In the Linux kernel, the following vulnerability has been resolved: net: enetc: deny offload of tc-based TSN features on VF interfaces TSN features on the ENETC (taprio, cbs, gate, police) are configured through a mix of command BD ring messages and port registers: enetc_port_rd(),...
7.2AI Score
0.0004EPSS
CVE-2022-48645 net: enetc: deny offload of tc-based TSN features on VF interfaces
In the Linux kernel, the following vulnerability has been resolved: net: enetc: deny offload of tc-based TSN features on VF interfaces TSN features on the ENETC (taprio, cbs, gate, police) are configured through a mix of command BD ring messages and port registers: enetc_port_rd(),...
6.8AI Score
0.0004EPSS
CVE-2022-48644 net/sched: taprio: avoid disabling offload when it was never enabled
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: avoid disabling offload when it was never enabled In an incredibly strange API design decision, qdisc->destroy() gets called even if qdisc->init() never succeeded, not exclusively since commit 87b60cfacf9f....
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: enetc: deny offload of tc-based TSN features on VF interfaces TSN features on the ENETC (taprio, cbs, gate, police) are configured through a mix of command BD ring messages and port registers: enetc_port_rd(),...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: avoid disabling offload when it was never enabled In an incredibly strange API design decision, qdisc->destroy() gets called even if qdisc->init() never succeeded, not exclusively since commit 87b60cfacf9f....
6.4AI Score
0.0004EPSS
Exploit for Path Traversal in Aiohttp
poc-cve-2024-23334 This repository contains a proof of...
7.5CVSS
7.6AI Score
0.052EPSS
Exploit for Injection in Arjunsharda Searchor
CVE-2023-43364-Exploit-CVE This is a python script to exploit...
9.8CVSS
7.3AI Score
0.001EPSS
Espionage - A Linux Packet Sniffing Suite For Automated MiTM Attacks
Espionage is a network packet sniffer that intercepts large amounts of data being passed through an interface. The tool allows users to to run normal and verbose traffic analysis that shows a live feed of traffic, revealing packet direction, protocols, flags, etc. Espionage can also spoof ARP so,.....
7.4AI Score
Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity
CVE-2023-42793 - TeamCity Admin Account Creation lead to RCE ...
9.8CVSS
10AI Score
0.97EPSS
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
*Updated 2024-04-25 16:57 GMT with minor wording corrections regarding the targeting of other vendors. ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actors, perimeter network devices are...
8.3AI Score
0.942EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
Palo Vulnerability Check - CVE-2024-3400 Overview This...
10CVSS
9.9AI Score
0.957EPSS
Assessing the Y, and How, of the XZ Utils incident
High-end APT groups perform highly interesting social engineering campaigns in order to penetrate well-protected targets. For example, carefully constructed forum responses on precision targeted accounts and follow-up "out-of-band" interactions regarding underground rail system simulator software.....
7.6AI Score
Oracle Linux 7 : kernel (ELSA-2024-2004)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2004 advisory. A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local...
9.8CVSS
7.7AI Score
0.001EPSS
8.8CVSS
7.4AI Score
0.871EPSS
Apache Solr Backup/Restore API Remote Code Execution Exploit
Apache Solr versions 6.0.0 through 8.11.2 and versions 9.0.0 up to 9.4.1 are affected by an unrestricted file upload vulnerability which can result in remote code execution in the context of the user running Apache Solr. When Apache Solr creates a Collection, it will use a specific directory as...
8.8CVSS
8.7AI Score
0.871EPSS
Hugo Markdown titles do not escaped in internal render hooks
Impact Title argument in Markdown for links and images not escaped in internal render hooks. Impacted are Hugo users who have these hooks enabled and do not trust their Markdown content files. Patches Patched in v0.125.3. Workarounds Replace with user defined templates or disable the internal...
6.1CVSS
7.2AI Score
0.0004EPSS
Hugo Markdown titles do not escaped in internal render hooks
Impact Title argument in Markdown for links and images not escaped in internal render hooks. Impacted are Hugo users who have these hooks enabled and do not trust their Markdown content files. Patches Patched in v0.125.3. Workarounds Replace with user defined templates or disable the internal...
6.1CVSS
7AI Score
0.0004EPSS
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.125.3, title arguments in Markdown for links and images not escaped in internal render hooks. Hugo users who are impacted are those who have these hooks enabled and do not trust their Markdown content files. The...
6.1CVSS
6.1AI Score
0.0004EPSS
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.125.3, title arguments in Markdown for links and images not escaped in internal render hooks. Hugo users who are impacted are those who have these hooks enabled and do not trust their Markdown content files. The...
6.1CVSS
6.2AI Score
0.0004EPSS
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.125.3, title arguments in Markdown for links and images not escaped in internal render hooks. Hugo users who are impacted are those who have these hooks enabled and do not trust their Markdown content files. The...
6.1CVSS
6.8AI Score
0.0004EPSS
CVE-2024-32875 Hugo doesn't escape markdown title in internal render hooks
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.125.3, title arguments in Markdown for links and images not escaped in internal render hooks. Hugo users who are impacted are those who have these hooks enabled and do not trust their Markdown content files. The...
6.1CVSS
6.3AI Score
0.0004EPSS
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.125.3, title arguments in Markdown for links and images not escaped in internal render hooks. Hugo users who are impacted are those who have these hooks enabled and do not trust their Markdown content files. The...
6.1CVSS
7.2AI Score
0.0004EPSS
KODO Qiniu < 1.5.1 - Cross-Site Request Forgery
Description The KODO Qiniu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to 1.5.1 (exclusive). This is due to missing or incorrect nonce validation on the kodo_setting_page() function. This makes it possible for unauthenticated attackers to replace URLs via a.....
6.6AI Score
Oracle Linux 6 : kernel (ELSA-2024-1831)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1831 advisory. An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation....
7.8CVSS
7.3AI Score
0.0004EPSS
LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extraction
Summary Get a valid API token, make sure you can access api functions, then replace string on my PoC code, Test on offical OVA image, it's a old version 23.9.1, but this vulerable is also exists on latest version 24.2.0 Details in file api_functions.php, line 307 for function list_devices ```php...
7.2CVSS
8.2AI Score
0.0004EPSS
LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extraction
Summary Get a valid API token, make sure you can access api functions, then replace string on my PoC code, Test on offical OVA image, it's a old version 23.9.1, but this vulerable is also exists on latest version 24.2.0 Details in file api_functions.php, line 307 for function list_devices ```php...
7.2CVSS
8.2AI Score
0.0004EPSS
Incorrect Permission Assignment For Critical Resource
github.com/git-ecosystem/git-credential-manager/ is vulnerable to Incorrect Permission Assignment For Critical Resource. The vulnerability is due to improper file ownership settings where Debian package does not set root ownership on installed files. This allows user 1001 on a multi-user system to....
6.9CVSS
7.2AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2024-1559)
The remote host is missing an update for the Huawei...
4.7CVSS
5.2AI Score
0.0005EPSS
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2024-1540)
The remote host is missing an update for the Huawei...
4.7CVSS
5.2AI Score
0.0005EPSS
7.2AI Score
0.004EPSS
7.4AI Score
EPSS
Hyperledger: Code exec on Github runner via Pull request name
Hi, I have discovered command injection vulnerability in one of your Github repos. Apologies for any inconvenience if this type of bug is not of interest to you. Allow me to explain the problem. GitHub Actions, a powerful tool for automating workflows, can inadvertently introduce security...
7.5AI Score
Git Credential Manager (GCM) is a secure Git credential helper. Prior to 2.5.0, the Debian package does not set root ownership on installed files. This allows user 1001 on a multi-user system can replace binary and gain other users' privileges. This vulnerability is fixed in...
6.9CVSS
6.6AI Score
0.0004EPSS
Git Credential Manager (GCM) is a secure Git credential helper. Prior to 2.5.0, the Debian package does not set root ownership on installed files. This allows user 1001 on a multi-user system can replace binary and gain other users' privileges. This vulnerability is fixed in...
6.9CVSS
6.8AI Score
0.0004EPSS
Git Credential Manager (GCM) is a secure Git credential helper. Prior to 2.5.0, the Debian package does not set root ownership on installed files. This allows user 1001 on a multi-user system can replace binary and gain other users' privileges. This vulnerability is fixed in...
6.9CVSS
6.6AI Score
0.0004EPSS
Git Credential Manager (GCM) is a secure Git credential helper. Prior to 2.5.0, the Debian package does not set root ownership on installed files. This allows user 1001 on a multi-user system can replace binary and gain other users' privileges. This vulnerability is fixed in...
6.9CVSS
6.8AI Score
0.0004EPSS
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. This could provide attackers an additional, less protected path to acquiring the encryption.....
7.5CVSS
7.3AI Score
0.0004EPSS
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. This could provide attackers an additional, less protected path to acquiring the encryption.....
7.5CVSS
6.5AI Score
0.0004EPSS
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. This could provide attackers an additional, less protected path to acquiring the encryption.....
7.5CVSS
6.7AI Score
0.0004EPSS
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. This could provide attackers an additional, less protected path to acquiring the encryption.....
7.5CVSS
7.5AI Score
0.0004EPSS
EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2024-1540)
According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the...
4.7CVSS
7.7AI Score
0.0005EPSS
Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-6739-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6739-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only...
7.8CVSS
7.6AI Score
0.003EPSS
6.8AI Score
0.004EPSS
EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2024-1559)
According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the...
4.7CVSS
7.7AI Score
0.0005EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
PAN-OS CVE-2024-3400 Check Overview **[FOR INTERNAL USE...
10CVSS
7.5AI Score
0.957EPSS
VectorKernel - PoCs For Kernelmode Rootkit Techniques Research
PoCs for Kernelmode rootkit techniques research or education. Currently focusing on Windows OS. All modules support 64bit OS only. NOTE Some modules use ExAllocatePool2 API to allocate kernel pool memory. ExAllocatePool2 API is not supported in OSes older than Windows 10 Version 2004. If you want.....
7.6AI Score
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1322-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...
7.8CVSS
8.4AI Score
EPSS
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1321-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1321-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...
7.8CVSS
8AI Score
EPSS
Microsoft SQL (MSSQL) Server Detection (Windows SMB Login)
SMB login-based detection of Microsoft SQL (MSSQL) Server for ...
7.9AI Score
Microsoft SQL (MSSQL) Server Detection Consolidation
Consolidation of Microsoft SQL (MSSQL) Server...
7.9AI Score