Lucene search
K

173 matches found

huntr
huntr
added 2021/12/27 8:18 a.m.10 views

Cross-Site Request Forgery (CSRF) in zikula-modules/content

Description There is no csrf protection for content page duplicate functionality. Proof of Concept document.forms0.submit; Impact This vulnerability is capable of creating more number of duplicates by clicking malicious links...

0.6AI score
Exploits0
githubexploit
githubexploit
added 2021/12/11 2:54 p.m.307 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j log4shell CVE-2021-44228 Public IoCs list Public IoCs...

10CVSS9.3AI score0.99999EPSS
Exploits352
cve
cve
added 2021/10/20 2:31 p.m.152 views

CVE-2021-3542

CVE-2021-42739 is a heap-buffer-overflow in the Linux kernel FireWire driver (firedtv) used by FireWire-connected DVB receivers. A local attacker with access to the device could trigger memory corruption or denial of service. Affected kernels include the firedtv driver paths (drivers/media/firewi...

7.2AI score
Exploits0
osv
osv
added 2021/05/24 4:57 p.m.23 views

GHSA-C52F-PQ47-2R9J plugin.yaml file allows for duplicate entries in helm

Impact During a security audit of Helm's code base, Helm maintainers identified a bug in which a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install...

3CVSS5AI score0.01517EPSS
Exploits0References9
github
github
added 2021/05/24 4:57 p.m.43 views

plugin.yaml file allows for duplicate entries in helm

Impact During a security audit of Helm's code base, Helm maintainers identified a bug in which a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install...

6.5CVSS3.1AI score0.01517EPSS
Exploits0References9Affected Software2
gitlab
gitlab
added 2021/05/24 12:0 a.m.30 views

Use of Multiple Resources with Duplicate Identifier

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker...

4CVSS2.3AI score0.00883EPSS
Exploits0References5Affected Software1
gitlab
gitlab
added 2021/05/24 12:0 a.m.27 views

Use of Multiple Resources with Duplicate Identifier

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker...

4CVSS2.3AI score0.00883EPSS
Exploits0References5Affected Software1
kitploit
kitploit
added 2021/05/03 12:30 p.m.56 views

Duplicut - Remove Duplicates From MASSIVE Wordlist, Without Sorting It (For Dictionary-Based Password Cracking)

Quickly dedupe massive wordlists, without changing the order Created by nil0x42 and contributors Overview Modern password wordlist creation usually implies concatenating multiple data sources. Ideally, most probable passwords should stand at start of the wordlist, so most common passwords are...

7.4AI score
Exploits0References5
redhatcve
redhatcve
added 2020/09/24 9:47 a.m.34 views

CVE-2020-15187

In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform thi...

6.5CVSS3.3AI score0.01517EPSS
Exploits0References3
nvd
nvd
added 2020/09/17 10:15 p.m.17 views

CVE-2020-15185

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker...

4CVSS0.00883EPSS
Exploits0References2
nvd
nvd
added 2020/09/17 10:15 p.m.17 views

CVE-2020-15187

In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform thi...

6.5CVSS0.01517EPSS
Exploits0References7
osv
osv
added 2020/09/17 10:15 p.m.19 views

CVE-2020-15185

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker...

2.7CVSS6.5AI score
Exploits0References2
osv
osv
added 2020/09/17 10:15 p.m.18 views

CVE-2020-15187

In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform thi...

4.7CVSS4.3AI score
Exploits0References7
prion
prion
added 2020/09/17 10:15 p.m.25 views

Design/Logic Flaw

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker...

4CVSS4AI score0.00883EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2020/09/17 9:30 p.m.35 views

CVE-2020-15185 Duplicated chart entries in Helm

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker...

2.2CVSS3.9AI score0.00883EPSS
Exploits0References2
cve
cve
added 2020/09/17 9:30 p.m.83 views

CVE-2020-15185

CVE-2020-15185 affects Helm <= 2.16.11 and

4CVSS3.8AI score0.00883EPSS
Exploits0References2Affected Software1
kitploit
kitploit
added 2020/08/08 12:30 p.m.34 views

PhishingKitTracker - Let's Track Phishing Kits To Give To Research Community Raw Material To Stud

An extensible and freshly updated collection of phishingkits for forensics and future analysis topped with simple stats Disclaimer This repository holds a collection of Phishing Kits used by criminals to steal user information. Almost every file into the raw folder is malicious so I strongly...

7AI score
Exploits0References2
redhat
redhat
added 2020/01/27 9:20 p.m.5 views

httpd: URL normalization inconsistency

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

5.3CVSS6.6AI score0.1786EPSS
Exploits0References6
osv
osv
added 2019/06/11 9:29 p.m.26 views

CVE-2019-0220

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

5.3CVSS6.7AI score
Exploits0References40
msrc
msrc
added 2019/04/02 10:32 p.m.87 views

Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards

In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the security research...

7.4AI score
Exploits0
Rows per page
Query Builder