Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

16589 matches found

Positive Technologies
Positive Technologiesadded 2024/09/02 12:0 a.m.6 views

PT-2024-36053 · Zyxel · Zyxel Vmg8825-T50K

Name of the Vulnerable Software and Affected Versions: Zyxel VMG8825-T50K firmware version 5.50ABOM.8C0 Description: A buffer overflow vulnerability in the library "libclinkc" could allow an unauthenticated attacker to cause denial of service DoS conditions by sending a crafted HTTP request to a...

7.5CVSS7.8AI score0.00662EPSS
Exploits0References7
Packet Storm
Packet Stormadded 2024/09/01 12:0 a.m.504 views

Log4Shell HTTP Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Log4Shell HTTP Scanner', 'Description' = %q Versions of Apache Log4j2 impacted by CVE-2021-44228 which allow JNDI features used in configuration,...

10CVSS10AI score0.99999EPSS
Exploits349
Packet Storm
Packet Stormadded 2024/09/01 12:0 a.m.277 views

Supermicro Onboard IPMI Url_redirect.cgi Authenticated Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Supermicro Onboard IPMI urlredirect.cgi Authenticated Directory Traversal', 'Description' = %q This module abuses a directory...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2024/08/31 12:0 a.m.147 views

Monkey HTTPD Header Parsing Denial of Service (Denial of Service)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Monkey HTTPD Header Parsing Denial of Service DoS', 'Description' = %q This module causes improper header parsing that leads to a segmentation...

6.8CVSS7AI score0.20179EPSS
Exploits3
Packet Storm
Packet Stormadded 2024/08/31 12:0 a.m.169 views

TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access', 'Description' = %q This module tests for directory traversal vulnerability in...

5CVSS7AI score0.20662EPSS
Exploits2
Packet Storm
Packet Stormadded 2024/08/31 12:0 a.m.153 views

F5 BigIP Access Policy Manager Session Exhaustion Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BigIP Access Policy Manager Session Exhaustion Denial of Service', 'Description' = %q This module exploits a resource exhaustion denial of...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2024/08/31 12:0 a.m.310 views

NETGEAR Administrator Password Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NETGEAR Administrator Password Disclosure', 'Description' = %q This module will collect the password for the admin user. The exploit will not...

8.1CVSS7.2AI score0.89294EPSS
Exploits7
Packet Storm
Packet Stormadded 2024/08/31 12:0 a.m.138 views

GE Proficy Cimplicity WebView Substitute.bcl Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'GE Proficy Cimplicity WebView substitute.bcl Directory Traversal', 'Description' = %q This module abuses a directory traversal in G...

4.3CVSS7AI score0.17394EPSS
Exploits3
Packet Storm
Packet Stormadded 2024/08/31 12:0 a.m.226 views

Brother Debut http Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Brother Debut http Denial Of Service', 'Description' = %q The Debut embedded HTTP server MSFLICENSE, 'Author' = 'z00n ', vulnerability disclosure...

7.8CVSS7AI score0.59386EPSS
Exploits7
Packet Storm
Packet Stormadded 2024/08/31 12:0 a.m.184 views

Hashtable Collisions

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Hashtable Collisions', 'Description' = %q This module uses a denial-of-service DoS condition appearing in a variety of programming languages. Thi...

7.8CVSS7.3AI score0.83911EPSS
Exploits16
CNVD
CNVDadded 2024/08/30 12:0 a.m.3 views

TOTOLINK AC1200 Buffer Overflow Vulnerability

TOTOLINK AC1200 is a dual-band Wi-Fi router from China's Gion Electronics TOTOLINK. The TOTOLINK AC1200 suffers from a buffer overflow vulnerability that originates from the formWlEncrypt CGI handler in the boa program that fails to limit the length of the wlanssid field entered by the user. An...

9.8CVSS6.8AI score0.00662EPSS
Exploits1References1
Packet Storm
Packet Stormadded 2024/08/30 12:0 a.m.1330 views

SPIP 4.2.6 Code Execution

============================================================================================================================================= | Title : SPIP 4.2.6 PHP Code execution Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2024/08/29 12:0 a.m.288 views

Notemark 0.13.0 Cross Site Scripting

Exploit Title: Stored XSS in NoteMark Date: 07/29/2024 Exploit Author: Alessio Romano sfoffo Vendor Homepage: https://notemark.docs.enchantedcode.co.uk/ Version: 0.13.0 and below Tested on: Linux References: https://notes.sfoffo.com/contributions/2024-contributions/cve-2024-41819,...

8.7CVSS7.1AI score0.00777EPSS
Exploits4
Vulnrichment
Vulnrichmentadded 2024/08/28 12:0 a.m.33 views

CVE-2024-34198

TOTOLINK AC1200 Wireless Router A3002RU V2.1.1-B20230720.1011 is vulnerable to Buffer Overflow. The formWlEncrypt CGI handler in the boa program fails to limit the length of the wlanssid field from user input. This allows attackers to craft malicious HTTP requests by supplying an excessively long...

7.7AI score0.00662EPSS
Exploits1References1
0day.today
0day.todayadded 2024/08/28 12:0 a.m.241 views

NoteMark < 0.13.0 - Stored XSS Vulnerability

Exploit Title: Stored XSS in NoteMark Exploit Author: Alessio Romano sfoffo Vendor Homepage: https://notemark.docs.enchantedcode.co.uk/ Version: 0.13.0 and below Tested on: Linux References: https://notes.sfoffo.com/contributions/2024-contributions/cve-2024-41819,...

8.7CVSS7AI score0.00777EPSS
Exploits4
IBM Security Bulletins
IBM Security Bulletinsadded 2024/08/27 9:33 p.m.38 views

Security Bulletin: Multiple Security Vulnerabilities discovered in IBM Security Verify Directory products

Summary Several Security Vulnerabilities discovered in the IBM Security Verify Directory Integrator provided by IBM Security Verify Directory Products have been addressed by an update Vulnerability Details CVEID:CVE-2017-9735 DESCRIPTION: Jetty could allow a remote attacker to obtain sensitive...

9.8CVSS8.7AI score0.7848EPSS
Exploits5Affected Software1
OSV
OSVadded 2024/08/27 8:15 a.m.5 views

CVE-2024-41176

The MPD package included in TwinCAT/BSD allows an authenticated, low-privileged local attacker to induce a Denial-of-Service DoS condition on the daemon and execute code in the context of user “root” via a crafted HTTP request...

7.3CVSS5.9AI score0.00265EPSS
Exploits0References1
NVD
NVDadded 2024/08/27 8:15 a.m.17 views

CVE-2024-41176

The MPD package included in TwinCAT/BSD allows an authenticated, low-privileged local attacker to induce a Denial-of-Service DoS condition on the daemon and execute code in the context of user “root” via a crafted HTTP request...

7.3CVSS0.00265EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/08/27 8:1 a.m.19 views

CVE-2024-41176 Beckhoff: Local Denial of Service issue in package MDP included in TwinCAT/BSD

The MPD package included in TwinCAT/BSD allows an authenticated, low-privileged local attacker to induce a Denial-of-Service DoS condition on the daemon and execute code in the context of user “root” via a crafted HTTP request...

7.3CVSS0.00265EPSS
Exploits0References1
CVE
CVEadded 2024/08/27 8:1 a.m.93 views

CVE-2024-41176

CVE-2024-41176 affects Beckhoff: TwinCAT/BSD MPD package. An authenticated, low-privileged local attacker can cause a DoS in the daemon and execute code in the root context via a crafted HTTP request. Documented impact is local, with potential for full system compromise; exploitation status is no...

7.3CVSS7.1AI score0.00265EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder