Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

71 matches found

NVD
NVDadded 2021/08/16 6:15 p.m.8 views

CVE-2020-18705

XML External Entities XXE in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/core/content/views.py'...

9.8CVSS0.02571EPSS
Exploits1References1
CVE
CVEadded 2021/08/04 10:4 a.m.104 views

CVE-2021-36483

CVE-2021-36483 affects DevExpress.XtraReports.UI up to v21.1. It involves insecure deserialization that could allow an attacker to execute arbitrary code. The ZDI advisory notes this requires authentication and targets the SafeBinaryFormatter deserialization path in DevExpress XtraReports. Public...

8.8CVSS8.9AI score0.04202EPSS
Exploits0References6Affected Software1
CNNVD
CNNVDadded 2021/04/21 12:0 a.m.1 views

retdec 缓冲区错误漏洞

RetDec is a redirectable machine code decompiler based on LLVM. A heap buffer overflow vulnerability exists in the canSplitFunctionOn function of irmodifications.cpp in RetDec version 3.3. An attacker can exploit this vulnerability to cause an out-of-bounds read, which can lead to a denial of...

9.8CVSS6.3AI score0.02148EPSS
Exploits1References3
NVD
NVDadded 2021/04/13 8:15 p.m.15 views

CVE-2021-28333

Remote Procedure Call Runtime Remote Code Execution Vulnerability...

8.8CVSS0.11182EPSS
Exploits0References1
Debian
Debianadded 2021/03/13 6:37 p.m.74 views

[SECURITY] [DLA 2592-1] golang-1.8 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2592-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler March 13, 2021 https://wiki.debian.org/LTS -...

9.8CVSS9.3AI score0.56804EPSS
Exploits2
GithubExploit
GithubExploitadded 2021/03/11 7:35 p.m.87 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2021-26855 CVE-2021-26855, also known as Proxylogon, is a...

9.8CVSS9.6AI score0.94313EPSS
Exploits65
GithubExploit
GithubExploitadded 2021/01/10 6:47 a.m.209 views

Exploit for Deserialization of Untrusted Data in Netapp Cloud_Backup

Description CVE-2020-36179: FasterXML jackson-databind 2.x be...

8.8CVSS8.2AI score0.61883EPSS
Exploits5
Exploit DB
Exploit DBadded 2020/11/09 12:0 a.m.367 views

HP WMI Service 1.4.8.0 - 'HPWMISVC.exe' Unquoted Service Path

Exploit Title: HP WMI Service 1.4.8.0 - 'HPWMISVC.exe' Unquoted Service Path Discovery by: Jocelyn Arenas Discovery Date: 2020-11-07 Vendor Homepage: https://www8.hp.com/mx/es/home.html Tested Version: 1.4.8.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Home x64 es Step to...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2020/05/21 12:0 a.m.123 views

PHP Remote Code Execution Vulnerability (CVE-2019-11043).

Binary data phprcecve201911043.nbin...

9.8CVSS9.8AI score0.94053EPSS
Exploits53References5
Kitploit
Kitploitadded 2020/05/07 9:30 p.m.171 views

PowerSploit - A PowerShell Post-Exploitation Framework

PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment. PowerSploit is comprised of the following modules and scripts: CodeExecution Execute code on a target machine. Invoke-DllInjection Injects a Dll into the...

7.6AI score
Exploits0References1
CNVD
CNVDadded 2019/11/13 12:0 a.m.1 views

Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CNVD-2019-42803)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A scripting engine memory corruption vulnerability exists in Microsoft Edge based on EdgeHTML. The vulnerability stems from a problem in the way the scripting engine handles objects in...

7.6CVSS7.2AI score0.06916EPSS
Exploits2References1
Debian CVE
Debian CVEadded 2019/07/15 5:24 p.m.15 views

CVE-2019-1010296

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core kernel. The component is: opteeos. The fixed version is: 3.4.0 and later...

10CVSS9.8AI score0.01072EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2019/02/04 6:0 p.m.21 views

CVE-2019-3813

Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslotgetvirt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers...

7.5CVSS7.7AI score0.00256EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2019/01/29 2:20 p.m.17 views

CVE-2018-20181

rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function seamlessprocess and results in memory corruption and probably even a remote code execution...

9.8CVSS6.3AI score0.09899EPSS
Exploits1References2
Prion
Prionadded 2018/12/21 3:29 p.m.14 views

Stack overflow

Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused by improper bounds checking. By persuading a victim to open a specially-crafted LZH archive file, a attacker could execute arbitrary code execution...

6.8CVSS8.1AI score0.00545EPSS
Exploits0References2Affected Software1
Debian
Debianadded 2018/08/17 6:15 p.m.35 views

[SECURITY] [DSA 4277-1] mutt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4277-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 17, 2018 https://www.debian.org/security/faq -...

9.8CVSS9.3AI score0.04101EPSS
Exploits0
NVD
NVDadded 2018/01/12 11:29 p.m.16 views

CVE-2017-13184

In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.7AI score0.00037EPSS
Exploits0References3
CNVD
CNVDadded 2018/01/08 12:0 a.m.2 views

ImageMagick 'ReadSIXELImage' function buffer overflow vulnerability

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A buffer overflow vulnerability exists in the 'ReadSIXELImage' function of the coders/sixel.c file in ImageMagick...

8.8CVSS7.6AI score0.00661EPSS
Exploits1References1
NVD
NVDadded 2017/10/22 8:29 p.m.10 views

CVE-2017-15747

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x0000700b00260112 called from CADIMAGE+0x00000000003d35ad."...

7.8CVSS8AI score0.00298EPSS
Exploits0References1
NVD
NVDadded 2017/03/31 4:59 p.m.18 views

CVE-2014-9114

Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code...

7.8CVSS6.3AI score0.00132EPSS
Exploits0References11
Rows per page
Query Builder