unSafe.sh - 不安全

rhburt/CVE-2025-25062 Backdrop CMS 1.29.2 - Privilege Escalation via Stored XSS + CSRF
Create: 2024-12-14 20:25:33 +0000 UTC Push: 2025-02-03 22:29:54 +0000 UTC |

masa42/CVE-2024-38819-POC
Create: 2024-12-14 09:22:33 +0000 UTC Push: 2024-12-14 10:13:45 +0000 UTC |

taeseongk/CVE-2024-3690
Create: 2024-12-14 01:26:56 +0000 UTC Push: 2024-12-14 01:26:57 +0000 UTC |

Shayz614/CVE-2022-22963 CVE to CTF FP
Create: 2024-12-13 22:54:28 +0000 UTC Push: 2024-12-13 22:54:28 +0000 UTC |

666asd/CVE-2024-23653
Create: 2024-12-13 18:27:39 +0000 UTC Push: 2024-12-13 18:54:57 +0000 UTC |

tlavi00/CVE-2018-7750
Create: 2024-12-13 18:06:49 +0000 UTC Push: 2024-12-13 18:07:29 +0000 UTC |

TAM-K592/CVE-2024-53677-S2-067 A critical vulnerability, CVE-2024-53677, has been identified in the popular Apache Struts framework, potentially allowing attackers to execute arbitrary code remotely. This vulnerability arises from flaws in the file upload logic, which can be exploited to perform path traversal and malicious file uploads.
Create: 2024-12-13 17:42:55 +0000 UTC Push: 2024-12-13 17:42:56 +0000 UTC |

sudlit/CVE-2023-40028
Create: 2024-12-13 11:42:51 +0000 UTC Push: 2024-12-13 11:42:53 +0000 UTC |

DevaDJ/CVE-2017-12617 Improved version of PikaChu CVE
Create: 2024-12-13 11:22:38 +0000 UTC Push: 2024-12-13 11:22:39 +0000 UTC |

filipzag/CVE-2024-10220
Create: 2024-12-13 08:59:23 +0000 UTC Push: 2024-12-13 08:59:24 +0000 UTC |

J-0k3r/CVE-2024-57252
Create: 2024-12-13 08:46:54 +0000 UTC Push: 2025-01-17 17:08:54 +0000 UTC |

TranKuBao/winrar_CVE2023-38831
Create: 2024-12-13 08:02:38 +0000 UTC Push: 2024-12-13 08:02:38 +0000 UTC |

saketh-osmsec/CVE-2024-36117
Create: 2024-12-13 07:23:35 +0000 UTC Push: 2024-12-13 07:24:02 +0000 UTC |

JAckLosingHeart/CVE-2024-55875 CVE-2024-55875/GHSA-7mj5-hjjj-8rgw/http4k first CVE
Create: 2024-12-13 06:21:36 +0000 UTC Push: 2024-12-13 06:22:08 +0000 UTC |

woshidaheike/-CVE-2024-57241 dedecms-url 重定向
Create: 2024-12-13 04:33:03 +0000 UTC Push: 2025-02-12 12:46:32 +0000 UTC |

woshidaheike/CVE-2024-57241 dedecms-url 重定向
Create: 2024-12-13 04:33:03 +0000 UTC Push: 2025-02-12 12:46:32 +0000 UTC |

AlbedoPrime/PP_CVE-2024-38998 Uma vulnerabilidade (CVE-2024-38998) foi identificada na versão 2.3.6 do módulo JavaScript requirejs. Ela explora prototype pollution na função config, permitindo que invasores modifiquem Object.prototype com entradas maliciosas. Isso pode causar DoS, execução remota de código (RCE) ou XSS. A gravidade é crítica (CVSS 9.8).
Create: 2024-12-12 23:19:44 +0000 UTC Push: 2024-12-12 23:19:45 +0000 UTC |

0xDTC/Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028 CVE-2023-40028 affects Ghost, an open source content management system, where versions prior to 5.59.1 allow authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system.
Create: 2024-12-12 18:50:58 +0000 UTC Push: 2024-12-12 18:50:59 +0000 UTC |

RandomRobbieBF/CVE-2024-10124 Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce <= 1.1.1 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation/Activation
Create: 2024-12-12 15:13:30 +0000 UTC Push: 2024-12-12 15:14:19 +0000 UTC |

soltanali0/CVE-2024-38475 exploit CVE-2024-38475(mod_rewrite weakness with filesystem path matching)
Create: 2024-12-12 10:23:32 +0000 UTC Push: 2024-12-12 10:24:18 +0000 UTC |