CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

198 matches found

0day.today•added 2023/08/21 12:0 a.m.•719 views

Jorani Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Jorani versions prior to 1.0.2. It abuses log poisoning and redirection bypass via header spoofing and then it uses path traversal to trigger the vulnerability. It has been tested on Jorani 1.0.0. This modul...

9.8CVSS8.2AI score0.81918EPSS

Exploits5

Cvelist•added 2023/07/25 6:28 p.m.•16 views

CVE-2023-35980 Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities...

9.8CVSS10AI score0.01615EPSS

Exploits0References1

Vulnrichment•added 2023/07/07 12:0 a.m.•10 views

CVE-2023-37170

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain an unauthenticated remote code execution RCE vulnerability via the lang parameter in the setLanguageCfg function...

8.5AI score0.01396EPSS

Exploits1References1

OSV•added 2023/05/08 3:15 p.m.•5 views

CVE-2023-22786

9.8CVSS8.1AI score0.02118EPSS

Exploits0References1

Prion•added 2023/05/08 3:15 p.m.•20 views

Buffer overflow

7.5CVSS9.8AI score0.02068EPSS

Exploits0References1Affected Software2

Vulnrichment•added 2023/05/08 2:3 p.m.•11 views

CVE-2023-22785 Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol

9.8CVSS9.9AI score0.02068EPSS

Exploits0References1

Cvelist•added 2023/05/08 2:3 p.m.•21 views

CVE-2023-22784 Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol

9.8CVSS9.9AI score0.02068EPSS

Exploits0References1

Cvelist•added 2023/05/08 2:2 p.m.•18 views

CVE-2023-22779 Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol

9.8CVSS9.9AI score0.02118EPSS

Exploits0References1

OSV•added 2023/04/28 7:15 p.m.•2 views

CVE-2023-1966

Instruments with Illumina Universal Copy Service v1.x and v2.x contain an unnecessary privileges vulnerability. An unauthenticated malicious actor could upload and execute code remotely at the operating system level, which could allow an attacker to change settings, configurations, software, or...

9.8CVSS7.7AI score0.00916EPSS

Exploits0References2

CNNVD•added 2023/04/28 12:0 a.m.•3 views

Illumina Universal Copy Service 安全漏洞

Illumina Universal Copy Service is a universal copy service from Illumina, Inc. A security vulnerability exists in Illumina Universal Copy Service v1.x version, v2.x version. An unauthenticated attacker could remotely upload and execute code at the operating system level...

9.8CVSS8.9AI score0.00916EPSS

Exploits0References3

ATTACKERKB•added 2023/04/03 12:0 a.m.•15 views

CVE-2022-43939

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented. Recent assessments: gwillcox-r7 at May 10, 2023 5:02pm UTC reported: This is an authentication bypass in Hitachi...

9.8CVSS7.6AI score0.9767EPSS

In wildExploits7References3

GithubExploit•added 2023/03/26 12:18 a.m.•299 views

Exploit for OS Command Injection in Netgate Pfblockerng

pfBlockerNG T...

9.8CVSS9.7AI score0.86446EPSS

Exploits14

Vulnrichment•added 2023/03/08 12:27 a.m.•7 views

CVE-2023-0090 Proofpoint Enterprise Protection webservices unauthenticated RCE

The webservices in Proofpoint Enterprise Protection PPS/POD contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. Exploitation requires network access to the webservices API, but such access is a non-standard configuration. This affects all...

9.8CVSS9.6AI score0.00738EPSS

Exploits0References1

OSV•added 2023/03/01 8:15 a.m.•2 views

CVE-2023-22754

There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute...

9.8CVSS8.2AI score0.01073EPSS

Exploits0References1

Vulnrichment•added 2023/02/28 4:33 p.m.•9 views

CVE-2023-22753 Unauthenticated Buffer Overflow Vulnerabilities in ArubaOS Processes

8.1CVSS10AI score0.01073EPSS

Exploits0References1

CVE•added 2023/02/28 4:5 p.m.•77 views

CVE-2023-22749

ArubaOS (Aruba Mobility Controllers/OS) exposes multiple command-injection vulnerabilities in PAPI, allowing unauthenticated remote code execution via crafted packets to UDP port 8211. Impact is execution of arbitrary code as a privileged OS user. Exploitation details are not provided in the docu...

9.8CVSS10AI score0.0174EPSS

Exploits0References1Affected Software2

Vulnrichment•added 2023/02/28 4:5 p.m.•9 views

CVE-2023-22749 Multiple Unauthenticated Command Injections in the PAPI Protocol

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba Networks access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities result in the...

9.8CVSS9.1AI score0.0174EPSS

Exploits0References1

Debian CVE•added 2023/02/25 1:7 a.m.•43 views

CVE-2023-26035

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the...

9.8CVSS4AI score0.80462EPSS

Exploits11

Cvelist•added 2023/02/25 1:7 a.m.•22 views

CVE-2023-26035 ZoneMinder vulnerable to Missing Authorization

7.2CVSS9.6AI score0.80462EPSS

Exploits11References2