Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

OSV
OSVadded 2020/10/27 8:15 p.m.3 views

CVE-2019-8640

A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra. A sandboxed process may be able to circumvent sandbox restrictions...

7.5CVSS7.1AI score
Exploits0References1
NVD
NVDadded 2020/10/27 8:15 p.m.16 views

CVE-2019-8582

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iCloud for Windows 7.12, tvOS 12.3, iTunes 12.9.5 for Windows, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. Processing a maliciously crafted font may...

5.5CVSS4.5AI score0.00296EPSS
Exploits0References5
Prion
Prionadded 2020/10/27 8:15 p.m.13 views

Input validation

A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra. A sandboxed process may be able to circumvent sandbox restrictions...

5CVSS6.5AI score0.00241EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2020/10/27 7:38 p.m.22 views

CVE-2019-8633

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3, watchOS 5.3. An application may be able to read restricted memory...

6.2AI score0.00378EPSS
Exploits0References4
GithubExploit
GithubExploitadded 2019/05/27 7:6 p.m.217 views

Exploit for Deserialization of Untrusted Data in Drupal

CVE-2019-6340 Drupal8's REST RCE, SA-CORE-2019-003 0x01 d...

8.1CVSS8.5AI score0.9441EPSS
Exploits22
Friends Of PHP
Friends Of PHPadded 2019/05/23 12:0 a.m.7 views

EZSA-2019-003 XSS in eZFind spellcheck

More info at https://share.ez.no/community-project/security-advisories/ezsa-2019-003-xss-in-ezfind-spellcheck...

7.2AI score
Exploits0Affected Software1
Drupal
Drupaladded 2019/03/20 12:0 a.m.12 views

RESTful - Critical - Remote code execution - SA-CONTRIB-2019-041

This resolves issues described in SA-CORE-2019-003 for this module...

6.7AI score
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2019/03/08 12:0 a.m.9 views

Fedora 28 : drupal8 / php-typo3-phar-stream-wrapper2 (2019-6a0717dc9a)

drupal8 Upstream : - https://www.drupal.org/project/drupal/releases/8.6.10 - https://www.drupal.org/SA-CORE-2019-003 - https://www.drupal.org/project/drupal/releases/8.6.9 - https://www.drupal.org/project/drupal/releases/8.6.8 - https://www.drupal.org/project/drupal/releases/8.6.7 -...

5.5AI score
Exploits0References1
CVE0DAY
CVE0DAYadded 2019/03/07 2:6 p.m.280 views

Drupal CVE-2019-6340 Remote Code Execution EXP

Description This Metasploit module exploits a PHP unserialize vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also...

6.8CVSS0.9AI score0.9441EPSS
Exploits22
Packet Storm
Packet Stormadded 2019/03/06 12:0 a.m.72 views

Drupal RESTful Web Services unserialize() Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupal RESTful Web Services unserialize RCE', 'Description' = %q This module exploits a PHP unserialize vulnerability in Drupal RESTful Web...

6.8CVSS0.5AI score0.9441EPSS
Exploits22
0day.today
0day.todayadded 2019/03/06 12:0 a.m.255 views

Drupal RESTful Web Services unserialize() Remote Code Execution Exploit

This Metasploit module exploits a PHP unserialize vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also vulnerable albei...

6.8CVSS0.2AI score0.9441EPSS
Exploits22
Metasploit
Metasploitadded 2019/03/05 7:26 p.m.70 views

Drupal RESTful Web Services unserialize() RCE

This module exploits a PHP unserialize vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also vulnerable albeit cached...

8.1CVSS0.3AI score0.9441EPSS
Exploits22
Tenable Nessus
Tenable Nessusadded 2019/02/27 12:0 a.m.158 views

Drupal Remote Code Execution Vulnerability (SA-CORE-2019-003) (exploit)

Binary data drupalCVE-2019-6340rce.nbin...

8.1CVSS8.3AI score0.9441EPSS
Exploits22References4
OpenVAS
OpenVASadded 2019/02/25 12:0 a.m.101 views

Drupal RCE Vulnerability (SA-CORE-2019-003) - Active Check

Drupal is prone to a remote code execution RCE vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

8.1CVSS8.5AI score0.9441EPSS
Exploits22References4
OpenVAS
OpenVASadded 2019/02/21 12:0 a.m.119 views

Drupal RCE Vulnerability (SA-CORE-2019-003) - Windows

Some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

8.1CVSS8.5AI score0.9441EPSS
Exploits22References3
OpenVAS
OpenVASadded 2019/02/21 12:0 a.m.158 views

Drupal RCE Vulnerability (SA-CORE-2019-003) - Linux

Some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

8.1CVSS8.5AI score0.9441EPSS
Exploits22References3
OSV
OSVadded 2019/02/20 5:47 p.m.1 views

DRUPAL-CONTRIB-2019-023

This resolves issues described in SA-CORE-2019-003 for this module. Not all configurations are affected. See SA-CORE-2019-003 for details...

6.9AI score
Exploits0References1
OSV
OSVadded 2019/02/20 5:39 p.m.1 views

DRUPAL-CONTRIB-2019-021

This resolves issues described in SA-CORE-2019-003 for this module. Not all configurations are affected. See SA-CORE-2019-003 for details...

6.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2019/02/20 12:0 a.m.24 views

Drupal 8.6.x < 8.6.10 RCE (SA-CORE-2019-003)

Binary data 700420.prm...

8.1CVSS8.4AI score0.9441EPSS
Exploits22References2
Drupal
Drupaladded 2019/02/20 12:0 a.m.11 views

Translation Management Tool - Critical - Remote Code Execution - SA-CONTRIB-2019-024

This resolves issues described in SA-CORE-2019-003 for this module. Not all configurations are affected. See SA-CORE-2019-003 for details...

6.7AI score
Exploits0References3
Rows per page
Query Builder