Lucene search
+L

38 matches found

Nuclei
Nuclei
added 2 days ago92 views

Adobe AEM Dispatcher <4.15 - Rules Bypass

Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors. id: CVE-2016-0957 info: name: Adobe AEM Dispatcher 4.15 - Rules Bypass author: geeknik severity:...

7.8CVSS7.5AI score0.5071EPSS
Exploits0References5
Nuclei
Nuclei
added 2026/07/08 5:22 a.m.58 views

Apache S2-032 Struts - Remote Code Execution

Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when dynamic method invocation is enabled, allows remote attackers to execute arbitrary code via method: prefix related to chained expressions. id: CVE-2016-3081 info: name: Apache S2-032 Struts - Remote Code Execution...

9.3CVSS7.6AI score0.9373EPSS
Exploits12References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.173 views

NUUO NVR camera `debugging_center_utils_.php` - Command Execution

debuggingcenterutils.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter. id: CVE-2016-5674 info: name: NUUO NVR camera debuggingcenterutils.p...

10CVSS9.1AI score0.9461EPSS
Exploits11References2
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.34 views

Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass

Trend Micro Threat Discovery Appliance 2.6.1062r1 is vulnerable to a directory traversal vulnerability when processing a sessionid cookie, which allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS. id: CVE-2016-7552...

10CVSS8.4AI score0.93249EPSS
Exploits15References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.43 views

NETGEAR Routers - Remote Code Execution

NETGEAR routers R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly others allow...

9.3CVSS8.5AI score0.99781EPSS
Exploits9References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.51 views

WordPress PHPMailer < 5.2.18 - Remote Code Execution

WordPress PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " backslash double quote in a crafted Sender property in isMail transport. id: CVE-2016-10033 info: name: WordPress PHPMailer 5.2.18 - Remote...

9.8CVSS8AI score0.99714EPSS
Exploits58References5
GithubExploit
GithubExploit
added 2026/05/16 3:54 a.m.95 views

Escalamiento-de-Privilegios-usando-el-Kernel-Exploit-Dirty-Cow

🐄 Privilege Escalation — Dirty COW CVE-2016-5195 Entorn...

7.2CVSS5.8AI score0.83524EPSS
Exploits82
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-3094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of...

5.9CVSS5.9AI score0.07829EPSS
Exploits0References2
Nuclei
Nuclei
added 2024/11/10 11:32 a.m.66 views

Apache Tomcat - Remote Code Execution via JMX Ports

Apache Tomcat versions before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 are vulnerable to remote code execution if JmxRemoteLifecycleListener is used and the JMX ports are exposed to attackers. The vulnerability exists due to inconsistent credentia...

10CVSS8.5AI score0.92334EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.4 views

SUSE CVE-2016-5095

Integer overflow in the phpescapehtmlentitiesex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTERSANITIZEFULLSPECIALCHARS...

8.6CVSS7.9AI score0.02636EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.4 views

SUSE CVE-2016-9936

The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted serialized data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6834...

9.8CVSS9.9AI score0.04152EPSS
Exploits2References4
Circl
Circl
added 2017/07/06 10:9 a.m.8 views

CVE-2016-9038

creationtimestamp| type| source ---|---|--- 2017-07-06 10:09:19+00:00| seen| https://t.me/antimalware/115 2017-07-08 05:20:41+00:00| seen| https://t.me/webamoozir/2080...

7.8CVSS7.5AI score0.00313EPSS
Exploits2References2
GithubExploit
GithubExploit
added 2017/05/10 12:1 p.m.115 views

Exploit for Argument Injection in Phpmailer_Project Phpmailer

CVE2016-10033 explotation PoC This repository holds the neces...

9.8CVSS8.4AI score0.99714EPSS
Exploits58
OSV
OSV
added 2016/12/11 2:59 a.m.2 views

UBUNTU-CVE-2016-6613

An issue was discovered in phpMyAdmin. A user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin will then expose to the user. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to...

5.3CVSS7.3AI score0.01512EPSS
Exploits0References3
Vulnerability Lab
Vulnerability Lab
added 2016/11/18 12:0 a.m.48 views

CryptSetup Ubuntu 16.4 CVE2016-4484 - Privilege Escalate

Document Title: =============== CryptSetup Ubuntu 16.4 CVE2016-4484 - Privilege Escalate References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2014 Video: https://www.youtube.com/watch?v=81Qam91pRoE Credits:...

7.2CVSS0.5AI score0.00709EPSS
Exploits5
OSV
OSV
added 2016/09/17 12:0 a.m.2 views

UBUNTU-CVE-2016-7417

ext/spl/splarray.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray unserialization without validating a return value and data type, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data...

9.8CVSS7.2AI score0.06842EPSS
Exploits1References6
OSV
OSV
added 2016/09/09 10:59 a.m.4 views

UBUNTU-CVE-2016-7175

epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet...

5.9CVSS6.6AI score0.01307EPSS
Exploits0References4
OSV
OSV
added 2016/07/13 2:0 a.m.1 views

UBUNTU-CVE-2016-4245

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2016-4172,...

9.8CVSS7.6AI score0.04434EPSS
Exploits0References3
Rows per page
Query Builder