE-2022-34350
IBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through 10.0.1.7, and 2018.4.1.0 through 2018.4.1.20 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS loo CVE project by @Sn0wAlice
Create: 2023-02-09 05:33:31 +0000 UTC Push: 2023-02-09 05:33:34 +0000 UTC |
Live-Hack-CVE/CVE-2023-23131
Selfwealth iOS mobile App 3.3.1 is vulnerable to Insecure App Transport Security (ATS) Settings. CVE project by @Sn0wAlice
Create: 2023-02-09 05:33:26 +0000 UTC Push: 2023-02-09 05:33:28 +0000 UTC |
Live-Hack-CVE/CVE-2023-0617
A vulnerability was found in TRENDNet TEW-811DRU 1.0.10.0. It has been classified as critical. This affects an unknown part of the file /wireless/guestnetwork.asp of the component httpd. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the publ CVE project by @Sn0wAlice
Create: 2023-02-09 05:33:20 +0000 UTC Push: 2023-02-09 05:33:22 +0000 UTC |
Live-Hack-CVE/CVE-2023-0618
A vulnerability was found in TRENDnet TEW-652BRP 3.04B01. It has been declared as critical. This vulnerability affects unknown code of the file cfg_op.ccp of the component Web Service. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may CVE project by @Sn0wAlice
Create: 2023-02-09 05:33:16 +0000 UTC Push: 2023-02-09 05:33:19 +0000 UTC |
Live-Hack-CVE/CVE-2023-23136
lmxcms v1.41 was discovered to contain an arbitrary file deletion vulnerability via BackdbAction.class.php. CVE project by @Sn0wAlice
Create: 2023-02-09 05:33:09 +0000 UTC Push: 2023-02-09 05:33:11 +0000 UTC |
Live-Hack-CVE/CVE-2023-22575
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low privileges user could potentially exploit this vulnerability, leading to information disclosure and escalation of privileges. CVE project by @Sn0wAlice
Create: 2023-02-09 05:33:04 +0000 UTC Push: 2023-02-09 05:33:07 +0000 UTC |
Live-Hack-CVE/CVE-2022-46842
Cross-Site Request Forgery (CSRF) vulnerability in JS Help Desk plugin <= 2.7.1 versions. CVE project by @Sn0wAlice
Create: 2023-02-09 05:32:54 +0000 UTC Push: 2023-02-09 05:32:57 +0000 UTC |
Live-Hack-CVE/CVE-2022-46815
Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 versions. CVE project by @Sn0wAlice
Create: 2023-02-09 05:32:51 +0000 UTC Push: 2023-02-09 05:32:52 +0000 UTC |
Live-Hack-CVE/CVE-2022-45807
Cross-Site Request Forgery (CSRF) in WPVibes WP Mail Log plugin <= 1.0.1 versions. CVE project by @Sn0wAlice
Create: 2023-02-09 05:32:47 +0000 UTC Push: 2023-02-09 05:32:50 +0000 UTC |
Live-Hack-CVE/CVE-2023-23073
Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via PO in the purchase component. CVE project by @Sn0wAlice
Create: 2023-02-09 03:21:41 +0000 UTC Push: 2023-02-09 03:21:44 +0000 UTC |
Live-Hack-CVE/CVE-2021-25296
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the N CVE project by @Sn0wAlice
Create: 2023-02-09 03:21:38 +0000 UTC Push: 2023-02-09 03:21:40 +0000 UTC |
Live-Hack-CVE/CVE-2021-25297
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI CVE project by @Sn0wAlice
Create: 2023-02-09 03:21:34 +0000 UTC Push: 2023-02-09 03:21:36 +0000 UTC |
Live-Hack-CVE/CVE-2021-25298
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagio CVE project by @Sn0wAlice
Create: 2023-02-09 03:21:30 +0000 UTC Push: 2023-02-09 03:21:33 +0000 UTC |
Live-Hack-CVE/CVE-2023-0003
A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server. CVE project by @Sn0wAlice
Create: 2023-02-09 03:21:26 +0000 UTC Push: 2023-02-09 03:21:28 +0000 UTC |
Live-Hack-CVE/CVE-2023-0002
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute privileged cytool commands that disable or uninstall the agent. CVE project by @Sn0wAlice
Create: 2023-02-09 03:21:22 +0000 UTC Push: 2023-02-09 03:21:25 +0000 UTC |
Live-Hack-CVE/CVE-2023-0001
An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent. CVE project by @Sn0wAlice
Create: 2023-02-09 03:21:18 +0000 UTC Push: 2023-02-09 03:21:21 +0000 UTC |
Live-Hack-CVE/CVE-2023-23692
Dell EMC prior to version DDOS 7.9 contain(s) an OS command injection Vulnerability. An authenticated non admin attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. CVE project by @Sn0wAlice
Create: 2023-02-09 03:21:12 +0000 UTC Push: 2023-02-09 03:21:15 +0000 UTC |
Live-Hack-CVE/CVE-2022-48094
lmxcms v1.41 was discovered to contain an arbitrary file read vulnerability via TemplateAction.class.php. CVE project by @Sn0wAlice
Create: 2023-02-09 03:21:06 +0000 UTC Push: 2023-02-09 03:21:08 +0000 UTC |
Live-Hack-CVE/CVE-2023-24997
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7223 https://github.com/apache/inlong/pull/7223 to s CVE project by @Sn0wAlice
Create: 2023-02-09 03:21:03 +0000 UTC Push: 2023-02-09 03:21:05 +0000 UTC |
Previous
396
397
398
399
400
401
402
403
Next