unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2016-1025
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-102 CVE project by @Sn0wAlice
Create: 2023-01-27 05:21:15 +0000 UTC Push: 2023-01-27 05:21:18 +0000 UTC |
Live-Hack-CVE/CVE-2016-4125
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. CVE project by @Sn0wAlice
Create: 2023-01-27 05:21:11 +0000 UTC Push: 2023-01-27 05:21:13 +0000 UTC |
Live-Hack-CVE/CVE-2016-4126
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. CVE project by @Sn0wAlice
Create: 2023-01-27 05:21:07 +0000 UTC Push: 2023-01-27 05:21:10 +0000 UTC |
Live-Hack-CVE/CVE-2016-4127
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. CVE project by @Sn0wAlice
Create: 2023-01-27 05:21:03 +0000 UTC Push: 2023-01-27 05:21:06 +0000 UTC |
Live-Hack-CVE/CVE-2016-4128
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. CVE project by @Sn0wAlice
Create: 2023-01-27 05:20:59 +0000 UTC Push: 2023-01-27 05:21:02 +0000 UTC |
Live-Hack-CVE/CVE-2016-1016
Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via a flash.geom.Matrix callback, a different vulnerability than CVE-2016-10 CVE project by @Sn0wAlice
Create: 2023-01-27 02:05:13 +0000 UTC Push: 2023-01-27 02:05:16 +0000 UTC |
Live-Hack-CVE/CVE-2022-3100
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API. CVE project by @Sn0wAlice
Create: 2023-01-27 02:05:09 +0000 UTC Push: 2023-01-27 02:05:12 +0000 UTC |
Live-Hack-CVE/CVE-2023-0410
Cross-site Scripting (XSS) - Generic in GitHub repository builderio/qwik prior to 0.1.0-beta5. CVE project by @Sn0wAlice
Create: 2023-01-27 02:05:04 +0000 UTC Push: 2023-01-27 02:05:07 +0000 UTC |
Live-Hack-CVE/CVE-2022-43976
An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. Direct access to the API is possible on TCP port 8888 via programs located in the cgi-bin folder without any authentication. CVE project by @Sn0wAlice
Create: 2023-01-27 02:04:59 +0000 UTC Push: 2023-01-27 02:05:01 +0000 UTC |
Live-Hack-CVE/CVE-2022-43977
An issue was discovered on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. The debug port accessible via TCP (a qconn service) lacks access control. CVE project by @Sn0wAlice
Create: 2023-01-27 02:04:55 +0000 UTC Push: 2023-01-27 02:04:57 +0000 UTC |
Live-Hack-CVE/CVE-2023-0296
The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. Even though the CVE-2016-2183 has been fixed in the etcd components, to enable periodic health checks from kubelet, it was necessary to open up a new port (9979) on etcd grp CVE project by @Sn0wAlice
Create: 2023-01-27 02:04:51 +0000 UTC Push: 2023-01-27 02:04:54 +0000 UTC |
Live-Hack-CVE/CVE-2014-2383
dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the input_file parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the input_file parameter. CVE project by @Sn0wAlice
Create: 2023-01-27 02:04:46 +0000 UTC Push: 2023-01-27 02:04:48 +0000 UTC |
Live-Hack-CVE/CVE-2022-48126
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function. CVE project by @Sn0wAlice
Create: 2023-01-27 02:04:38 +0000 UTC Push: 2023-01-27 02:04:40 +0000 UTC |
Live-Hack-CVE/CVE-2022-48122
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the dayvalid parameter in the setting/delStaticDhcpRules function. CVE project by @Sn0wAlice
Create: 2023-01-27 02:04:34 +0000 UTC Push: 2023-01-27 02:04:37 +0000 UTC |
Live-Hack-CVE/CVE-2022-48121
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the rsabits parameter in the setting/delStaticDhcpRules function. CVE project by @Sn0wAlice
Create: 2023-01-27 02:04:31 +0000 UTC Push: 2023-01-27 02:04:33 +0000 UTC |
Live-Hack-CVE/CVE-2022-48125
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function. CVE project by @Sn0wAlice
Create: 2023-01-27 02:04:27 +0000 UTC Push: 2023-01-27 02:04:29 +0000 UTC |
Live-Hack-CVE/CVE-2022-48124
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function. CVE project by @Sn0wAlice
Create: 2023-01-27 02:04:23 +0000 UTC Push: 2023-01-27 02:04:25 +0000 UTC |
Live-Hack-CVE/CVE-2022-48123
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the servername parameter in the setting/delStaticDhcpRules function. CVE project by @Sn0wAlice
Create: 2023-01-27 02:04:19 +0000 UTC Push: 2023-01-27 02:04:22 +0000 UTC |
Live-Hack-CVE/CVE-2022-48191
A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowing a escalation of pri CVE project by @Sn0wAlice
Create: 2023-01-27 02:04:16 +0000 UTC Push: 2023-01-27 02:04:18 +0000 UTC |
Live-Hack-CVE/CVE-2022-20964
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system. This vulnerability is due to improper validation of user input within requests as part of the web-based management interf CVE project by @Sn0wAlice
Create: 2023-01-27 02:04:12 +0000 UTC Push: 2023-01-27 02:04:15 +0000 UTC |
Previous
461
462
463
464
465
466
467
468
Next