Lucene search
K

197 matches found

CNNVD
CNNVD
added 2021/12/14 12:0 a.m.33 views

Microsoft Defender 代码注入漏洞

Microsoft Defender for IoT is an asset discovery, vulnerability management, and threat monitoring solution for IoT/OT environments.Microsoft Defender for IoT suffers from a remote code execution vulnerability. An attacker could exploit this vulnerability to execute code on the target host...

7.2CVSS6.8AI score0.02209EPSS
Exploits0References4
0day.today
0day.today
added 2021/12/01 12:0 a.m.527 views

Advanced Comment System 1.0 - Remote Command Execution Exploit

Exploit Title: Advanced Comment System 1.0 - Remote Command Execution RCE Exploit Author: Nicole Daniella Murillo Mejias Version: Advanced Comment System 1.0 Tested on: Linux !/usr/bin/env python3 DESCRIPTION: Commands are Base64 encoded and sent via POST requests to the vulnerable application, t...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/01 12:0 a.m.1356 views

Advanced Comment System 1.0 - Remote Command Execution (RCE)

Exploit Title: Advanced Comment System 1.0 - Remote Command Execution RCE Date: November 30, 2021 Exploit Author: Nicole Daniella Murillo Mejias Version: Advanced Comment System 1.0 Tested on: Linux !/usr/bin/env python3 DESCRIPTION: Commands are Base64 encoded and sent via POST requests to the...

0.4AI score
Exploits0
CNVD
CNVD
added 2021/11/12 12:0 a.m.33 views

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Microsoft Windows Media Foundation is a next-generation multimedia platform for Windows that enables developers, consumers, and content providers to embrace a new wave of advanced content with greater robustness, unparalleled quality, and seamless interaction. microsoft Windows Media Foundation...

7.8CVSS5.3AI score0.0233EPSS
Exploits0References1
CNVD
CNVD
added 2021/11/12 12:0 a.m.36 views

Microsoft Chakra Scripting Engine Memory Corruption Vulnerability

Microsoft Windows Scripting is a scripting language for the Windows operating system from Microsoft Corporation USA.A memory corruption vulnerability exists in the Microsoft Chakra Scripting Engine, which can be exploited by attackers to execute code on the target host...

7.5CVSS4.2AI score0.0195EPSS
Exploits0References1
CNVD
CNVD
added 2021/11/12 12:0 a.m.27 views

Microsoft Windows COM Remote Code Execution Vulnerability

Microsoft Windows COM is a technology from Microsoft Corporation USA designed to reuse software.COM is described as a platform-independent, decentralized, object-oriented system for creating interactive binary software components.Microsoft Windows COM is vulnerable to a remote code execution...

8.8CVSS3.4AI score0.0191EPSS
Exploits0References1
CNVD
CNVD
added 2021/11/12 12:0 a.m.6 views

Microsoft Windows NTFS Remote Code Execution Vulnerability

Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing and logging capabilities. A remote code execution vulnerability exists in Microsoft Windows NTFS, which can be exploited by an attacker to execute code on th...

8.8CVSS7.5AI score0.01377EPSS
Exploits0References1
CNVD
CNVD
added 2021/11/12 12:0 a.m.33 views

Microsoft Excel Remote Code Execution Vulnerability (CNVD-2021-102060)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft Corporation USA.Microsoft Excel is vulnerable to remote code execution. An attacker could exploit this vulnerability to execute code on the target host...

7.8CVSS2.9AI score0.0207EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/11/11 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2021:3649-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS7.2AI score0.01953EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/11/09 12:0 a.m.9 views

Microsoft Windows NTFS 代码注入漏洞

Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing and logging capabilities. A remote code execution vulnerability exists in Microsoft Windows NTFS, which can be exploited by an attacker to execute code on th...

8.8CVSS6.8AI score0.01377EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/11/09 12:0 a.m.5 views

Microsoft Windows Scripting 缓冲区错误漏洞

Microsoft Windows Scripting is a scripting language for the Windows operating system from Microsoft Corporation USA.A memory corruption vulnerability exists in the Microsoft Chakra Scripting Engine, which can be exploited by attackers to execute code on the target host...

7.5CVSS6AI score0.0195EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/11/09 12:0 a.m.8 views

Microsoft Dynamics 代码注入漏洞

Microsoft Dynamics 365 is a suite of ERP business solutions for multinational organizations. The product includes financial management, production management and business intelligence management. A remote code execution vulnerability exists in Microsoft Dynamics 365, which can be exploited by an...

8.8CVSS6.8AI score0.02146EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/11/09 12:0 a.m.6 views

Microsoft Excel 代码注入漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft Corporation USA.Microsoft Excel is vulnerable to remote code execution. An attacker could exploit this vulnerability to execute code on the target host...

7.8CVSS6.5AI score0.0207EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/11/02 12:42 p.m.6 views

apache-httpclient: incorrect handling of malformed authority component in request URIs

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...

5.3CVSS7.2AI score0.08665EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/09/30 9:57 a.m.2 views

apache-httpclient: incorrect handling of malformed authority component in request URIs

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...

5.3CVSS7.2AI score0.08665EPSS
Exploits1References5
GithubExploit
GithubExploit
added 2021/08/31 4:33 p.m.178 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2021-26084 CVE-2021-26084 - Confluence Pre-Auth RCE | O...

9.8CVSS8.9AI score0.99999EPSS
Exploits45
Prion
Prion
added 2021/08/06 3:15 p.m.18 views

Path traversal

Corero SecureWatch Managed Services 9.7.2.0020 is affected by a Path Traversal vulnerability via the snapfile parameter in the /it-IT/splunkd/raw/services/getsnapshot HTTP API endpoint. A ‘low privileged’ attacker can read any file on the target host...

4CVSS6.4AI score0.01209EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2021/07/19 12:0 a.m.36 views

Microsoft Excel Remote Code Execution Vulnerability (CNVD-2021-54413)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft Corporation USA.Microsoft Excel is vulnerable to remote code execution. An attacker could exploit this vulnerability to execute code on the target host...

8.8CVSS2.9AI score0.53178EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/19 12:0 a.m.22 views

Microsoft Excel Remote Code Execution Vulnerability (CNVD-2021-54407)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft Corporation USA.Microsoft Excel is vulnerable to remote code execution. An attacker could exploit this vulnerability to execute code on the target host...

7.8CVSS2.9AI score0.02151EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/13 12:0 a.m.6 views

Microsoft Word 代码注入漏洞

Microsoft Word is a word processing software in the Office suite from Microsoft Corporation USA.Microsoft Word is vulnerable to remote code execution. An attacker could exploit this vulnerability to execute code on the target host...

7.8CVSS6.5AI score0.02037EPSS
Exploits0References4
Rows per page
Query Builder