unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
MaskCyberSecurityTeam/CVE-2022-26134_Behinder_MemShell
Create: 2023-02-04 14:51:47 +0000 UTC Push: 2023-02-04 14:51:48 +0000 UTC |
swzhouu/CVE-2022-48311
HP Deskjet 2540 series printer HTTP configuration page Cross Site Scripting (XSS) Vulnerability
Create: 2023-02-04 13:44:46 +0000 UTC Push: 2023-02-04 13:44:46 +0000 UTC |
swzhouu/CVE-2022-48311-2
XSS Vulnerability in HP Deskjet 2540 series printer HTTP configuration page
Create: 2023-02-04 13:44:46 +0000 UTC Push: 2023-02-04 14:08:44 +0000 UTC |
jnschaeffer/cve-2022-44268-detector
Detect images that likely exploit CVE-2022-44268
Create: 2023-02-04 09:35:08 +0000 UTC Push: 2023-02-04 09:35:09 +0000 UTC |
Live-Hack-CVE/CVE-2020-10883
This vulnerability allows local attackers to escalate privileges on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the f CVE project by @Sn0wAlice
Create: 2023-02-04 09:29:16 +0000 UTC Push: 2023-02-04 09:29:19 +0000 UTC |
Live-Hack-CVE/CVE-2020-10882
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP port 20002 by defau CVE project by @Sn0wAlice
Create: 2023-02-04 09:29:12 +0000 UTC Push: 2023-02-04 09:29:14 +0000 UTC |
Live-Hack-CVE/CVE-2020-6806
By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR CVE project by @Sn0wAlice
Create: 2023-02-04 09:29:08 +0000 UTC Push: 2023-02-04 09:29:10 +0000 UTC |
Live-Hack-CVE/CVE-2019-4309
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses hard coded credentials which could allow a local user to obtain highly sensitive information. IBM X-Force ID: 161035. CVE project by @Sn0wAlice
Create: 2023-02-04 09:29:04 +0000 UTC Push: 2023-02-04 09:29:07 +0000 UTC |
Live-Hack-CVE/CVE-2019-3721
Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper Range Header Processing Vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges to cause the application to compress each of the requested bytes, resulting in a crash due to excessive CVE project by @Sn0wAlice
Create: 2023-02-04 09:29:01 +0000 UTC Push: 2023-02-04 09:29:03 +0000 UTC |
Live-Hack-CVE/CVE-2019-13725
Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. CVE project by @Sn0wAlice
Create: 2023-02-04 09:28:57 +0000 UTC Push: 2023-02-04 09:29:00 +0000 UTC |
Live-Hack-CVE/CVE-2019-18422
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts. Interrupts are unconditionally unmasked in exception handlers. When an exception occurs on an ARM system which is handled without changing process CVE project by @Sn0wAlice
Create: 2023-02-04 09:28:54 +0000 UTC Push: 2023-02-04 09:28:56 +0000 UTC |
Live-Hack-CVE/CVE-2021-45868
In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file. CVE project by @Sn0wAlice
Create: 2023-02-04 09:28:48 +0000 UTC Push: 2023-02-04 09:28:51 +0000 UTC |
Live-Hack-CVE/CVE-2019-13750
Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page. CVE project by @Sn0wAlice
Create: 2023-02-04 09:28:44 +0000 UTC Push: 2023-02-04 09:28:47 +0000 UTC |
Live-Hack-CVE/CVE-2019-13754
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE project by @Sn0wAlice
Create: 2023-02-04 09:28:41 +0000 UTC Push: 2023-02-04 09:28:43 +0000 UTC |
Live-Hack-CVE/CVE-2021-24374
The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 allows users to create a "carousel" type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhg_vcs that allowed the comments of non-published page/posts to be leake CVE project by @Sn0wAlice
Create: 2023-02-04 09:28:37 +0000 UTC Push: 2023-02-04 09:28:39 +0000 UTC |
Live-Hack-CVE/CVE-2019-13749
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE project by @Sn0wAlice
Create: 2023-02-04 09:28:33 +0000 UTC Push: 2023-02-04 09:28:36 +0000 UTC |
Live-Hack-CVE/CVE-2019-10440
Jenkins NeoLoad Plugin 2.2.5 and earlier stored credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system. CVE project by @Sn0wAlice
Create: 2023-02-04 09:28:30 +0000 UTC Push: 2023-02-04 09:28:32 +0000 UTC |
Live-Hack-CVE/CVE-2019-10443
Jenkins iceScrum Plugin 1.1.4 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system. CVE project by @Sn0wAlice
Create: 2023-02-04 09:28:26 +0000 UTC Push: 2023-02-04 09:28:29 +0000 UTC |
Live-Hack-CVE/CVE-2023-24806
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage. CVE project by @Sn0wAlice
Create: 2023-02-04 09:28:23 +0000 UTC Push: 2023-02-04 09:28:25 +0000 UTC |
Live-Hack-CVE/CVE-2013-10018
A vulnerability was found in fanzila WebFinance 0.5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file htdocs/prospection/save_contact.php. The manipulation of the argument nom/prenom/email/tel/mobile/client/fonction/note leads to sql injection. The name of the pat CVE project by @Sn0wAlice
Create: 2023-02-04 09:28:19 +0000 UTC Push: 2023-02-04 09:28:22 +0000 UTC |
Previous
412
413
414
415
416
417
418
419
Next