Lucene search
K

308 matches found

Debian CVE
Debian CVE
added 2022/05/10 12:0 a.m.61 views

CVE-2022-1537

file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privilege...

7.8CVSS7.6AI score0.00299EPSS
Exploits1
GithubExploit
GithubExploit
added 2022/01/28 2:54 a.m.481 views

Exploit for Incomplete Cleanup in Linux Linux_Kernel

CVE-2021-4032-NoGCC Test in: Ubuntu 20...

7.8CVSS7.5AI score0.94921EPSS
Exploits153
Packet Storm
Packet Storm
added 2022/01/05 12:0 a.m.501 views

RiteCMS 3.1.0 Arbitrary File Overwrite

Exploit Title: RiteCMS 3.1.0 - Arbitrary File Overwrite Authenticated Date: 25/07/2021 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip Version: Browse...

0.5AI score
Exploits0
NVD
NVD
added 2021/12/15 8:15 a.m.23 views

CVE-2021-45043

HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via the /language/lang sLanguage parameter...

7.5CVSS0.33133EPSS
Exploits1References2
Prion
Prion
added 2021/12/15 8:15 a.m.20 views

Directory traversal

HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via the /language/lang sLanguage parameter...

5CVSS7.4AI score0.33133EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/12/15 7:13 a.m.32 views

CVE-2021-45043

HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via the /language/lang sLanguage parameter...

7.6AI score0.33133EPSS
Exploits1References2
CVE
CVE
added 2021/12/15 7:13 a.m.83 views

CVE-2021-45043

HD-Network Real-time Monitoring System 2.0 is affected by a Local File Inclusion vulnerability. The NUCLEI template for CVE-2021-45043 describes an LFI flaw exposed via the /language/lang s_Language parameter, enabling remote unauthenticated attackers to view confidential information (e.g., /etc/...

7.5CVSS7.4AI score0.33133EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2021/12/07 12:0 a.m.1 views

PT-2022-1944

Name of the Vulnerable Software and Affected Versions D-Link DAP-1620 affected versions not specified Description The issue is related to Local File Inclusion due to path traversal errors in the software, allowing unauthorized access to internal files. This can lead to the reading of sensitive...

7.5CVSS5.8AI score0.57984EPSS
Exploits4References15
ATTACKERKB
ATTACKERKB
added 2021/12/06 4:15 a.m.3 views

CVE-2021-43043

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule...

6.5CVSS6.7AI score0.01414EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/12/06 12:0 a.m.25 views

CVE-2021-43043

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule...

6.7AI score0.01414EPSS
Exploits1References3
OSV
OSV
added 2021/10/12 4:6 p.m.11 views

GHSA-QH54-9VC5-M9FG MD5 hash support in github.com/foxcpp/maddy

Impact This vulnerability affects maddy 0.5.1, 0.5.0 users using auth.shadow module and an extremely outdated system that still allows MD5 hashes in /etc/shadows. Patches Patch is available as part of the 0.5.2 release. Workarounds Ensure MD5 hashes are not present in /etc/shadow...

3CVSS7.1AI score
Exploits0References2
NVD
NVD
added 2021/10/01 2:15 p.m.17 views

CVE-2021-40960

Galera WebTemplate 1.0 is affected by a directory traversal vulnerability that could reveal information from /etc/passwd and /etc/shadow...

9.8CVSS0.09768EPSS
Exploits1References2
Prion
Prion
added 2021/10/01 2:15 p.m.18 views

Directory traversal

Galera WebTemplate 1.0 is affected by a directory traversal vulnerability that could reveal information from /etc/passwd and /etc/shadow...

7.5CVSS9.3AI score0.09768EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/10/01 1:12 p.m.23 views

CVE-2021-40960

Galera WebTemplate 1.0 is affected by a directory traversal vulnerability that could reveal information from /etc/passwd and /etc/shadow...

9.6AI score0.09768EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/10/01 12:0 a.m.4 views

Galera WebTemplate 路径遍历漏洞

Galera WebTemplate is a web template. A path traversal vulnerability exists in Galera WebTemplate 1.0 that could disclose information from /etc/passwd and /etc/shadow...

9.8CVSS8.4AI score0.09768EPSS
Exploits1References3
Metasploit
Metasploit
added 2021/04/09 5:42 p.m.63 views

Haserl Arbitrary File Reader

This module exploits haserl prior to 0.9.36 to read arbitrary files. The most widely accepted exploitation vector is reading /etc/shadow, which will reveal root's hash for cracking. Module Options msf use post/linux/gather/haserlread msf posthaserlread show actions ...actions... msf posthaserlrea...

5.5CVSS5.4AI score0.01082EPSS
Exploits2
0day.today
0day.today
added 2021/02/09 12:0 a.m.110 views

Linux/x64 - execve (cat /etc/shadow) Shellcode (66 bytes)

Exploit Title: Linux/x64 - execve "cat /etc/shadow" Shellcode 66 bytes Author: Felipe Winsnes Tested on: Debian x64 Shellcode Length: 66 / global start start: xor rax, rax ; Zeroes out RAX. xor rbp, rbp ; Zeroes out RBP. push rax ; Pushes RAX's NULL-DWORD. mov rbp, 0x776f646168732f63 ; Moves valu...

7.1AI score
Exploits0
Prion
Prion
added 2021/02/01 2:15 a.m.15 views

Design/Logic Flaw

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in /etc/shadow, coupled with a logic bug in the LuCI - OpenWrt Configuration Interface framework, allows the undocumented system account mofidev to login to the cgi-bin/luci/quick/wizard management interfac...

5CVSS9.3AI score0.01178EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/02/01 1:27 a.m.37 views

CVE-2020-13859

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in /etc/shadow, coupled with a logic bug in the LuCI - OpenWrt Configuration Interface framework, allows the undocumented system account mofidev to login to the cgi-bin/luci/quick/wizard management interfac...

9.5AI score0.01178EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/01/25 12:0 a.m.14 views

Linux: Get access permissions to configuration files

Get access permissions to relevant Linux config files like /etc/shadow, /etc/passwd and other. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-lat...

0.1AI score
Exploits0
Rows per page
Query Builder