Lucene search
K

24 matches found

vulnersOsv
vulnersOsv
added 2026/04/15 8:22 p.m.8 views

org.sonatype.nexus.assemblies:nexus-base-feature (>=3.4.0-02 <=3.70.1-02), org.sonatype.nexus.assemblies:nexus-base-overlay (>=3.60.0-02 <=3.70.1-02) +3 more potentially affected by CVE-2026-5189 via org.sonatype.nexus:nexus-base (>=3.10.0-04 <=3.70.1-02)

org.sonatype.nexus:nexus-base MAVEN version =3.10.0-04, =3.4.0-02, =3.60.0-02, =3.4.0-02, =0.1.6, =3.48.0-01, =3.70.1-02 Source cves: CVE-2026-5189 Source advisory: SNYK:JAVA-ORGSONATYPENEXUS-16427423...

9.2CVSS5.8AI score0.00461EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 9:0 p.m.7 views

org.sonatype.nexus.assemblies:nexus-base-overlay (>=3.60.0-02 <=3.70.1-02), org.sonatype.nexus.assemblies:nexus-base-template (>=3.4.0-02 <=3.70.1-02) +39 more potentially affected by CVE-2026-3438 via org.sonatype.nexus:nexus-repository (>=3.0.0-03 <=3.8.0-02)

org.sonatype.nexus:nexus-repository MAVEN version =3.0.0-03, =3.60.0-02, =3.4.0-02, =3.0.0-03, =3.5.0-02, =3.4.0-02, =0.0.1, =3.17.0-01, =0.0.2, =0.0.2, =3.19.0-01, =0.0.3, =1.0.0, =0.0.4, =0.0.2, =0.0.7 and more Source cves: CVE-2026-3438 Source advisory: SNYK:JAVA-ORGSONATYPENEXUS-164...

5.1CVSS5.8AI score0.00465EPSS
Exploits0
Packet Storm
Packet Storm
added 2025/01/12 12:0 a.m.162 views

CISA: Security and Resiliency Guide - Public Assembly Annex

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

7.4AI score
Exploits0
Snyk
Snyk
added 2024/07/10 3:10 p.m.5 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...

6.9CVSS6.9AI score0.00492EPSS
Exploits0References2
Kitploit
Kitploit
added 2023/12/26 11:30 a.m.854 views

Blutter - Flutter Mobile Application Reverse Engineering Tool

Flutter Mobile Application Reverse Engineering Tool by Compiling Dart AOT Runtime Currently the application supports only Android libapp.so arm64 only. Also the application is currently work only against recent Dart versions. For high priority missing features, see TODO Environment Setup This...

7AI score
Exploits0References2
Talos Blog
Talos Blog
added 2022/08/30 12:0 p.m.33 views

ModernLoader delivers multiple stealers, cryptominers and RATs

By Vanja Svajcer Cisco Talos recently observed three separate, but related, campaigns between March and June 2022 delivering a variety of threats, including the ModernLoader bot, RedLine information-stealer and cryptocurrency-mining malware to victims. The actors use PowerShell, .NET assemblies,...

0.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/02 3:13 a.m.6 views

org.apache.camel:camel-xmlsecurity (>=2.0-M1 <=2.5.0), org.apache.cxf.dosgi.samples:cxf-dosgi-ri-samples-greeter-client (=1.0) +71 more potentially affected by CVE-2009-0217 via org.apache.santuario:xmlsec (=1.4.2)

org.apache.santuario:xmlsec MAVEN version =1.4.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.santuario:xmlsec and may be impacted: - org.apache.camel:camel-xmlsecurity =2.0-M1, =2.0.10, =2.0.10, =2.0.10, =2.0.10, =2.0.10, =2.0.10, =2.2.2...

5CVSS7.1AI score0.06348EPSS
Exploits0
Kitploit
Kitploit
added 2022/02/04 8:30 p.m.129 views

SQLRecon - A C# MS SQL Toolkit Designed For Offensive Reconnaissance And Post-Exploitation

A C MS-SQL toolkit designed for offensive reconnaissance and post-exploitation. For detailed usage information on each technique, refer to the wiki. Usage You can grab a copy of SQLRecon from the releases page. Alternatively, feel free to compile the solution yourself This should be as straight...

7.9AI score
Exploits0References6
Kitploit
Kitploit
added 2022/01/17 11:30 a.m.25 views

Inject-Assembly - Inject .NET Assemblies Into An Existing Process

This tool is an alternative to traditional fork and run execution for Cobalt Strike. The loader can be injected into any process, including the current Beacon. Long-running assemblies will continue to run and send output back to the Beacon, similar to the behavior of execute-assembly. There are t...

8AI score
Exploits0References8
vulnersOsv
vulnersOsv
added 2021/09/08 5:42 p.m.6 views

org.sonatype.nexus.assemblies:nexus-base-template (>=3.10.0-04 <=3.33.1-01), org.sonatype.nexus.assemblies:nexus-core-feature (>=3.0.0-03 <=3.33.1-01) +37 more potentially affected by CVE-2021-40143 via org.sonatype.nexus:nexus-repository (>=3.0.0-03 <=3.33.1-01)

org.sonatype.nexus:nexus-repository MAVEN version =3.0.0-03, =3.10.0-04, =3.0.0-03, =3.10.0-04, =3.10.0-04, =0.0.1, =3.17.0-01, =0.0.2, =0.0.2, =3.19.0-01, =0.0.3, =1.0.0, =0.0.4, =0.0.2, =3.17.0-01, =0.0.13, =1.0.10 and more Source cves: CVE-2021-40143 Source advisory: OSV:GHSA-F34X-8P...

8.2CVSS7.2AI score0.02322EPSS
Exploits0
Kitploit
Kitploit
added 2021/05/30 12:30 p.m.222 views

CheeseTools - Self-developed Tools For Lateral Movement/Code Execution

This repository has been made basing onto the already existing MiscTool, so big shout-out to rasta-mouse for releasing them and for giving me the right motivation to work on them. CheeseExec Command Exec / Lateral movement via PsExec-like functionality. Must be running in the context of a...

8.2AI score
Exploits0References11
Kitploit
Kitploit
added 2021/02/06 8:30 p.m.170 views

ExecuteAssembly - Load/Inject .NET Assemblies

ExecuteAssembly is an alternative of CS execute-assembly, built with C/C++ and it can be used to Load/Inject .NET assemblies by; reusing the host spawnto process loaded CLR Modules/AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI,...

7AI score
Exploits0References8
Microsoft KB
Microsoft KB
added 2020/10/20 12:0 a.m.37 views

KB2793634 - Windows Installer starts repeatedly after you install SQL Server 2012 SP1

KB2793634 - Windows Installer starts repeatedly after you install SQL Server 2012 SP1 Symptoms After you install SQL Server 2012 SP1 on a computer, the Windows Installer Msiexec.exe process is repeatedly started to repair certain assemblies. Additionally, the following events are logged in the...

6.5AI score
Exploits0
Kitploit
Kitploit
added 2020/08/12 12:30 p.m.86 views

SharpChromium - .NET 4.0 CLR Project To Retrieve Chromium Data, Such As Cookies, History And Saved Logins

SharpChromium is a .NET 4.0+ CLR project to retrieve data from Google Chrome, Microsoft Edge, and Microsoft Edge Beta. Currently, it can extract: Cookies in JSON format History with associated cookies for each history item Saved Logins Note: All cookies returned are in JSON format. If you have th...

7.3AI score
Exploits0References2
Prion
Prion
added 2020/07/27 2:15 p.m.16 views

Code injection

SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC. It uses an executable running as a high privileged Windows service to perform administrative tasks and collect data from other processes. It distributes functionality among different processes and uses IPC Inter-Process Communicati...

7.2CVSS7.6AI score0.01855EPSS
Exploits1References2Affected Software1
Kitploit
Kitploit
added 2020/05/28 9:30 p.m.73 views

MemoryMapper - Lightweight Library Which Allows The Ability To Map Both Native And Managed Assemblies Into Memory

Memory Mapper is a lightweight library which allows the ability to map both native and managed assemblies into memory by either using process injection of a process specified by the user or self-injection; the technique of injecting an assembly into the currently running process attempting to do...

8AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2020/04/14 3:27 p.m.4 views

org.eclipse.tycho.nexus:unzip-repository-plugin (=0.12.0), org.sonatype.nexus.assemblies:nexus-base-template (>=3.10.0-04 <=3.21.1-01) +27 more potentially affected by CVE-2020-10203 via org.sonatype.nexus:nexus-core (>=2.4.0-1 <=3.21.1-01)

org.sonatype.nexus:nexus-core MAVEN version =2.4.0-1, =3.10.0-04, =3.0.0-03, =2.2.1, =2.2.1, =2.4.0-1, =2.4.0-1, =2.6.0-01, =2.6.0-01, =2.4.0-1, =2.6.0-01, =2.4.0-1, =2.6.0-01, =2.5.0-01, =2.4.0-1, =2.7.0-m1 and more Source cves: CVE-2020-10203 Source advisory:...

4.8CVSS5.8AI score0.00918EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2020/04/14 3:27 p.m.5 views

org.eclipse.tycho.nexus:unzip-repository-plugin (=0.12.0), org.sonatype.nexus.assemblies:nexus-base-template (>=3.10.0-04 <=3.21.1-01) +27 more potentially affected by CVE-2020-10204 via org.sonatype.nexus:nexus-core (>=2.4.0-1 <=3.21.1-01)

org.sonatype.nexus:nexus-core MAVEN version =2.4.0-1, =3.10.0-04, =3.0.0-03, =2.2.1, =2.2.1, =2.4.0-1, =2.4.0-1, =2.6.0-01, =2.6.0-01, =2.4.0-1, =2.6.0-01, =2.4.0-1, =2.6.0-01, =2.5.0-01, =2.4.0-1, =2.7.0-m1 and more Source cves: CVE-2020-10204 Source advisory:...

9CVSS7AI score0.24318EPSS
Exploits3
Kitploit
Kitploit
added 2019/11/07 8:43 p.m.146 views

Donut - Generates X86, X64, Or AMD64+x86 Position-Independent Shellcode That Loads .NET Assemblies, PE Files, And Other Windows Payloads From Memory

Donut generates x86 or x64 shellcode from VBScript, JScript, EXE, DLL including .NET Assemblies files. This shellcode can be injected into an arbitrary Windows processes for in-memory execution. Given a supported file type, parameters and an entry point where applicable such as Program.Main, it...

8AI score
Exploits0References6
OSV
OSV
added 2019/11/05 4:15 p.m.3 views

CVE-2019-18631

The Windows component of Centrify Authentication and Privilege Elevation Services 3.4.0, 3.4.1, 3.4.2, 3.4.3, 3.5.0, 3.5.1 18.8, 3.5.2 18.11, and 3.6.0 19.6 does not properly handle an unspecified exception during use of partially trusted assemblies to serialize input data, which allows attackers...

7.8CVSS6.1AI score0.01182EPSS
Exploits0References1
Rows per page
Query Builder