Lucene search
K

8 matches found

Samba
Samba
added 2023/07/19 12:0 a.m.44 views

Spotlight server-side Share Path Disclosure

Description As part of the Spotlight protocol, the initial request returns a path associated with the sharename targeted by the RPC request. Samba returns the real server-side share path at this point, as well as returning the absolute server-side path of results in search queries by clients. Kno...

5.3CVSS6.6AI score0.01185EPSS
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.141 views

Webgrind 1.1 - Reflected Cross-Site Scripting (XSS) & Remote Command Execution (RCE)

Exploit Title: Webgrind 1.1 - Reflected Cross-Site Scripting XSS & Remote Command Execution RCE Discovery by: Rafael Pedrero Discovery Date: 2022-02-13 Vendor Homepage: http://github.com/jokkedk/webgrind/ Software Link : http://github.com/jokkedk/webgrind/ Tested Version: 1.1 Tested on: Windows 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.160 views

Explorer32++ v1.3.5.531 - Buffer overflow

Exploit Title: Explorer32++ 1.3.5.531 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-09 Vendor Homepage: http://www.explorerplusplus.com/ Software Link : http://www.explorerplusplus.com/ Tested Version: 1.3.5.531 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...

7.4AI score
Exploits0
Prion
Prion
added 2022/01/19 1:15 a.m.20 views

Design/Logic Flaw

A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service DoS by sending crafted genuine packets to a device. During an attack, the routing protocol daemon rpd CPU may reach 100% utilization, yet FPC CPUs forwardi...

5CVSS7.3AI score0.01137EPSS
Exploits0References1Affected Software1
Talos
Talos
added 2020/02/24 12:0 a.m.51 views

Moxa AWK-3131A multiple iw_* utilities Use of Hard-coded Credentials Vulnerability

Summary An exploitable use of hard-coded credentials vulnerability exists in multiple iw utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. Tested Versions Moxa...

7.1CVSS6.7AI score0.00337EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2020/02/07 3:11 p.m.11 views

krispet.com.au Cross Site Scripting vulnerability

Security Researcher geeknik Helped patch 8547 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting krispet.com.au website and its users. Following coordinate...

0.1AI score
Exploits0
Talos
Talos
added 2018/01/11 12:0 a.m.38 views

Blender BKE_image_acquire_ibuf Integer Overflow Code Execution Vulnerability

Summary An exploitable integer overflow exists in the Image loading functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...

8.8CVSS7.8AI score0.0265EPSS
Exploits1
securityvulns
securityvulns
added 2006/10/16 12:0 a.m.67 views

Security Advisory for Bugzilla 2.18.5, 2.20.2, 2.22, and 2.23.2

Summary ======= Bugzilla is a Web-based bug-tracking system, used by a large number of software projects. This advisory covers six security issues that have recently been fixed in the Bugzilla code: + Sometimes the information put into the h1 and h2 tags in Bugzilla was not properly escaped,...

6AI score
Exploits0
Rows per page
Query Builder