unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2021-32837
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service (ReDoS) prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for the issue. CVE project by @Sn0wAlice
Create: 2023-01-18 07:39:20 +0000 UTC Push: 2023-01-18 07:39:23 +0000 UTC |
horizon3ai/CVE-2022-47966
POC for CVE-2022-47966 affecting multiple ManageEngine products
Create: 2023-01-18 05:26:28 +0000 UTC Push: 2023-01-19 21:10:07 +0000 UTC |
Live-Hack-CVE/CVE-2006-20001
A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. CVE project by @Sn0wAlice
Create: 2023-01-18 05:26:19 +0000 UTC Push: 2023-01-18 05:26:22 +0000 UTC |
Live-Hack-CVE/CVE-2023-23749
The 'LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login' extension is vulnerable to LDAP Injection since is not properly sanitizing the 'username' POST parameter. An attacker can manipulate this paramter to dump arbitrary contents form the LDAP Database. CVE project by @Sn0wAlice
Create: 2023-01-18 05:26:15 +0000 UTC Push: 2023-01-18 05:26:18 +0000 UTC |
Live-Hack-CVE/CVE-2023-22624
Zoho ManageEngine Exchange Reporter Plus before 5708 allows attackers to conduct XXE attacks. CVE project by @Sn0wAlice
Create: 2023-01-18 05:26:10 +0000 UTC Push: 2023-01-18 05:26:14 +0000 UTC |
Live-Hack-CVE/CVE-2022-4891
A vulnerability has been found in Sisimai up to 4.25.14p11 and classified as problematic. This vulnerability affects the function to_plain of the file lib/sisimai/string.rb. The manipulation leads to inefficient regular expression complexity. The exploit has been disclosed to the public and may be used. Upgrading to ve CVE project by @Sn0wAlice
Create: 2023-01-18 05:26:06 +0000 UTC Push: 2023-01-18 05:26:09 +0000 UTC |
Live-Hack-CVE/CVE-2022-37436
Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client. CVE project by @Sn0wAlice
Create: 2023-01-18 05:26:01 +0000 UTC Push: 2023-01-18 05:26:05 +0000 UTC |
Live-Hack-CVE/CVE-2022-36760
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions. CVE project by @Sn0wAlice
Create: 2023-01-18 05:25:57 +0000 UTC Push: 2023-01-18 05:25:59 +0000 UTC |
Live-Hack-CVE/CVE-2023-21680
Windows Win32k Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice
Create: 2023-01-18 05:25:53 +0000 UTC Push: 2023-01-18 05:25:56 +0000 UTC |
Live-Hack-CVE/CVE-2023-21681
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. CVE project by @Sn0wAlice
Create: 2023-01-18 05:25:48 +0000 UTC Push: 2023-01-18 05:25:51 +0000 UTC |
Live-Hack-CVE/CVE-2022-0614
Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2. CVE project by @Sn0wAlice
Create: 2023-01-18 05:25:43 +0000 UTC Push: 2023-01-18 05:25:47 +0000 UTC |
Live-Hack-CVE/CVE-2022-1201
NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system. CVE project by @Sn0wAlice
Create: 2023-01-18 05:25:39 +0000 UTC Push: 2023-01-18 05:25:42 +0000 UTC |
Live-Hack-CVE/CVE-2022-1427
Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited. CVE project by @Sn0wAlice
Create: 2023-01-18 05:25:34 +0000 UTC Push: 2023-01-18 05:25:38 +0000 UTC |
bryanster/ioc-cve-2022-42475
Create: 2023-01-18 04:11:04 +0000 UTC Push: 2023-01-18 04:11:06 +0000 UTC |
dolby360/CVE-2022-27518_POC
A POC on how to exploit CVE-2022-27518
Create: 2023-01-18 03:40:04 +0000 UTC Push: 2023-01-18 03:40:05 +0000 UTC |
Live-Hack-CVE/CVE-2023-21555
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21543, CVE-2023-21546, CVE-2023-21556, CVE-2023-21679. CVE project by @Sn0wAlice
Create: 2023-01-18 03:15:39 +0000 UTC Push: 2023-01-18 03:15:43 +0000 UTC |
Live-Hack-CVE/CVE-2022-4121
In libetpan a null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c was found that could lead to a remote denial of service or other potential consequences. CVE project by @Sn0wAlice
Create: 2023-01-18 03:15:21 +0000 UTC Push: 2023-01-18 03:15:24 +0000 UTC |
Live-Hack-CVE/CVE-2022-41861
A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash. CVE project by @Sn0wAlice
Create: 2023-01-18 03:15:16 +0000 UTC Push: 2023-01-18 03:15:19 +0000 UTC |
Live-Hack-CVE/CVE-2022-41860
In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash. CVE project by @Sn0wAlice
Create: 2023-01-18 03:15:12 +0000 UTC Push: 2023-01-18 03:15:15 +0000 UTC |
Live-Hack-CVE/CVE-2022-41859
In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack. CVE project by @Sn0wAlice
Create: 2023-01-18 03:15:08 +0000 UTC Push: 2023-01-18 03:15:10 +0000 UTC |
Previous
1054
1055
1056
1057
1058
1059
1060
1061
Next