CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

6525 matches found

Cvelist•added 2021/12/13 5:55 p.m.•12 views

CVE-2021-39052

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the Spring Boot console without authorization. IBM X-Force ID: 214523...

5.6CVSS8.9AI score0.00506EPSS

Exploits0References2

GithubExploit•added 2021/12/13 3:11 p.m.•223 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-CVE-2021-44228-test demo projects to highlight how to ex...

10CVSS9.7AI score0.94358EPSS

GithubExploit•added 2021/12/13 1:5 p.m.•309 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228 Spring Boot Test Service This is a dirty hack s...

10CVSS9.4AI score0.94358EPSS

GithubExploit•added 2021/12/13 1:5 p.m.•382 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228 Spring Boot Test Service This is a dirty hack s...

10CVSS9.4AI score0.94358EPSS

GithubExploit•added 2021/12/13 11:29 a.m.•197 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4JExploitation-VulnerabiliyCVE-2021-44228. !Untitled...

10CVSS9.2AI score0.94358EPSS

GithubExploit•added 2021/12/13 11:29 a.m.•260 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4JExploitation-VulnerabiliyCVE-2021-44228. !Untitled...

10CVSS9.2AI score0.94358EPSS

GithubExploit•added 2021/12/12 10:53 a.m.•213 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228-docker-example A simple demonstration of CVE-2...

10CVSS9.3AI score0.94358EPSS

GithubExploit•added 2021/12/12 9:21 a.m.•275 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228 Helpers Helpers, examples, and exploits for cv...

10CVSS9.4AI score0.94358EPSS

GithubExploit•added 2021/12/11 4:23 a.m.•265 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228 POC - Spring / Hibernate This POC uses Spring...

10CVSS9.5AI score0.94358EPSS

GithubExploit•added 2021/12/10 12:38 p.m.•80 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4Shell sample vulnerable application CVE-2021-44228 This...

10CVSS9.3AI score0.94358EPSS

VMware•added 2021/12/10 12:0 a.m.•151 views

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...

9.3CVSS0.4AI score0.94358EPSS

Exploits348References4Affected Software54

VMware•added 2021/12/10 12:0 a.m.•151 views

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...

9.3CVSS0.4AI score0.94358EPSS

Exploits348References4Affected Software55

VMware•added 2021/12/10 12:0 a.m.•60 views

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products Under Evaluation VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Proxy VMware vRealize Automation VMware...

9.3CVSS0.4AI score0.94358EPSS

Exploits346References4Affected Software51

CNNVD•added 2021/12/10 12:0 a.m.•3 views

IBM Spectrum Copy Data Management 安全漏洞

IBM Spectrum Copy Data Management, an IBM company that modernizes, streamlines, and automates data center copy management processes, has a security vulnerability that could be exploited by an attacker to gain unauthorized access to the Spring Boot console...

9.8CVSS5.6AI score0.00506EPSS

Exploits0References4

Hacker One•added 2021/12/06 8:41 a.m.•33 views

8x8: Default credentials lead to Spring Boot Admin dashboard access

An instance hosting Spring Boot Admin was left exposed with default credentials set. The related instance did not contain anything sensitive. The issue has been rectified...

RedHat Linux•added 2021/12/02 4:17 p.m.•2 views

spring-web: (re)creating the temporary storage directory could result in a privilege escalation within WebFlux application

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by recreating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFl...

7.8CVSS7AI score0.00253EPSS

Exploits0References6

RedHat Linux•added 2021/12/02 4:17 p.m.•48 views

Moderate: Red Hat Security Advisory: Red Hat Integration Camel-K 1.6 release and security update

A minor version update from 1.4.2 to 1.6 is now available for Red Hat Integration Camel K that includes bug fixes and enhancements. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a...

9.9CVSS7.5AI score0.94255EPSS

Exploits27References35

OSV•added 2021/12/02 4:15 p.m.•9 views

CVE-2021-23258

Authenticated users with Administrator or Developer roles may execute OS commands by SPEL Expression in Spring beans. SPEL Expression does not have security restrictions, which will cause attackers to execute arbitrary commands remotely RCE...

7.2CVSS7.8AI score

Exploits0References1

Cvelist•added 2021/12/02 3:40 p.m.•13 views

CVE-2021-23258 Spring SPEL Expression Language Injection

Authenticated users with Administrator or Developer roles may execute OS commands by SPEL Expression in Spring beans. SPEL Expression does not have security restrictions, which will cause attackers to execute arbitrary commands remotely RCE...

4.2CVSS7.6AI score0.00343EPSS

Exploits0References1

CVE•added 2021/12/02 3:40 p.m.•31 views

CVE-2021-23258

The CVE-2021-23258 entry refers to a Crafter CMS expression injection vulnerability where an authenticated Administrator or Developer could abuse an unrestricted SPEL Expression in Spring beans to execute OS commands (RCE). Root cause: SPEL expressions are not secured, enabling remote code execut...

7.2CVSS6.3AI score0.00343EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by