Lucene search
K

55 matches found

CVE
CVE
added 2022/10/28 3:9 p.m.52 views

CVE-2022-37424

CVE-2022-37424 concerns OpenNebula on Linux. The vulnerability arises from the FILES directive, which may allow arbitrary files from the frontend system (including sensitive files) to be included when a VM is started from a template, potentially causing Information Disclosure. Affected details (s...

6.5CVSS6.4AI score0.00707EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/28 3:9 p.m.19 views

CVE-2022-37424 The FILES Directive allows arbitrary files from the frontend system (including sensitive files) to be included when a VM is started from that template, which may result in Information Disclosure.

Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery...

6.5CVSS6.6AI score0.00707EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/28 12:0 a.m.3 views

OpenNebula 安全漏洞

OpenNebula is OpenNebula open source a cloud computing platform for managing heterogeneous distributed data center infrastructures. A security vulnerability exists in OpenNebula that stems from a file or directory being accessible to an outsider, allowing file discovery...

6.5CVSS6.5AI score0.00707EPSS
Exploits0References2
hivepro
hivepro
added 2022/03/12 9:45 a.m.9 views

Mustang Panda targets European diplomats using enhanced PlugX backdoor

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Mustang Panda, a Chinese cyberespionage group, has been targeting European diplomats with a revised version of the PlugX backdoor in an ongoing campaign linked to the ongoing conflict in Ukraine. The group, also known as...

0.3AI score
Exploits0
Kitploit
Kitploit
added 2022/02/17 11:30 a.m.78 views

Snaffler - A Tool For Pentesters To Help Find Delicious Candy

Snaffler is a tool for pentesters to help find delicious candy needles creds mostly, but it's flexible in a bunch of horrible boring haystacks a massive Windows/AD environment. It might also be useful for other people doing other stuff, but it is explicitly NOT meant to be an "audit" tool. I don'...

7AI score
Exploits0References5
CNNVD
CNNVD
added 2020/12/08 12:0 a.m.8 views

Aptdaemon Security Vulnerabilities

Aptdaemon is a code library for pypi for individual developers. The library functions allow package management tasks to be performed in a DBus-controlled background process. Aptdaemon has a security vulnerability that can be exploited by an attacker to detect local files via Aptdaemon, bypass dat...

3.8CVSS5.8AI score0.00335EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2019/08/13 12:0 a.m.7 views

The vulnerability of the virDomainSaveImageGetXMLDesc() function in the Libvirt virtualization management library allows a attacker to cause a service failure, execute arbitrary code, or determine the presence and size of arbitrary files.

The vulnerability of the virDomainSaveImageGetXMLDesc function in the Libvirt virtualization management library is due to access control errors. Exploiting this vulnerability could allow an attacker to cause a service failure, execute arbitrary code, or determine the presence and size of arbitrar...

7.4CVSS7.9AI score0.00516EPSS
Exploits0References13Affected Software10
OSV
OSV
added 2019/05/05 6:29 a.m.4 views

UBUNTU-CVE-2019-11767

Server side request forgery SSRF in phpBB before 3.2.6 allows checking for the existence of files and services on the local network of the host through the remote avatar upload function...

5.8CVSS6.2AI score0.01178EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/10/24 10:0 p.m.37 views

CVE-2018-15750

Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server...

7.1AI score0.0424EPSS
Exploits0References7
Kitploit
Kitploit
added 2017/04/24 2:30 p.m.24 views

PowerMeta - PowerShell Script to Search Publicly Files for a Particular Domain and Get the Associated MetaData

PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those files from the target domain. After retrieving the files, the metadata associated with them can be...

6.8AI score
Exploits0References1
Cvelist
Cvelist
added 2016/10/14 1:0 a.m.34 views

CVE-2016-3298

Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Internet Explorer Information Disclosure...

5.5AI score0.3279EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2011/10/20 2:23 p.m.6 views

The Mystery of Duqu

First of all, we feel it necessary to clarify some of the confusion surrounding the files and their names related to this incident. To get a full understanding of the situation you only need to know that we’re talking about just two malicious programs here at a minimum – the main module and a...

6.6AI score
Exploits0References7
Metasploit
Metasploit
added 2010/02/01 2:12 a.m.13 views

HTTP File Same Name Directory Scanner

This module identifies the existence of files in a given directory path named as the same name of the directory. Only works if PATH is different than '/'. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2005/11/30 12:0 a.m.31 views

googleProxy.txt

This document can be found online at: - http://metasploit.com/research/vulns/googleproxystylesheet/ Title: Google Search Appliance proxystylesheet Flaws Release Date: November 21, 2005 Patch Date: August 16, 2005 Reported Date: June 10, 2005 Vendor: Google Systems Affected: Google Mini Search...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/11/21 12:0 a.m.41 views

[Full-disclosure] Google Search Appliance proxystylesheet Flaws

This document can be found online at: - http://metasploit.com/research/vulns/googleproxystylesheet/ Title: Google Search Appliance proxystylesheet Flaws Release Date: November 21, 2005 Patch Date: August 16, 2005 Reported Date: June 10, 2005 Vendor: Google Systems Affected: Google Mini Search...

7.6AI score
Exploits0
Rows per page
Query Builder