Lucene search
K

14 matches found

Vulnrichment
Vulnrichment
added 2026/03/17 5:20 p.m.3 views

CVE-2026-32297 Angeet ES3 KVM unauthenticated arbitrary file write

The Angeet ES3 KVM allows a remote, unauthenticated attacker to write arbitrary files, including configuration files or system binaries. Modified configuration files or system binaries could allow an attacker to take complete control of a vulnerable system...

9.3CVSS5.9AI score0.00527EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2025/12/03 1:52 p.m.151 views

Vegeta_Vuln_lab

VegetaVulnlab Overview This lab focuses on core penetrati...

7.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:13 a.m.6 views

Malicious code in @alexadark/gatsby-theme-wordpress-blog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 110819ca12a8190932562305cd8ee1c97b0e61434f5e12e238bc9eaa46350de5 The package @alexadark/gatsby-theme-wordpress-blog was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2979

Malicious code in bioql PyPI...

9CVSS8.7AI score0.01063EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 8:54 a.m.11 views

CVE-2024-37301

Document Merge Service is a document template merge service providing an API to manage templates and merge them with given data. Versions 6.5.1 and prior are vulnerable to remote code execution via server-side template injection which, when executed as root, can result in full takeover of the...

9.9CVSS8AI score0.01031EPSS
Exploits0References1
HackRead
HackRead
added 2025/04/25 8:33 p.m.24 views

Critical Commvault Flaw Allows Full System Takeover – Update NOW

Enterprises using Commvault Innovation Release are urged to patch immediately against CVE-2025-34028. This critical flaw allows attackers to…...

10CVSS7AI score0.97157EPSS
Exploits5
Cvelist
Cvelist
added 2024/06/03 10:5 a.m.41 views

CVE-2024-3829 Arbitrary File Read and Write during Snapshot Recovery in qdrant/qdrant

qdrant/qdrant version 1.9.0-dev is vulnerable to arbitrary file read and write during the snapshot recovery process. Attackers can exploit this vulnerability by manipulating snapshot files to include symlinks, leading to arbitrary file read by adding a symlink that points to a desired file on the...

9.8CVSS9.2AI score0.00901EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/05/10 2:15 p.m.5 views

CVE-2022-1397

API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover...

9CVSS7.6AI score0.01063EPSS
Exploits1References3
NCSC
NCSC
added 2020/04/15 12:0 a.m.4 views

Vulnerabilities fixed in Oracle MySQL products

Oracle has fixed vulnerabilities in its MySQL products: - MySQL Server - MySQL Workbench - MySQL Enterprise Monitor - MySQL Cluster - MySQL Client - MySQL Connectors One of these vulnerabilities CVE-2019-5482 concerns an erng serious vulnerability in MySQL Server. This vulnerability allows an...

9.8CVSS8.7AI score0.17939EPSS
Exploits1
ThreatPost
ThreatPost
added 2019/05/07 8:38 p.m.61 views

Critical Flaw in Cisco Elastic Services Controller Allows Full System Takeover

A critical vulnerability in the Cisco Elastic Services Controller could allow an unauthenticated, remote attacker to take full control of impacted systems – merely by sending a crafted request. Cisco Elastic Services Controller is a virtual network functions manager, which enables businesses to...

10CVSS2.4AI score0.30342EPSS
Exploits0References5
CNVD
CNVD
added 2018/12/25 12:0 a.m.2 views

Arbitrary Code Execution Vulnerability in Multiple GIGABYTE Products (CNVD-2018-26457)

GIGABYTE APP Center and others are products of GIGABYTE Technology, a Chinese company. GIGABYTE APP Center is a software program for managing and updating GIGABYTE's product utility programs. AORUS GRAPHICS ENGINE is a software program for overclocking graphics cards. A security vulnerability...

7.8CVSS6.8AI score0.03597EPSS
Exploits4References1
Packet Storm
Packet Storm
added 2017/07/30 12:0 a.m.30 views

DiskBoss Enterprise 8.2.14 Buffer Overflow

!/usr/bin/env python Exploit Title: DiskBoss Enterprise v8.2.14 Remote buffer overflow Date: 2017-07-30 Exploit Author: Ahmad Mahfouz Author Homepage: www.unixawy.com Vendor Homepage: http://www.diskboss.com/ Software Link: http://www.diskboss.com/setups/diskbossentsetupv8.2.14.exe Version: v8.2....

0.8AI score
Exploits0
exploitpack
exploitpack
added 2017/07/30 12:0 a.m.14 views

DiskBoss Enterprise 8.2.14 - Remote Buffer Overflow

DiskBoss Enterprise 8.2.14 - Remote Buffer Overflow !/usr/bin/env python Exploit Title: DiskBoss Enterprise v8.2.14 Remote buffer overflow Date: 2017-07-30 Exploit Author: Ahmad Mahfouz Author Homepage: www.unixawy.com Vendor Homepage: http://www.diskboss.com/ Software Link:...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2017/06/19 8:49 p.m.83 views

A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered

Update: Find working Exploits and Proof-of-Concepts at the bottom of this article. Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to...

6.2CVSS8.7AI score0.05186EPSS
Exploits3
Rows per page
Query Builder