unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2018-6689
Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than 11.0.600 allows attackers to bypass local security protection via specific conditions. CVE project by @Sn0wAlice
Create: 2023-01-28 03:28:12 +0000 UTC Push: 2023-01-28 03:28:14 +0000 UTC |
Live-Hack-CVE/CVE-2018-6700
DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware. CVE project by @Sn0wAlice
Create: 2023-01-28 03:28:08 +0000 UTC Push: 2023-01-28 03:28:10 +0000 UTC |
Live-Hack-CVE/CVE-2018-6703
Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service. CVE project by @Sn0wAlice
Create: 2023-01-28 03:28:05 +0000 UTC Push: 2023-01-28 03:28:07 +0000 UTC |
Live-Hack-CVE/CVE-2020-14148
The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function. CVE project by @Sn0wAlice
Create: 2023-01-28 03:28:01 +0000 UTC Push: 2023-01-28 03:28:03 +0000 UTC |
Live-Hack-CVE/CVE-2020-14980
The Sophos Secure Email application through 3.9.4 for Android has Missing SSL Certificate Validation. CVE project by @Sn0wAlice
Create: 2023-01-28 01:15:38 +0000 UTC Push: 2023-01-28 01:15:40 +0000 UTC |
Live-Hack-CVE/CVE-2020-14461
Zyxel Armor X1 WAP6806 1.00(ABAL.6)C0 devices allow Directory Traversal via the images/eaZy/ URI. CVE project by @Sn0wAlice
Create: 2023-01-28 01:15:33 +0000 UTC Push: 2023-01-28 01:15:35 +0000 UTC |
Live-Hack-CVE/CVE-2020-14981
The ThreatTrack VIPRE Password Vault app through 1.100.1090 for iOS has Missing SSL Certificate Validation. CVE project by @Sn0wAlice
Create: 2023-01-28 01:15:30 +0000 UTC Push: 2023-01-28 01:15:32 +0000 UTC |
Live-Hack-CVE/CVE-2022-48073
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext. CVE project by @Sn0wAlice
Create: 2023-01-28 01:15:26 +0000 UTC Push: 2023-01-28 01:15:28 +0000 UTC |
Live-Hack-CVE/CVE-2022-48072
Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function. CVE project by @Sn0wAlice
Create: 2023-01-28 01:15:22 +0000 UTC Push: 2023-01-28 01:15:25 +0000 UTC |
Live-Hack-CVE/CVE-2022-48071
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext. CVE project by @Sn0wAlice
Create: 2023-01-28 01:15:19 +0000 UTC Push: 2023-01-28 01:15:21 +0000 UTC |
Live-Hack-CVE/CVE-2022-48070
Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function. CVE project by @Sn0wAlice
Create: 2023-01-28 01:15:15 +0000 UTC Push: 2023-01-28 01:15:17 +0000 UTC |
Live-Hack-CVE/CVE-2022-48069
Totolink A830R V4.1.2cu.5182 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter. CVE project by @Sn0wAlice
Create: 2023-01-28 01:15:11 +0000 UTC Push: 2023-01-28 01:15:14 +0000 UTC |
Live-Hack-CVE/CVE-2022-48067
An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to obtain the root password via a brute-force attack. CVE project by @Sn0wAlice
Create: 2023-01-28 01:15:07 +0000 UTC Push: 2023-01-28 01:15:10 +0000 UTC |
Live-Hack-CVE/CVE-2022-48066
An issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass authentication via a crafted cookie. CVE project by @Sn0wAlice
Create: 2023-01-28 01:15:03 +0000 UTC Push: 2023-01-28 01:15:06 +0000 UTC |
Live-Hack-CVE/CVE-2022-47632
Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and if they deny write a CVE project by @Sn0wAlice
Create: 2023-01-28 01:14:59 +0000 UTC Push: 2023-01-28 01:15:01 +0000 UTC |
Live-Hack-CVE/CVE-2020-14983
The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack. CVE project by @Sn0wAlice
Create: 2023-01-28 01:14:55 +0000 UTC Push: 2023-01-28 01:14:57 +0000 UTC |
Live-Hack-CVE/CVE-2021-21395
Magneto LTS (Long Term Support) is a community developed alternative to the Magento CE official releases. Versions prior to 19.4.22 and 20.0.19 are vulnerable to Cross-Site Request Forgery. The password reset form is vulnerable to CSRF between the time the reset password link is clicked and user submits new password. T CVE project by @Sn0wAlice
Create: 2023-01-28 01:14:51 +0000 UTC Push: 2023-01-28 01:14:53 +0000 UTC |
Live-Hack-CVE/CVE-2020-14943
The Firstname and Lastname parameters in Global RADAR BSA Radar 1.6.7234.24750 and earlier are vulnerable to stored cross-site scripting (XSS) via Update User Profile. CVE project by @Sn0wAlice
Create: 2023-01-28 01:14:46 +0000 UTC Push: 2023-01-28 01:14:49 +0000 UTC |
Live-Hack-CVE/CVE-2020-3963
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-after-free vulnerability in PVNVRAM. A malicious actor with local access to a virtual machine may be able to read privil CVE project by @Sn0wAlice
Create: 2023-01-28 01:14:42 +0000 UTC Push: 2023-01-28 01:14:44 +0000 UTC |
Live-Hack-CVE/CVE-2020-5903
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. CVE project by @Sn0wAlice
Create: 2023-01-28 01:14:38 +0000 UTC Push: 2023-01-28 01:14:40 +0000 UTC |
Previous
1015
1016
1017
1018
1019
1020
1021
1022
Next