CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2414 matches found

CNVD•added 2017/07/12 12:0 a.m.•2 views

SQL Injection Vulnerability in Hanchao B2B2C Multi-User Mall System

Hanchao B2B2C multi-user mall system is a PHP multi-user mall website system source code developed in PHP + MySQL. Hanchao B2B2C multi-user mall system Shopid parameter, ajaxshopinfo method SQL injection vulnerability exists because the system fails to strictly filter the parameters provided by t...

8.2AI score

Exploits0

0day.today•added 2017/07/11 12:0 a.m.•38 views

WMI Event Subscription Persistence Exploit

This Metasploit module will create a permanent WMI event subscription to achieve file-less persistence using one of five methods. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell'...

6.9AI score

Exploits0

Fedora•added 2017/06/28 8:53 p.m.•24 views

[SECURITY] Fedora 25 Update: c-ares-1.13.0-1.fc25

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...

7.5CVSS0.9AI score0.0042EPSS

Exploits0

Fedora•added 2017/06/22 1:42 p.m.•25 views

[SECURITY] Fedora 26 Update: c-ares-1.13.0-1.fc26

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...

7.5CVSS0.9AI score0.0042EPSS

Exploits0

rdot•added 2017/06/14 12:0 a.m.•499 views

Hehdirb

Выложил недавно поделие для пайплайн-дирбастинга. Ссылка: В силу криворукости правильно обрабатываю не все эксепшны и не очень правильно работаю с gevent, но в таком виде на многих хостах тоже выжимает сильно больше, чем обычный dirbuster. Тулза может сама бинарным поиском определить максимальное...

7.3AI score

Exploits0

Ubuntu•added 2017/06/07 4:45 a.m.•155 views

USN-3312-1: Linux kernel vulnerabilities

It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the CAPNETADMIN capability could use this to expose sensitive information or cause a denial of service. CVE-2016-7917 Qian Zhang discovered a heap-based...

10CVSS7.3AI score0.21519EPSS

Exploits6

Tenable Nessus•added 2017/06/07 12:0 a.m.•112 views

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3312-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3312-1 advisory. It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the...

10CVSS7.5AI score0.21519EPSS

Exploits6References15

n0where•added 2017/04/20 5:40 p.m.•29 views

Mozilla InvestiGator: MIG

Mozilla InvestiGator Mozilla’s real-time digital forensics and investigation platform MIG is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers of systems in parallel, thus accelerating investigation of incidents...

0.1AI score

Exploits0References3

Prion•added 2017/03/23 8:59 p.m.•13 views

Design/Logic Flaw

Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key...

7.5CVSS7.5AI score0.00271EPSS

Exploits0References1Affected Software1

CNVD•added 2017/03/20 12:0 a.m.•2 views

SQL injection vulnerability in mallbuilder frontend cate_show_ajax.php page

MallBuilder is a multi-user online shopping mall solution system based on PHP+MYSQL. A SQL injection vulnerability exists in the mallbuilder v7.3.4 frontend cateshowajax.php page due to a lack of filtering of the '$catid' parameter, which allows an attacker to exploit the vulnerability to obtain...

7.6AI score

Exploits0

Fedora•added 2017/03/05 8:50 p.m.•28 views

[SECURITY] Fedora 24 Update: gtk-vnc-0.7.0-1.fc24

gtk-vnc is a VNC viewer widget for GTK2. It is built using coroutines allowing it to be completely asynchronous while remaining single threaded...

9.8CVSS2.9AI score0.00371EPSS

Exploits2

RedHat Linux•added 2017/03/02 5:6 p.m.•74 views

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.8CVSS6.9AI score0.4799EPSS

Exploits16References6