CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2160 matches found

Exploit DB•added 2018/01/28 12:0 a.m.•43 views

Artifex MuJS 1.0.2 - Integer Overflow

Exploit Title: DoS caused by the interactive call between two functions Date: 2018-01-16 Exploit Author: Andrea Sindoni - @invictus1306 Vendor: Artifex https://www.artifex.com/ Software Link: https://github.com/ccxvii/mujs Version: Mujs - 228719d087aa5e27dcd8627c4acf7273476bdbca Tested on: Linux...

5.5CVSS5.4AI score0.05152EPSS

Exploits5

Kitploit•added 2018/01/24 9:1 p.m.•53 views

Pupy - Opensource, Cross-Platform (Windows, Linux, OSX, Android) Remote Administration And Post-Exploitation Tool

Pupy is an opensource, cross-platform Windows, Linux, OSX, Android, multi function RAT Remote Administration Tool and post-exploitation tool mainly written in python. It features a all-in-memory execution guideline and leaves very low footprint. Pupy can communicate using various transports,...

8.6AI score

Exploits0References6

Metasploit•added 2018/01/23 7:0 a.m.•58 views

Command Shell, Reverse UDP (via python)

Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.6-2.7 and 3.4+. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include...

7.1AI score

Exploits0

Metasploit•added 2018/01/23 7:0 a.m.•39 views

Unix Command Shell, Reverse UDP (via socat)

Creates an interactive shell via socat This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 87 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def initializeinfo...

7.1AI score

Exploits0

Fedora•added 2018/01/16 4:57 p.m.•30 views

[SECURITY] Fedora 26 Update: mupdf-1.12.0-1.fc26

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

7.8CVSS0.6AI score0.01579EPSS

Exploits0

Metasploit•added 2017/12/28 10:21 p.m.•33 views

Unix Command Shell, Reverse TCP (stub)

Creates an interactive shell through an inbound connection stub only, no payload This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 0 include Msf::Payload::Single include...

Exploits0

Packet Storm•added 2017/12/26 12:0 a.m.•35 views

Sendroid Bulk SMS Portal / Marketing Script 6.5.0 SQL Injection

Exploit Title: Sendroid - Bulk SMS Portal, Marketing Script 5.0.0 - 6.5.0 - SQL Injection Google Dork: "welcome to SMS portal" Date: 22/12/2017 Exploit Author: Onwuka Gideon Contact: http://twitter.com/@gideononwuka Vendor Homepage: http://ynetinteractive.com/ Software Buy:...

0.4AI score

Exploits0

Japan Vulnerability Notes•added 2017/12/22 12:0 a.m.•69 views

JVN#95423049: The installer of Content Manager Assistant for PlayStation may insecurely load Dynamic Link Libraries

Content Manager Assistant for PlayStation provided by Sony Interactive Entertainment Inc. is a data transfer tool. The installer of Content Manager Assistant for PlayStation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact...

7.8CVSS7.7AI score0.00865EPSS

Exploits0

Fedora•added 2017/12/02 9:23 p.m.•38 views

[SECURITY] Fedora 26 Update: mupdf-1.11-9.fc26

7.8CVSS0.6AI score0.03452EPSS

Exploits4

Symantec•added 2017/11/14 12:0 a.m.•49 views

Microsoft Windows Kernel CVE-2017-11851 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

1.9CVSS1.3AI score0.02091EPSS

Exploits0Affected Software3

Hacker One•added 2017/11/06 5:42 p.m.•19 views

BOHEMIA INTERACTIVE a.s.: IDOR to view User Order Information

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Description: There is a...

1AI score

Exploits0

Openbugbounty•added 2017/11/05 3:3 p.m.•36 views

interactive.eda.admin.ch XSS vulnerability

Open Bug Bounty ID: OBB-392885 Description| Value ---|--- Affected Website:| interactive.eda.admin.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score

Exploits0

Kitploit•added 2017/10/31 1:12 p.m.•401 views

Hashcat v4.0 - World's Fastest and Most Advanced Password Recovery Utility

hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable...

9.1AI score

Exploits0

CNVD•added 2017/10/30 12:0 a.m.•2 views

Blue River Interactive Mura CMS XML External Entity Injection Vulnerability

Blue River Interactive Mura CMS is the United States Blue River Interactive company's set of CFML-based open source content management system CMS. The system supports user rights management , customizable templates and layouts , plug-in extensions and so on. A security vulnerability exists in the...

6.5CVSS6.8AI score0.06784EPSS

Exploits5References1

n0where•added 2017/10/28 4:50 a.m.•101 views

Fastest and Most Advanced Password Recovery Utility: Hashcat

hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enab...

Exploits0References1

Openbugbounty•added 2017/10/24 4:56 p.m.•15 views

interactive.fr XSS vulnerability

Open Bug Bounty ID: OBB-363913 Description| Value ---|--- Affected Website:| interactive.fr Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

6.4AI score

Exploits0

Metasploit•added 2017/10/23 2:20 p.m.•53 views

Command Shell, Bind TCP (via python)

Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.4-2.7 and 3.4+. module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include Msf::Payload::Python include Msf::Sessions::CommandShellOptions def initializeinfo =...

7.1AI score

Exploits0