unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2022-41858
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. CVE project by @Sn0wAlice
Create: 2023-01-18 03:15:03 +0000 UTC Push: 2023-01-18 03:15:06 +0000 UTC |
Live-Hack-CVE/CVE-2018-14628
An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. CVE project by @Sn0wAlice
Create: 2023-01-18 03:14:59 +0000 UTC Push: 2023-01-18 03:15:02 +0000 UTC |
Live-Hack-CVE/CVE-2023-0158
NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web server at the "/rrdp" endpoint. Prior to 0.12.1 a direct query for any existing directory under "/rrdp/", rather than an RRDP file such as "/rrdp/notification.xml" as would be expected, causes Krill to crash. If the built-in CVE project by @Sn0wAlice
Create: 2023-01-18 03:14:54 +0000 UTC Push: 2023-01-18 03:14:57 +0000 UTC |
Live-Hack-CVE/CVE-2022-4621
Panasonic Sanyo CCTV Network Cameras versions 1.02-05 and 2.03-0x are vulnerable to CSRFs that can be exploited to allow an attacker to perform changes with administrator level privileges. CVE project by @Sn0wAlice
Create: 2023-01-18 03:14:50 +0000 UTC Push: 2023-01-18 03:14:53 +0000 UTC |
Live-Hack-CVE/CVE-2022-3091
RONDS EPM version 1.19.5 has a vulnerability in which a function could allow unauthenticated users to leak credentials. In some circumstances, an attacker can exploit this vulnerability to execute operating system (OS) commands. CVE project by @Sn0wAlice
Create: 2023-01-18 03:14:46 +0000 UTC Push: 2023-01-18 03:14:49 +0000 UTC |
Live-Hack-CVE/CVE-2022-2893
RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files. CVE project by @Sn0wAlice
Create: 2023-01-18 03:14:41 +0000 UTC Push: 2023-01-18 03:14:44 +0000 UTC |
Live-Hack-CVE/CVE-2023-0338
Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch. CVE project by @Sn0wAlice
Create: 2023-01-18 02:06:46 +0000 UTC Push: 2023-01-18 02:06:50 +0000 UTC |
Live-Hack-CVE/CVE-2023-0337
Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch. CVE project by @Sn0wAlice
Create: 2023-01-18 02:06:42 +0000 UTC Push: 2023-01-18 02:06:45 +0000 UTC |
Live-Hack-CVE/CVE-2016-15021
A vulnerability was found in nickzren alsdb. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. Upgrading to version v2 is able to address this issue. The name of the patch is cbc79a68145e845f951113d184b4de207c341599. It is recommended to upgrade the affe CVE project by @Sn0wAlice
Create: 2023-01-18 02:06:37 +0000 UTC Push: 2023-01-18 02:06:41 +0000 UTC |
Live-Hack-CVE/CVE-2015-10061
A vulnerability was found in evandro-machado Trabalho-Web2. It has been classified as critical. This affects an unknown part of the file src/java/br/com/magazine/dao/ClienteDAO.java. The manipulation leads to sql injection. The name of the patch is f59ac954625d0a4f6d34f069a2e26686a7a20aeb. It is recommended to apply a CVE project by @Sn0wAlice
Create: 2023-01-18 02:06:32 +0000 UTC Push: 2023-01-18 02:06:35 +0000 UTC |
Live-Hack-CVE/CVE-2013-10013
A vulnerability was found in Bricco Authenticator Plugin. It has been declared as critical. This vulnerability affects the function authenticate/compare of the file src/java/talentum/escenic/plugins/authenticator/authenticators/DBAuthenticator.java. The manipulation leads to sql injection. Upgrading to version 1.39 is CVE project by @Sn0wAlice
Create: 2023-01-18 02:06:28 +0000 UTC Push: 2023-01-18 02:06:31 +0000 UTC |
Live-Hack-CVE/CVE-2023-21549
Windows SMB Witness Service Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice
Create: 2023-01-18 02:06:19 +0000 UTC Push: 2023-01-18 02:06:22 +0000 UTC |
Live-Hack-CVE/CVE-2023-21551
Microsoft Cryptographic Services Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21561, CVE-2023-21730. CVE project by @Sn0wAlice
Create: 2023-01-18 02:06:14 +0000 UTC Push: 2023-01-18 02:06:16 +0000 UTC |
xeno-john/joomla_CVE-2017-8917
Project for the Cyberspace Security class.
Create: 2023-01-18 01:47:22 +0000 UTC Push: 2023-01-18 01:47:22 +0000 UTC |
Live-Hack-CVE/CVE-2023-22491
Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the `gray-matter` npm package, which is vulnerable to JavaScript injection in its default configuration, unless input i CVE project by @Sn0wAlice
Create: 2023-01-17 23:56:54 +0000 UTC Push: 2023-01-17 23:56:58 +0000 UTC |
Live-Hack-CVE/CVE-2023-22489
Flarum is a discussion platform for websites. If the first post of a discussion is permanently deleted but the discussion stays visible, any actor who can view the discussion is able to create a new reply via the REST API, no matter the reply permission or lock status. This includes users that don't have a validated em CVE project by @Sn0wAlice
Create: 2023-01-17 23:56:50 +0000 UTC Push: 2023-01-17 23:56:53 +0000 UTC |
Live-Hack-CVE/CVE-2022-48091
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to Cross Site Scripting (XSS) via process_update_profile.php. CVE project by @Sn0wAlice
Create: 2023-01-17 23:56:45 +0000 UTC Push: 2023-01-17 23:56:48 +0000 UTC |
Live-Hack-CVE/CVE-2022-48090
Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to SQL Injection via /app/dao/CustomerDAO.php. CVE project by @Sn0wAlice
Create: 2023-01-17 23:56:41 +0000 UTC Push: 2023-01-17 23:56:44 +0000 UTC |
Live-Hack-CVE/CVE-2017-20170
A vulnerability was found in ollpu parontalli. It has been classified as critical. Affected is an unknown function of the file httpdocs/index.php. The manipulation of the argument s leads to sql injection. The name of the patch is 6891bb2dec57dca6daabc15a6d2808c8896620e5. It is recommended to apply a patch to fix this CVE project by @Sn0wAlice
Create: 2023-01-17 23:56:30 +0000 UTC Push: 2023-01-17 23:56:33 +0000 UTC |
Live-Hack-CVE/CVE-2023-21547
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability. CVE project by @Sn0wAlice
Create: 2023-01-17 23:56:24 +0000 UTC Push: 2023-01-17 23:56:27 +0000 UTC |
Previous
1055
1056
1057
1058
1059
1060
1061
1062
Next