CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Gitee•added 2025/09/13 12:52 p.m.•105 views

Exploit for CVE-2023-36880

Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1. It is a PoC exploit for CVE-2023-36880. The code performs the following steps: 1. Loads a vulnerable version of the "prefsenclavex64.dll" enclave 2. Call the vulnerable "SealSettings"...

4.8CVSS7.3AI score0.0101EPSS

The Hacker News•added 2025/09/11 6:2 a.m.•5 views

AsyncRAT Exploits ConnectWise ScreenConnect to Steal Credentials and Crypto

Cybersecurity researchers have disclosed details of a new campaign that leverages ConnectWise ScreenConnect, a legitimate Remote Monitoring and Management RMM software, to deliver a fleshless loader that drops a remote access trojan RAT called AsyncRAT to steal sensitive data from compromised...

7.1AI score

Tenable Nessus•added 2025/08/24 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2015-1370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete blacklist vulnerability in marked 0.3.2 and earlier for Node.js allows remote attackers to conduct cross-site scripting XSS attacks via a vbscript ta...

4.3CVSS5.2AI score0.00349EPSS

Exploits1References2

Metasploit•added 2025/07/28 6:52 p.m.•560 views

Malicious Windows Script Host VBScript (.vbs) File

This module creates a Windows Script Host WSH VBScript .vbs file. Module Options msf use exploit/windows/fileformat/windowsscripthostvbscript msf exploitwindowsscripthostvbscript show targets ...targets... msf exploitwindowsscripthostvbscript set TARGET msf exploitwindowsscripthostvbscript show...

5.8AI score

Metasploit•added 2025/06/06 6:53 p.m.•580 views

Maldoc in PDF Polyglot converter

A malicious MHT file created can be opened in Microsoft Word even though it has magic numbers and file structure of PDF. If the file has configured macro, by opening it in Microsoft Word, VBS runs and performs malicious behaviors. The attack does not bypass configured macro locks. And the malicio...

5.7AI score

RedhatCVE•added 2025/05/22 5:18 p.m.•2 views

CVE-2020-0847

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'...

7.6CVSS8AI score0.07988EPSS

RedhatCVE•added 2025/05/22 4:59 p.m.•4 views

CVE-2020-0966

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0967...

9.3CVSS7.8AI score0.31833EPSS

RedhatCVE•added 2025/05/22 4:14 p.m.•10 views

CVE-2020-1260

RedhatCVE•added 2025/05/22 4:12 p.m.•6 views

CVE-2020-1230

RedhatCVE•added 2025/05/22 4:12 p.m.•8 views

CVE-2020-1214

RedhatCVE•added 2025/05/22 4:12 p.m.•6 views

CVE-2020-1215

RedhatCVE•added 2025/05/22 4:6 p.m.•5 views

CVE-2020-1058

7.6CVSS7.8AI score0.05133EPSS

RedhatCVE•added 2025/05/22 4:3 p.m.•4 views

CVE-2020-0895

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'...

7.6CVSS8.2AI score0.09339EPSS

RedhatCVE•added 2025/05/22 3:57 p.m.•4 views

CVE-2020-1403

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'...

7.6CVSS8.2AI score0.09339EPSS