unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2013-1059
net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. CVE project by @Sn0wAlice
Create: 2023-01-18 07:40:16 +0000 UTC Push: 2023-01-18 07:40:19 +0000 UTC |
Live-Hack-CVE/CVE-2013-4247
Off-by-one error in the build_unc_path_to_root function in fs/cifs/connect.c in the Linux kernel before 3.9.6 allows remote attackers to cause a denial of service (memory corruption and system crash) via a DFS share mount operation that triggers use of an unexpected DFS referral name length. CVE project by @Sn0wAlice
Create: 2023-01-18 07:40:12 +0000 UTC Push: 2023-01-18 07:40:14 +0000 UTC |
Live-Hack-CVE/CVE-2012-6704
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a craf CVE project by @Sn0wAlice
Create: 2023-01-18 07:40:07 +0000 UTC Push: 2023-01-18 07:40:10 +0000 UTC |
Live-Hack-CVE/CVE-2012-6703
Integer overflow in the snd_compr_allocate_buffer function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_P CVE project by @Sn0wAlice
Create: 2023-01-18 07:40:03 +0000 UTC Push: 2023-01-18 07:40:05 +0000 UTC |
Live-Hack-CVE/CVE-2012-6701
Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. CVE project by @Sn0wAlice
Create: 2023-01-18 07:39:58 +0000 UTC Push: 2023-01-18 07:40:02 +0000 UTC |
Live-Hack-CVE/CVE-2012-3400
Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem. CVE project by @Sn0wAlice
Create: 2023-01-18 07:39:54 +0000 UTC Push: 2023-01-18 07:39:56 +0000 UTC |
Live-Hack-CVE/CVE-2012-6638
The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663. CVE project by @Sn0wAlice
Create: 2023-01-18 07:39:49 +0000 UTC Push: 2023-01-18 07:39:53 +0000 UTC |
Live-Hack-CVE/CVE-2023-22734
Shopware is an open source commerce platform based on Symfony Framework and Vue js. The newsletter double opt-in validation was not checked properly, and it was possible to skip the complete double opt in process. As a result operators may have inconsistencies in their newsletter systems. This problem has been fixed wi CVE project by @Sn0wAlice
Create: 2023-01-18 07:39:46 +0000 UTC Push: 2023-01-18 07:39:48 +0000 UTC |
Live-Hack-CVE/CVE-2023-22733
Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions the log module would write out all kind of sent mails. An attacker with access to either the local system logs or a centralized logging store may have access to other users accounts. This issue has been addressed in CVE project by @Sn0wAlice
Create: 2023-01-18 07:39:42 +0000 UTC Push: 2023-01-18 07:39:44 +0000 UTC |
Live-Hack-CVE/CVE-2023-22732
Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administration session has been adde CVE project by @Sn0wAlice
Create: 2023-01-18 07:39:37 +0000 UTC Push: 2023-01-18 07:39:40 +0000 UTC |
Live-Hack-CVE/CVE-2023-22731
Shopware is an open source commerce platform based on Symfony Framework and Vue js. In a Twig environment **without the Sandbox extension**, it is possible to refer to PHP functions in twig filters like `map`, `filter`, `sort`. This allows a template to call any global PHP function and thus execute arbitrary code. The CVE project by @Sn0wAlice
Create: 2023-01-18 07:39:33 +0000 UTC Push: 2023-01-18 07:39:36 +0000 UTC |
Live-Hack-CVE/CVE-2023-22730
Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions It was possible to put the same line item multiple times in the cart using the AP. The Cart Validators checked the line item's individuality and the user was able to bypass quantity limits in sales. This problem has CVE project by @Sn0wAlice
Create: 2023-01-18 07:39:29 +0000 UTC Push: 2023-01-18 07:39:32 +0000 UTC |
Live-Hack-CVE/CVE-2022-41953
Git GUI is a convenient graphical tool that comes with Git for Windows. Its target audience is users who are uncomfortable with using Git on the command-line. Git GUI has a function to clone repositories. Immediately after the local clone is available, Git GUI will automatically post-process it, among other things runn CVE project by @Sn0wAlice
Create: 2023-01-18 07:39:24 +0000 UTC Push: 2023-01-18 07:39:27 +0000 UTC |
Live-Hack-CVE/CVE-2021-32837
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service (ReDoS) prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for the issue. CVE project by @Sn0wAlice
Create: 2023-01-18 07:39:20 +0000 UTC Push: 2023-01-18 07:39:23 +0000 UTC |
horizon3ai/CVE-2022-47966
POC for CVE-2022-47966 affecting multiple ManageEngine products
Create: 2023-01-18 05:26:28 +0000 UTC Push: 2023-01-19 21:10:07 +0000 UTC |
Live-Hack-CVE/CVE-2006-20001
A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. CVE project by @Sn0wAlice
Create: 2023-01-18 05:26:19 +0000 UTC Push: 2023-01-18 05:26:22 +0000 UTC |
Live-Hack-CVE/CVE-2023-23749
The 'LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login' extension is vulnerable to LDAP Injection since is not properly sanitizing the 'username' POST parameter. An attacker can manipulate this paramter to dump arbitrary contents form the LDAP Database. CVE project by @Sn0wAlice
Create: 2023-01-18 05:26:15 +0000 UTC Push: 2023-01-18 05:26:18 +0000 UTC |
Live-Hack-CVE/CVE-2023-22624
Zoho ManageEngine Exchange Reporter Plus before 5708 allows attackers to conduct XXE attacks. CVE project by @Sn0wAlice
Create: 2023-01-18 05:26:10 +0000 UTC Push: 2023-01-18 05:26:14 +0000 UTC |
Live-Hack-CVE/CVE-2022-4891
A vulnerability has been found in Sisimai up to 4.25.14p11 and classified as problematic. This vulnerability affects the function to_plain of the file lib/sisimai/string.rb. The manipulation leads to inefficient regular expression complexity. The exploit has been disclosed to the public and may be used. Upgrading to ve CVE project by @Sn0wAlice
Create: 2023-01-18 05:26:06 +0000 UTC Push: 2023-01-18 05:26:09 +0000 UTC |
Live-Hack-CVE/CVE-2022-37436
Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client. CVE project by @Sn0wAlice
Create: 2023-01-18 05:26:01 +0000 UTC Push: 2023-01-18 05:26:05 +0000 UTC |
Previous
495
496
497
498
499
500
501
502
Next