ChatBot 🚀 Security Vulnerabilities
8.6AI Score
0.001EPSS
🚀 CVE-2024-29269 Exploit This repository contains an exploit...
8.3AI Score
0.001EPSS
9.8CVSS
9.8AI Score
0.001EPSS
CVE-2024-26304-RCE-exploits Critical RCE Vulnerabilities in...
7.5AI Score
0.0004EPSS
The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface. C2...
7.4AI Score
Securing millions of developers through 2FA
Though technology has advanced significantly to combat the proliferation of sophisticated security threats, the reality is that preventing the next cyberattack depends on getting the security basics right, and efforts to secure the software ecosystem must protect the developers who design, build,.....
7.4AI Score
Exploit for Command Injection in Paloaltonetworks Pan-Os
CVE-2024-3400 Exploit Tool 🛠️ This Python script is designed...
10AI Score
0.957EPSS
8AI Score
7.5AI Score
Exploit for Command Injection in Dlink Dns-320L Firmware
🛠️ CVE-2024-3273 Exploit Tool 🌟 Introduction This script...
8.8AI Score
0.834EPSS
Chiasmodon is an OSINT (Open Source Intelligence) tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials (usernames and passwords), CIDRs...
7.3AI Score
CVE-2024-1212 Command Injection Exploit for Kemp LoadMaster...
8.3AI Score
0.002EPSS
SSH Private Key Looting Wordlists. A Collection Of Wordlists To Aid In Locating Or Brute-Forcing SSH Private Key File Names. LFI for Lateral Movement? Gain SSH Access? ?file=../../../../../../../../home/user/.ssh/id_rsa ?file=../../../../../../../../home/user/.ssh/id_rsa-cert SSH Private Key...
7.2AI Score
Exploit for Vulnerability in Microsoft
CVE-2024-21413 | Microsoft Outlook Remote Code Execution...
7.4AI Score
0.006EPSS
Exploit for Vulnerability in Microsoft
CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnera......
9.8CVSS
10AI Score
0.001EPSS
8.6AI Score
9.9AI Score
Exploit for Vulnerability in Microsoft
CVE-2024-21413 | Microsoft Outlook Remote Code Execution...
10AI Score
0.006EPSS
Exploit for Vulnerability in Jenkins
CVE-2024-23897 | Jenkins <= 2.441 & <= LTS 2.426.2 PoC and...
8.2AI Score
0.958EPSS
Exploit for Cross-site Scripting in Cpanel
About the Tool ⚒️ cpanel_xss_2023 is a simple Python...
7.2AI Score
Exploit for Injection in Atlassian Confluence Data Center
Atlassian Confluence CVE-2023-22527 Scanner 🛡️ Overview 🌟...
9.8AI Score
0.975EPSS
Exploit for Command Injection in Ivanti Connect Secure
🚨 CVE-2024-21887 Exploit Tool 🛠️ A robust tool for detecting...
8.2AI Score
0.973EPSS
Exploit for Improper Authentication in Ivanti Connect Secure
🚨 CVE-2023-46805 Scanner Tool 🛠️ A robust tool for detecting...
7.5AI Score
0.966EPSS
Exploit for Command Injection in Ivanti Connect Secure
🚨 CVE-2024-21887 Exploit Tool 🛠️ A robust tool for detecting...
8.2AI Score
0.973EPSS
Exploit for Server-Side Request Forgery in Apache Ofbiz
CVE-2023-51467 Scanner 🕵️♂️ Description 📜...
7.5AI Score
0.622EPSS
Exploit for Vulnerability in Backupbliss Backup Migration
CVE-2023-6553 Exploit V2 🚀 Description 📝 The Backup...
10AI Score
0.923EPSS
CVE-2023-46733: Possible session fixation
Affected versions Symfony versions >=5.4.21, <5.4.31, and >= 6.2.7, < 6.3.8 of the Symfony Security HTTP component are affected by this security issue. The issue has been fixed in Symfony 5.4.31, 6.3.8. Description SessionStrategyListener does not always migrate the session after a succ...
6.3AI Score
CVE-2023-46735: Potential XSS in WebhookController
Affected versions Symfony versions >=6.3.0, <6.3.8 of the Symfony Webhook component are affected by this security issue. The issue has been fixed in Symfony 6.3.8. Description The error message in WebhookController returns unescaped user-submitted input. Resolution WebhookController now doesn...
6.1AI Score
CVE-2023-46734: Potential XSS vulnerabilities in CodeExtension filters
Affected versions Symfony versions >=2.0.0,<4.4.51, >=5.0.0,<5.4.31, and =6.0.0,<6.3.8 of the Symfony Twig Bridge are affected by this security issue. The issue has been fixed in Symfony 4.4.51, 5.4.31, 6.3.8. All other versions are not maintained anymore. Description Some filters in...
6AI Score
Exploit for Vulnerability in Vinchin Vinchin Backup And Recovery
CVE-2024-22899-to-22903-ExploitChain 🛠️🔓 This repository...
8AI Score
0.002EPSS
Hello everyone! October was an interesting and busy month for me. I started a new job, worked on my open source Vulristics project, and analyzed vulnerabilities using it. Especially Linux vulnerabilities as part of my new Linux Patch Wednesday project. And, of course, analyzed Microsoft Patch...
9.2AI Score
0.972EPSS
🚀 WordPress Royal Elementor Addons and Templates Exploit...
9.6AI Score
0.967EPSS
🚀 WordPress Royal Elementor Addons and Templates Exploit...
9.6AI Score
0.967EPSS
Exploit for Authentication Bypass by Capture-replay in Microsoft
[CVE-2023-23397] Vulnerability Details 🚨💻 Microsoft has...
7.1AI Score
0.922EPSS
Exploit for Vulnerability in Atlassian Confluence Data Center
CVE-2023-22515 Exploit Script 🔐 This script is designed to...
9.8AI Score
0.972EPSS
Hello everyone! On the last day of September, I decided to record another retrospective episode on how my Vulnerability Management month went. Alternative video link (for Russia): https://vk.com/video-149273431_456239136 September was quite a busy month for me. Vulnerability Management courses I...
9.2AI Score
0.976EPSS
Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity
TeamCity CVE-2023-42793 Exploit This Python script exploits...
9.5AI Score
0.971EPSS
Exploit for Vulnerability in Microsoft
🛑 Microsoft SharePoint: CVE-2023-29357 🛑 **Microsoft...
8.8AI Score
0.429EPSS
Affected Versions Versions < 2.11.1 are of the symfony/ux-autocomplete package are affected by this security issue. Description Under certain circumstances, an attacker could successfully submit an entity id for an EntityType that is not part of the valid choices. Affected applications are any.....
6.3AI Score
_computeAvailable() the calculations are wrong
Lines of code Vulnerability details Impact _computeAvailable() incorrect calculations that result in a return value greater than the current balance, causing methods such as liquidate to fail Proof of Concept VaultBooster._computeAvailable() used to count the number of tokens currently available...
6.9AI Score
Too many rewards are distributed when a draw is closed
Lines of code https://github.com/GenerationSoftware/pt-v5-draw-auction/blob/f1c6d14a1772d6609de1870f8713fb79977d51c1/src/RngRelayAuction.sol#L154-L157 https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/26557afa439934afc080eca6165fe3ce5d4b63cd/src/PrizePool.sol#L366...
6.7AI Score
Exploit for Vulnerability in Metabase
🛡️ Exploit for CVE-2023-38646 🛡️ Welcome to this powerful...
9.8CVSS
9.2AI Score
0.077EPSS
Exploit for Vulnerability in Metabase
🛡️ Exploit for CVE-2023-38646 🛡️ Welcome to this powerful...
9.6AI Score
0.913EPSS
OWASP APIsec Top-10 2023 Is Here | API Security Newsletter
Welcome to our May API newsletter, recapping some of the events of last month. As the old proverb goes, April showers bring May flowers – and this means the bees at the Wallarm hive have been in full foraging mode and the honey is flowing: lots of updates & improvements to the platform, and much...
9.8CVSS
9.1AI Score
0.049EPSS
Lines of code https://github.com/code-423n4/2023-03-mute/blob/4d8b13add2907b17ac14627cfa04e0c3cc9a2bed/contracts/amplifier/MuteAmplifier.sol#L366-L388 https://github.com/code-423n4/2023-03-mute/blob/4d8b13add2907b17ac14627cfa04e0c3cc9a2bed/contracts/amplifier/MuteAmplifier.sol#L417-L460...
6.7AI Score
CVE-2022-24894: Prevent storing cookie headers in HttpCache
Affected versions Symfony versions >=2.0.0, <4.4.50, >= 5.0.0, < 5.4.20, >= 6.0.0, < 6.0.20, >= 6.1.0, < 6.1.12, and >= 6.2.0, < 6.2.6 of the Symfony Security Bundle are affected by this security issue. The issue has been fixed in Symfony 4.4.50, 5.4.20, 6.0.20, 6.1.12...
8.3AI Score
CVE-2022-24895: CSRF token fixation
Affected versions Symfony versions >=2.0.0, <4.4.50, >= 5.0.0, < 5.4.20, >= 6.0.0, < 6.0.20, >= 6.1.0, < 6.1.12, and >= 6.2.0, < 6.2.6 of the Symfony Security Bundle are affected by this security issue. The issue has been fixed in Symfony 4.4.50, 5.4.20, 6.0.20, 6.1.12...
8.5AI Score
Dangerous casting from i256 to u256 of the price returned by the Chainlink oracle
Lines of code https://github.com/code-423n4/2022-11-paraspace/blob/main/paraspace-core/contracts/misc/ParaSpaceOracle.sol#L130-L132 Vulnerability details Impact Referring to the docs, Chainlink oracles are returning the price as an int256, which means that the answer can be a negative price....
6.7AI Score
Unable to redeem from Notional
Lines of code Redeemer.sol#L193 Vulnerability details Impact The maxRedeem function is a view function which only returns the balance of the Redeemer.sol contract. After this value is obtained, the PT is not redeemed from Notional. The user will be unable to redeem PT from Notional through...
6.9AI Score
Twav.sol#_getTwav() will revert when timestamp > 4294967296
Lines of code Vulnerability details function _getTwav() internal view returns(uint256 _twav){ if (twavObservations[TWAV_BLOCK_NUMBERS - 1].timestamp != 0) { uint8 _index = ((twavObservationsIndex + TWAV_BLOCK_NUMBERS) - 1) % TWAV_BLOCK_NUMBERS; TwavObservation memory...
6.9AI Score