Lucene search
K

90 matches found

F5 Networks
F5 Networks
added 2024/06/06 1:49 a.m.38 views

K000139922: Open vSwitch vulnerabilities CVE-2023-3966 and CVE-2023-5366

Security Advisory Description CVE-2023-3966 A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is...

7.5CVSS6.3AI score0.01033EPSS
Exploits0
GithubExploit
GithubExploit
added 2024/05/31 8:11 p.m.583 views

Exploit for Improper Access Control in Apache Hugegraph

CVE-2024-27348 For Ethical Usages only, Any harmful or malic...

9.8CVSS9.8AI score0.9921EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.30 views

Fedora 40 : openvswitch (2024-1f26ce7731)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-1f26ce7731 advisory. Update to 3.3.0 Remove network-scripts subpackage starting from Fedora 40 Backport a simple fix to avoid SSL db: implementation test to fail It also...

7.5CVSS6.8AI score0.01033EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2024/03/14 12:0 a.m.433 views

Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution (RCE)

Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: [email protected] - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import...

9.8CVSS6.9AI score0.74697EPSS
Exploits4
GithubExploit
GithubExploit
added 2024/01/26 7:0 p.m.473 views

Exploit for Path Traversal in Jenkins

CVE-2024-23897 | Jenkins -p -f or bash python CVE-...

9.8CVSS9.1AI score0.99999EPSS
Exploits46
GithubExploit
GithubExploit
added 2024/01/24 8:10 p.m.512 views

Exploit for Forced Browsing in Fortra Goanywhere_Managed_File_Transfer

CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Dee...

9.8CVSS9.9AI score0.95086EPSS
Exploits8
0day.today
0day.today
added 2023/12/07 12:0 a.m.363 views

ConQuest Dicom Server 1.5.0d Remote Command Execution Exploit

!/usr/bin/env python3 --------------------------------------------------------- preauth rce poc for ConQuest Dicom Server 1.5.0d --------------------------------------------------------- 04.08.2023 @ 22:07 code610 blogspot com import socket target = '192.168.56.106' rport = 5678 pkt1 =...

7.4AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/10/07 1:34 a.m.3 views

SUSE CVE-2023-5366

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to...

7.1CVSS6.4AI score0.00389EPSS
Exploits0References14
NVD
NVD
added 2023/10/06 6:15 p.m.20 views

CVE-2023-5366

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to...

7.1CVSS6.8AI score0.00389EPSS
Exploits0References6
OSV
OSV
added 2023/10/06 6:15 p.m.5 views

AZL-31280 CVE-2023-5366 affecting package openvswitch for versions less than 2.17.9-1

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to...

5.5CVSS6.8AI score0.00389EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2023/10/06 5:43 p.m.21 views

CVE-2023-5366

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to...

7.1CVSS6.2AI score0.00389EPSS
Exploits0
Exploit DB
Exploit DB
added 2023/09/08 12:0 a.m.396 views

Wp2Fac - OS Command Injection

Exploit Title: Wp2Fac v1.0 - OS Command Injection Date: 2023-08-27 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://github.com/metinyesil/wp2fac Tested on: Kali Linux & Windows 11 CVE: N/A import requests def sendpostrequesthost, revshell: url = f'http://host/send.php' headers = 'User-Agent':...

7.4AI score
Exploits0
GithubExploit
GithubExploit
added 2023/07/20 5:39 a.m.733 views

Exploit for Off-by-one Error in F5 Nginx

CVE-2021-23017...

7.7CVSS7AI score0.52838EPSS
Exploits10
GithubExploit
GithubExploit
added 2023/05/02 5:26 p.m.346 views

Exploit for Incorrect Authorization in Cacti

CVE-2022-46169 This repository contains a Proof of Concept P...

9.8CVSS9.9AI score0.99826EPSS
Exploits48
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.216 views

PhotoShow 3.0 Remote Code Execution

Exploit Title: PhotoShow 3.0 - Remote Code Execution Date: January 11, 2023 Exploit Author: LSCP Responsible Disclosure Lab Detailed Bug Description: https://lscp.llc/index.php/2021/07/19/how-white-box-hacking-works-remote-code-execution-and-stored-xss-in-photoshow-3-0/ Vendor Homepage:...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/03/27 12:0 a.m.214 views

D-Link DNR-322L <=2.60B15 - Authenticated Remote Code Execution Exploit

Exploit Title: D-Link DNR-322L Exploit Writeup: https://lukasec.ch/posts/dlinkdnr322.html Vendor Homepage: https://dlink.com Vendor Advisory: https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10305 Software Link: http://legacyfiles.us.dlink.com/DNR-322L/REVA/FIRMWARE...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.149 views

D-Link DNR-322L &lt;=2.60B15 - Authenticated Remote Code Execution

Exploit Title: D-Link DNR-322L Exploit Writeup: https://lukasec.ch/posts/dlinkdnr322.html Vendor Homepage: https://dlink.com Vendor Advisory: https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10305 Software Link: http://legacyfiles.us.dlink.com/DNR-322L/REVA/FIRMWARE...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/09/21 12:0 a.m.529 views

WiFi Mouse 1.8.3.4 - Remote Code Execution Exploit

Exploit Title: WiFiMouse 1.8.3.4 - Remote Code Execution RCE Author: Febin Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.4 Tested on: Windows 10 !/bin/bash printf " WiFiMouse / MouseServer 1.8.3.4 Exploit by FEBIN " printf " Enter the Target IP...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/09/08 12:0 a.m.237 views

FE File Explorer 11.0.4 Local File Inclusion Exploit

Exploit Title: FE File Explorer 11.0.4 Local File inclusion Exploit Author: Chokri Hammedi Vendor Homepage: https://www.skyjos.com/ Software Link: https://apps.apple.com/us/app/fe-file-explorer-file-manager/id510282524 Version: 11.0.4 Tested on: iPhone ios 15.6 from ftplib import FTP import...

7.4AI score
Exploits0
GithubExploit
GithubExploit
added 2022/05/16 9:15 a.m.190 views

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525 CVE-2022-30525 POC exploit Usage shell u...

10CVSS9.2AI score0.99938EPSS
Exploits27
Rows per page
Query Builder