CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'echo' verb, which allows a user to introspect a ROS topic and accepts a user-provided Python...

7.8CVSS5.9AI score0.00076EPSS

Exploits0References1

Fedora•added 2024/03/07 10:32 p.m.•25 views

[SECURITY] Fedora 40 Update: apache-commons-net-3.10.0-5.fc40

This is an Internet protocol suite Java library originally developed by ORO, Inc. This version supports Finger, Whois, TFTP, Telnet, POP3, FTP, NNTP, SMTP, and some miscellaneous protocols like Time and Echo as well as BSD R command support. The purpose of the library is to provide fundamental...

8.8CVSS6.9AI score0.45835EPSS

Exploits3

OSV•added 2022/12/07 6:30 p.m.•17 views

GHSA-J453-HM5X-C46W Echo vulnerable to directory traversal

Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read...

5.3CVSS5AI score0.00295EPSS

Exploits1References5

Github Security Blog•added 2022/12/07 6:30 p.m.•15 views

Echo vulnerable to directory traversal

5.3CVSS5.3AI score0.00295EPSS

Exploits1References5Affected Software1

CNVD•added 2022/09/30 12:0 a.m.•47 views

LabStack Echo Open Redirect Vulnerability

LabStack echo is a high-performance, minimalist Go web framework open sourced by LabStack LLC. labStack Echo v4.8.0 version has an open redirection vulnerability that can be exploited by attackers to launch server-side request forgery attacks...

3.6AI score0.58765EPSS

Exploits1Affected Software1

Wired Threat Level•added 2021/06/08 1:22 p.m.•25 views

How to Turn Off Amazon Sidewalk

The company is enlisting your Echo and Ring devices into an internet-sharing mesh network starting Monday. It’s not too late to opt out...

2.1AI score

Exploits0

Kitploit•added 2021/01/19 11:30 a.m.•40 views

HosTaGe - Low Interaction Mobile Honeypot

HosTaGe is a lightweight, low-interaction, portable, and generic honeypot for mobile devices that aims on the detection of malicious, wireless network environments. As most malware propagate over the network via specific protocols, a low-interaction honeypot located at a mobile device can check...

7.4AI score

Exploits0References7

OSV•added 2020/08/26 12:15 p.m.•17 views

CVE-2020-16193

osTicket before 1.14.3 allows XSS because include/staff/banrule.inc.php has an unvalidated echo $info'notes' call...

5.4CVSS6AI score

Exploits0References2

Kitploit•added 2020/07/16 9:50 p.m.•156 views

Saferwall - A Hackable Malware Sandbox For The 21St Century

Saferwall is an open source malware analysis platform. It aims for the following goals: Provide a collaborative platform to share samples among malware researchers. Acts as a system expert, to help researchers generates an automated malware analysis report. Hunting platform to find new malwares...

7.3AI score

Exploits0References6

AlpineLinux•added 2020/07/09 3:34 p.m.•64 views

CVE-2020-10756

An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6sendechoreply routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory,...

6.5CVSS6.3AI score0.00026EPSS

Exploits0

Exploit DB•added 2019/01/02 12:0 a.m.•93 views

Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Hashicorp Consul Remote Command Execution via Rexec", 'Description' = %q This module exploits a feature of Hashicorp Consul named rexec. ,...

7.4AI score

Exploits0

Wired Threat Level•added 2018/12/22 2:0 p.m.•95 views

A NASA Hack, a PewDiePie Fan, and More Security News

Amazon sends Echo recordings to the wrong person, Russians tried to get US Treasury dirt on Clinton donors, and more of the week's top security news...

2.2AI score

Exploits0

NVD•added 2018/11/14 9:29 a.m.•11 views

CVE-2018-19189

The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in an error.php echo statement...

6.1CVSS6.1AI score0.00328EPSS

Exploits1References2

Packet Storm•added 2017/09/29 12:0 a.m.•400 views

Oracle WebLogic Server Java Deserialization Remote Code Execution

Exploit Title: Oracle WebLogic Server Java Deserialization Remote Code Execution Date: 27/09/2017 Exploit Author: SlidingWindow , Twitter: @kapilkhot Vulnerability Author: FoxGloveSecurity Vendor Homepage: http://www.oracle.com/technetwork/middleware/weblogic/overview/index.html Affetcted Version...

7.5CVSS0.8AI score0.92947EPSS

Exploits16

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by