Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Zero Day Initiative
Zero Day Initiativeadded 2025/01/19 12:0 a.m.9 views

Ivanti Avalanche SecureFilter allowPassThrough Authentication Bypass Vulnerability

This vulnerability allows remote attackers to partially bypass authentication on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the allowPassThrough method. The issue results from...

7.3CVSS6.9AI score0.31041EPSS
Exploits0References1
Malwarebytes
Malwarebytesadded 2022/06/07 3:50 p.m.43 views

Hackers can take over accounts you haven’t even created yet

Account hijacking has sadly become a regular, everyday occurrence. But when it comes to hijacking accounts before they are even created? Thats something youd never think possible—but it is. Two security researchers, Avinash Sudhodanan and Andrew Paverd, call this new class of attack a...

0.7AI score
Exploits0
HackRead
HackReadadded 2020/04/14 3:29 p.m.23 views

Watch: Flaw exploited to post fake COVID-19 clips from TikTok accounts

By Deeba Ahmed In their demonstration, researchers showed how they published fake COVID-19 videos from WHO and TikTok's official accounts. This is a post from HackRead.com Read the original post: Watch: Flaw exploited to post fake COVID-19 clips from TikTok accounts...

4AI score
Exploits0
Exploit DB
Exploit DBadded 2016/07/29 12:0 a.m.33 views

Trend Micro Deep Discovery 3.7/3.8 SP1 (3.81)/3.8 SP2 (3.82) - 'hotfix_upload.cgi' Filename Remote Code Execution

Version: TDA 2.6.1062r1 Summary: The hotfixupload.cgi file contains a flaw allowing a user to execute commands under the context of the root user. Details: The hotfixupload.cgi file is used to upload files hot fixes. Below is a sample of the upload function being used: POST...

7.4AI score
Exploits0
Metasploit
Metasploitadded 2013/06/21 10:31 p.m.45 views

Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation

This module exploits a flaw in the nwfs.sys driver to overwrite data in kernel space. The corruption occurs while handling ioctl requests with code 0x1438BB, where a 0x00000009 dword is written to an arbitrary address. An entry within the HalDispatchTable is overwritten in order to execute...

6.9CVSS7.8AI score0.05481EPSS
Exploits1
ThreatPost
ThreatPostadded 2009/08/12 2:27 p.m.16 views

Hijacking Safari 4 Top Sites

This short video demonstration shows a new technique for exploiting a flaw in Apple Safari 4 that enables an attacker to hijack the Top Sites feature in Safari and replace the victim’s Top Sites with phishing sites. The vulnerability and attack were discovered by Inferno...

2.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2005/01/11 12:0 a.m.66 views

MS05-002: Cursor and Icon Format Handling Code Execution (891711)

The remote host contains a version of the Windows kernel that is affected by a security flaw in the way that cursors and icons are handled. An attacker may be able to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web page. An...

7.5CVSS6.1AI score0.58579EPSS
Exploits14References4
Rows per page
Query Builder