CVE-2023-7325

Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a server-side request forgery SSRF vulnerability in the xmlrpc.sock handler. The product accepts specially crafted XML-RPC requests that can be used to instruct the server to connect to internal unix...

EUVD-2021-34712

Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...

VulnCheck KEV: CVE-2023-7325

Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a server-side request forgery SSRF vulnerability in the xmlrpc.sock handler. The product accepts specially crafted XML-RPC requests that can be used to instruct the server to connect to internal unix...

Vulnerability fixed in Wing FTP Server

The developer of Wing FTP Server has fixed a vulnerability in version 7.4.4. The vulnerability is in the way Wing FTP Server processes null bytes in the user parameter. This allows a remote malicious person to inject arbitrary Lua code into session files, which can lead to the execution of...

CVE-2024-7964

creationtimestamp| type| source ---|---|--- 2024-08-22 00:07:08+00:00| seen| https://t.me/cvedetector/3844 2024-09-17 12:57:14+00:00| exploited| https://t.me/itsecnews/4718...

CVE-2024-39713

creationtimestamp| type| source ---|---|--- 2024-08-05 08:03:13+00:00| seen| https://t.me/cvedetector/2432 2025-02-07 19:47:04+00:00| seen| https://infosec.exchange/users/DarkWebInformer/statuses/113964326855977547 2025-02-07 19:47:36+00:00| published-proof-of-concept|...

CVE-2024-2285

creationtimestamp| type| source ---|---|--- 2024-03-08 04:26:11+00:00| seen| https://t.me/ctinow/203028 2024-03-08 04:26:17+00:00| seen| https://t.me/ctinow/203034 2024-03-08 06:51:55+00:00| seen| https://t.me/ctinow/203078...

CVE-2023-34060

creationtimestamp| type| source ---|---|--- 2023-11-15 05:23:49+00:00| seen| https://t.me/KomunitiSiber/1073 2023-11-15 05:32:21+00:00| seen| https://t.me/thehackernews/4149 2023-11-15 08:59:42+00:00| seen| Telegram/eQxMqgd-ZQ3SJkCjEECKaDkMPiUsk7hErpz3hVgAe6bTEQ 2023-11-15 10:00:20+00:00|...

CVE-2023-43139

creationtimestamp| type| source ---|---|--- 2023-10-31 11:20:59+00:00| seen| https://t.me/cibsecurity/73212...

CVE-2018-5713

creationtimestamp| type| source ---|---|--- 2023-05-08 12:37:01+00:00| exploited| https://t.me/kasperskyb2b/607...

CVE-2022-43874

creationtimestamp| type| source ---|---|--- 2023-03-15 21:30:01+00:00| seen| https://t.me/cibsecurity/60077...

CVE-2022-3215

creationtimestamp| type| source ---|---|--- 2022-09-29 00:34:25+00:00| seen| https://t.me/cibsecurity/50621...

CVE-2022-23119

creationtimestamp| type| source ---|---|--- 2022-01-20 22:12:00+00:00| seen| https://t.me/cibsecurity/35948 2022-01-21 11:01:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/5247 2022-02-03 16:00:44+00:00| exploited| https://t.me/truesecator/2588 2023-12-05...

CVE-2019-8917

creationtimestamp| type| source ---|---|--- 2020-12-22 10:22:00+00:00| exploited| https://t.me/truesecator/1280 2020-12-28 14:17:56+00:00| seen| https://t.me/truesecator/1296 2022-06-18 11:46:01+00:00| seen| https://t.me/CyberSecurityTechnologies/202...

CVE-2020-13519

creationtimestamp| type| source ---|---|--- 2020-12-18 22:44:11+00:00| seen| https://t.me/cibsecurity/21091 2025-01-04 20:00:16+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2318...

CVE-2019-12518

creationtimestamp| type| source ---|---|--- 2020-02-13 15:58:47+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/crosschexdevicebof.rb 2020-02-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48092 2024-03-05 09:42:25+00:00|...