Lucene search
+L

1224 matches found

Tenable Nessus
Tenable Nessus
added 2024/09/06 12:0 a.m.31 views

Joomla! 3.x < 3.10.17 Multiple Vulnerabilities

According to its self-reported version, the instance of Joomla! running on the remote web server is 3.x prior to 3.10.17, 4.x prior to 4.4.7 or 5.x prior to 5.1.3. It is, therefore, affected by multiple vulnerabilities. - The stripImages and stripIframes methods didn't properly process inputs,...

9.1CVSS6.9AI score0.00441EPSS
Exploits0References11
NVD
NVD
added 2024/09/05 7:15 p.m.20 views

CVE-2024-45159

An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage extensions, then the return value of mbedtlssslgetverifyresult would...

9.8CVSS0.00387EPSS
Exploits0References3
CVE
CVE
added 2024/09/05 12:0 a.m.74 views

CVE-2024-45159

CVE-2024-45159 affects Mbed TLS 3.x before 3.6.1. In TLS 1.3, when a server enables optional client authentication and the client certificate lacks proper values in keyUsage or extKeyUsage, mbedtls_ssl_get_verify_result() may incorrectly clear MBEDTLS_X509_BADCERT_KEY_USAGE bits. This can allow a...

9.8CVSS7.1AI score0.00387EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2024/09/04 3:15 p.m.11 views

CVE-2024-45506

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding h2send loop under a certain set of conditions, as exploited in the wild in 2024...

7.5CVSS7.1AI score0.01203EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.320 views

Samba read_nttrans_ea_list Integer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/struct2' class MetasploitModule 'Samba readnttransealist Integer Overflow', 'Description' = %q Integer overflow in the readnttransealist function in nttrans...

5CVSS7AI score0.69008EPSS
Exploits7
GithubExploit
GithubExploit
added 2024/08/26 1:34 p.m.572 views

Exploit for Improper Input Validation in Cacti

This repository is a PoC exploit for CVE-2024-25641, a vulnerabi...

9.1CVSS10AI score0.86303EPSS
Exploits17
Tenable Nessus
Tenable Nessus
added 2024/08/26 12:0 a.m.32 views

CBL Mariner 2.0 Security Update: ruby (CVE-2024-27282)

The version of ruby installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27282 advisory. - An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex...

6.6CVSS7.5AI score0.00629EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/25 12:0 a.m.11 views

PT-2024-29681

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.x through 1.1.1 OpenSSL versions 3.x through 3.0.5 OpenSSL versions prior to 17.0.5 Description Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allow...

7.8CVSS6.5AI score0.01083EPSS
Exploits0References78
GithubExploit
GithubExploit
added 2024/08/24 5:12 a.m.872 views

Exploit for Incorrect Privilege Assignment in Litespeedtech Litespeed_Cache

LiteSpeed Cache Privilege Escalation PoC - CVE-2024-28000 Thi...

9.8CVSS7.3AI score0.68266EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2024/08/21 12:0 a.m.29 views

Joomla 3.0.x < 3.10.17 / 4.0.x < 4.4.7 / 5.0.x < 5.1.3 Multiple Vulnerabilities (5910-joomla-5-1-3-and-4-4-7-security-and-bug-fix-release)

According to its self-reported version, the instance of Joomla! running on the remote web server is 3.0.x prior to 3.10.17, 4.0.x prior to 4.4.7, or 5.0.x prior to 5.1.3. It is, therefore, affected by multiple vulnerabilities. - Inadequate validation of URLs could result into an invalid check...

9.1CVSS7.2AI score0.00441EPSS
Exploits0References11
GithubExploit
GithubExploit
added 2024/08/12 12:50 p.m.261 views

Exploit for OS Command Injection in Netgate Pfblockerng

CVE-2022-31814 Updated Exploit - pfBlockerNG = 2.1.426 U...

9.8CVSS10AI score0.87247EPSS
Exploits14
GithubExploit
GithubExploit
added 2024/08/09 7:32 p.m.177 views

Exploit for Incorrect Authorization in Nexxtsolutions Nebula1200-Ac_Firmware

EN This project provides a proof-of-concept exploit for a remo...

9.8CVSS10AI score0.02556EPSS
Exploits2
GithubExploit
GithubExploit
added 2024/08/03 2:40 p.m.330 views

Exploit for Cross-site Scripting in Bdtask Multi_Store_Inventory_Management_System

CVE-2024-2997 Scanner !Versionhttps://img.shields.io/badge...

5.4CVSS4.2AI score0.01215EPSS
Exploits6
GithubExploit
GithubExploit
added 2024/07/28 5:23 p.m.377 views

Exploit for Path Traversal in Microsoft

Exploiting Follina CVE and CVE-2021-40444 Vulnerabilities...

8.8CVSS9.5AI score0.96843EPSS
Exploits38
GithubExploit
GithubExploit
added 2024/07/23 9:44 a.m.300 views

Exploit for OS Command Injection in Netgate Pfblockerng

CVE-2022-31814 Updated Exploit - pfBlockerNG = 2.1.426 U...

9.8CVSS9.9AI score0.87247EPSS
Exploits14
GithubExploit
GithubExploit
added 2024/07/18 6:43 a.m.582 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Linux Linux_Kernel

🇮🇱 BringThemHome NeverAgainIsNow 🇮🇱 We demand the...

9.8CVSS5.7AI score0.05279EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/07/18 12:0 a.m.34 views

Joomla! 3.x < 3.10.16 Multiple Vulnerabilities

According to its self-reported version, the instance of Joomla! running on the remote web server is 3.x prior to 3.10.16, 4.x prior to 4.4.6 or 5.x prior to 5.1.2. It is, therefore, affected by multiple vulnerabilities. - Inadequate input validation leads to XSS vulnerabilities in the...

6.1CVSS6.1AI score0.00463EPSS
Exploits0References11
GithubExploit
GithubExploit
added 2024/07/02 6:53 a.m.1361 views

Exploit for Race Condition in Openbsd Openssh

🇮🇱 BringThemHome NeverAgainIsNow 🇮🇱 We demand the...

8.1CVSS8.7AI score0.99506EPSS
Exploits69
UbuntuCve
UbuntuCve
added 2024/06/27 12:0 a.m.502 views

CVE-2024-5535

Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or ...

9.1CVSS7AI score0.05582EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2024/06/10 5:20 p.m.345 views

Exploit for CVE-2023-33105

CVE-2023-33105: Transient DOS in WLAN Host and Firmware Ov...

7.5CVSS7.3AI score0.0075EPSS
Exploits1
Rows per page
Query Builder