unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2022-4139
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. CVE project by @Sn0wAlice
Create: 2023-02-08 06:18:09 +0000 UTC Push: 2023-02-08 06:18:11 +0000 UTC |
Live-Hack-CVE/CVE-2022-32523
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted online data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0 CVE project by @Sn0wAlice
Create: 2023-02-08 06:18:05 +0000 UTC Push: 2023-02-08 06:18:07 +0000 UTC |
Live-Hack-CVE/CVE-2023-22611
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure when specific messages are sent to the server over the database server TCP port. Affected Products: EcoStruxure Geo SCADA Expert 2019 - 2021 (formerly known as ClearSCADA) (Versions prior t CVE project by @Sn0wAlice
Create: 2023-02-08 06:17:58 +0000 UTC Push: 2023-02-08 06:18:00 +0000 UTC |
Live-Hack-CVE/CVE-2023-23609
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and including 4.8 are vulnerable to an out-of-bounds write that can occur in the BLE-L2CAP module. The Bluetooth Low Energy - Logical Link Control and Adaptation Layer Protocol (BLE-L2CAP) module handles fra CVE project by @Sn0wAlice
Create: 2023-02-08 06:17:53 +0000 UTC Push: 2023-02-08 06:17:55 +0000 UTC |
Live-Hack-CVE/CVE-2023-25194
A possible security vulnerability has been identified in Apache Kafka Connect. This requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka Connect clusters since Apa CVE project by @Sn0wAlice
Create: 2023-02-08 06:17:45 +0000 UTC Push: 2023-02-08 06:17:48 +0000 UTC |
Live-Hack-CVE/CVE-2023-0732
A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file oews/classes/Users.php of the component POST Request Handler. The manipulation of the argument firstname/middlename/lastname/lastname/contact lea CVE project by @Sn0wAlice
Create: 2023-02-08 06:17:42 +0000 UTC Push: 2023-02-08 06:17:44 +0000 UTC |
Live-Hack-CVE/CVE-2022-47412
Given a malicious document provided by an attacker, the ONLYOFFICE Workspace DMS is vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition. CVE project by @Sn0wAlice
Create: 2023-02-08 06:17:38 +0000 UTC Push: 2023-02-08 06:17:41 +0000 UTC |
Live-Hack-CVE/CVE-2022-4763
The Icon Widget WordPress plugin before 1.3.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. CVE project by @Sn0wAlice
Create: 2023-02-08 06:17:32 +0000 UTC Push: 2023-02-08 06:17:35 +0000 UTC |
Live-Hack-CVE/CVE-2022-24990
TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response. CVE project by @Sn0wAlice
Create: 2023-02-08 04:04:07 +0000 UTC Push: 2023-02-08 04:04:10 +0000 UTC |
Live-Hack-CVE/CVE-2022-41313
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="switch_contact" CVE project by @Sn0wAlice
Create: 2023-02-08 04:04:03 +0000 UTC Push: 2023-02-08 04:04:06 +0000 UTC |
Live-Hack-CVE/CVE-2022-41312
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="Switch Descriptio CVE project by @Sn0wAlice
Create: 2023-02-08 04:03:59 +0000 UTC Push: 2023-02-08 04:04:02 +0000 UTC |
Live-Hack-CVE/CVE-2022-41311
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="webLocationMessag CVE project by @Sn0wAlice
Create: 2023-02-08 04:03:56 +0000 UTC Push: 2023-02-08 04:03:58 +0000 UTC |
Live-Hack-CVE/CVE-2022-40693
A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability. CVE project by @Sn0wAlice
Create: 2023-02-08 04:03:52 +0000 UTC Push: 2023-02-08 04:03:55 +0000 UTC |
Live-Hack-CVE/CVE-2022-40691
An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability. CVE project by @Sn0wAlice
Create: 2023-02-08 04:03:48 +0000 UTC Push: 2023-02-08 04:03:50 +0000 UTC |
Live-Hack-CVE/CVE-2022-40224
A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP message header can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. CVE project by @Sn0wAlice
Create: 2023-02-08 04:03:43 +0000 UTC Push: 2023-02-08 04:03:46 +0000 UTC |
Live-Hack-CVE/CVE-2011-10002
A vulnerability classified as critical has been found in weblabyrinth 0.3.1. This affects the function Labyrinth of the file labyrinth.inc.php. The manipulation leads to sql injection. Upgrading to version 0.3.2 is able to address this issue. The name of the patch is 60793fd8c8c4759596d3510641e96ea40e7f60e9. It is reco CVE project by @Sn0wAlice
Create: 2023-02-08 04:03:40 +0000 UTC Push: 2023-02-08 04:03:42 +0000 UTC |
Live-Hack-CVE/CVE-2022-46621
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. CVE project by @Sn0wAlice
Create: 2023-02-08 01:53:23 +0000 UTC Push: 2023-02-08 01:53:25 +0000 UTC |
Live-Hack-CVE/CVE-2022-46620
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. CVE project by @Sn0wAlice
Create: 2023-02-08 01:53:20 +0000 UTC Push: 2023-02-08 01:53:22 +0000 UTC |
Live-Hack-CVE/CVE-2022-45544
Insecure Permission vulnerability in Schlix Web Inc SCHLIX CMS 2.2.7-2 allows attacker to upload arbitrary files and execute arbitrary code via the tristao parameter. CVE project by @Sn0wAlice
Create: 2023-02-08 01:53:16 +0000 UTC Push: 2023-02-08 01:53:18 +0000 UTC |
Live-Hack-CVE/CVE-2018-14632
An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management. CVE project by @Sn0wAlice
Create: 2023-02-08 01:53:09 +0000 UTC Push: 2023-02-08 01:53:11 +0000 UTC |
Previous
959
960
961
962
963
964
965
966
Next