CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2646 matches found

OSV•added 2022/04/20 7:41 a.m.•1 views

USN-5380-1 bash vulnerability

It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges...

7.8CVSS6.8AI score0.50225EPSS

Exploits5References2

Tenable Nessus•added 2022/04/20 12:0 a.m.•54 views

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Bash vulnerability (USN-5380-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5380-1 advisory. It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use th...

7.8CVSS7AI score0.50225EPSS

Exploits5References2

Tenable Nessus•added 2022/04/20 12:0 a.m.•43 views

SUSE SLES15 Security Update : git (SUSE-SU-2022:1260-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1260-1 advisory. - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, whe...

7.8CVSS7.4AI score0.00168EPSS

Exploits0References4

Kitploit•added 2022/04/17 9:30 p.m.•44 views

linWinPwn - A Bash Script That Automates A Number Of Active Directory Enumeration And Vulnerability Checks

linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks. The script leverages and is dependent of a number of tools including: impacket, bloodhound, crackmapexec, ldapdomaindump, lsassy, smbmap, kerbrute, adidnsdump. Setup Git clone the reposito...

7.6AI score

Exploits0References14

NVD•added 2022/04/12 6:15 p.m.•26 views

CVE-2022-24765

Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder C:.git, which would be picked up by Git operation...

7.8CVSS0.00168EPSS

Exploits0References17

Debian CVE•added 2022/04/12 12:0 a.m.•54 views

CVE-2022-24765

7.8CVSS7.9AI score0.00168EPSS

Exploits0

AlpineLinux•added 2022/04/12 12:0 a.m.•41 views

CVE-2022-24765

7.8CVSS7.2AI score0.00168EPSS

Exploits0

Tenable Nessus•added 2022/04/12 12:0 a.m.•28 views

Ubuntu 18.04 LTS / 20.04 LTS : Git vulnerability (USN-5376-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5376-1 advisory. discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue t...

7.8CVSS7.8AI score0.00168EPSS

Exploits0References2

Tenable Nessus•added 2022/04/11 12:0 a.m.•56 views

F5 Networks BIG-IP : Bash vulnerability (K05122252)

A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LCCTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the 'echo -e' built-in function, ma...

7.8CVSS7.6AI score0.00067EPSS

Exploits0References2

OSV•added 2022/04/04 3:48 p.m.•7 views

SUSE-SU-2022:1105-1 Security update for util-linux

This update for util-linux fixes the following issues: - Improve throughput and reduce clock sequence increments for high load situation with time based version 1 uuids. bsc1194642 - Prevent root owning of /var/lib/libuuid/clock.txt. bsc1194642 - Warn if uuidd lock state is not usable. bsc1194642...

5.5CVSS6.1AI score0.00042EPSS

Exploits1References24

OSV•added 2022/04/04 3:48 p.m.•8 views

SUSE-SU-2022:1103-1 Security update for util-linux

5.5CVSS6.1AI score0.00042EPSS

Exploits1References26

GithubExploit•added 2022/03/30 3:4 p.m.•398 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Docker $ sudo docker build -t . $ sudo...

7.5CVSS8.5AI score0.94391EPSS

Exploits144

Mageia•added 2022/03/21 8:18 p.m.•23 views

Updated stunnel packages fix security vulnerability

Update to 5.62 including new features and bugfixes: Security bugfixes - The "redirect" option was fixed to properly handle unauthenticated requests bsc1182529. - Fixed a double free with OpenSSL older than 1.1.0. - Added hardening to systemd service bsc1181400. New features - Added new...

1.9AI score

Exploits0References3

Exploit DB•added 2022/03/07 12:0 a.m.•428 views

part-db 0.5.11 - Remote Code Execution (RCE)

Exploit Title: part-db 0.5.11 - Remote Code Execution RCE Google Dork: NA Date: 03/04/2022 Exploit Author: Sunny Mehra @DSKMehra Vendor Homepage: https://github.com/part-db/part-db Software Link: https://github.com/part-db/part-db Version: 0.5.11. Tested on: KALI OS CVE : CVE-2022-0848...

10CVSS9.2AI score0.40258EPSS

Exploits5

Packet Storm•added 2022/03/07 12:0 a.m.•243 views

part-db 0.5.11 Remote Code Execution

9.6AI score0.40258EPSS

Exploits5

Veracode•added 2022/03/04 6:15 a.m.•24 views

Path Traversal

shescape is vulnerable to path traversal. When the interpolation option is set, an attacker can access files outside the expected directory by using bash with the escape or escapeAll functions in the shescape API...

6.2CVSS3.4AI score0.00296EPSS

Exploits1References5Affected Software1

NVD•added 2022/03/03 10:15 p.m.•10 views

CVE-2022-24725

Shescape is a shell escape package for JavaScript. An issue in versions 1.4.0 to 1.5.1 allows for exposure of the home directory on Unix systems when using Bash with the escape or escapeAll functions from the shescape API with the interpolation option set to true. Other tested shells, Dash and Zs...

6.2CVSS0.00296EPSS

Exploits1References3