CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2018/05/31 8:29 p.m.•14 views

Remote code execution

9.3CVSS8AI score0.00735EPSS

Exploits0References1Affected Software1

UbuntuCve•added 2018/05/31 8:29 p.m.•21 views

CVE-2016-10518

A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...

7.5CVSS7AI score0.00345EPSS

Exploits0References4

NVD•added 2018/05/31 8:29 p.m.•10 views

CVE-2016-10518

7.5CVSS7.4AI score0.00345EPSS

OSV•added 2018/05/31 8:29 p.m.•12 views

CVE-2016-10518

7.5CVSS7.7AI score

CVE•added 2018/05/31 8:0 p.m.•51 views

CVE-2016-10572

The vulnerability CVE-2016-10572 affects mongodb-instance prior to 0.0.3, where the application downloads binaries over HTTP. This insecure fetch enables MITM interference, potentially swapping the downloaded binary with a malicious one and enabling remote code execution on the host running mongo...

9.3CVSS8.3AI score0.00735EPSS

Exploits0References1Affected Software1

Debian CVE•added 2018/05/31 8:0 p.m.•18 views

CVE-2016-10518

7.5CVSS7.4AI score0.00345EPSS

Circl•added 2018/05/29 3:50 p.m.•7 views

CVE-2004-1626

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/abilityserverstor.rb 2025-02-06 03:13:38+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:08:09+00:00| seen|...

5CVSS5.7AI score0.73355EPSS

Exploits2References1

CNVD•added 2018/05/29 12:0 a.m.•1 views

SAP NetWeaver Instance Agent Service Information Disclosure Vulnerability (CNVD-2018-15773)

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. An information disclosure vulnerability exists in SAP NetWeaver. An attacker could exploit this vulnerability to...

6.1AI score

OSV•added 2018/05/25 2:29 p.m.•1 views

CVE-2018-1450

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140045...

5.5CVSS5.9AI score

OSV•added 2018/05/25 2:29 p.m.•1 views

CVE-2018-1452

5.5CVSS5.9AI score

OSV•added 2018/05/25 2:29 p.m.•1 views

CVE-2018-1544

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2 instance owner. IBM X-Force ID: 142648...

7.8CVSS6AI score

CNVD•added 2018/05/21 12:0 a.m.•1 views

SAP NetWeaver Instance Agent Service Memory Corruption Vulnerability

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A memory corruption vulnerability exists in the SAP NetWeaver Instance Agent Service. An attacker could exploit...

7.7AI score

Kitploit•added 2018/05/12 12:43 p.m.•19 views

Whonow - A "Malicious" DNS Server For Executing DNS Rebinding Attacks On The Fly (Public Instance Running On Rebind.Network:53)

A malicious DNS server for executing DNS Rebinding attacks on the fly. whonow lets you specify DNS responses and rebind rules dynamically using domain requests themselves. respond to DNS queries for this domain with 52.23.194.42 the first time it is requested and then 192.168.1.1 every time after...

6.8AI score

Exploits0References2

Fedora•added 2018/05/10 7:10 p.m.•25 views

[SECURITY] Fedora 26 Update: knot-resolver-2.3.0-1.fc26

The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as...

7.5CVSS2.6AI score0.00499EPSS

Fedora•added 2018/05/09 9:27 p.m.•18 views

[SECURITY] Fedora 28 Update: knot-resolver-2.3.0-1.fc28

7.5CVSS2.6AI score0.00499EPSS

Arista•added 2018/05/02 12:0 a.m.•78 views

Security Advisory 0034

Security Advisory 0034 PDF Date: May 2nd, 2018 Version: 1.0 Revision| Date| Changes ---|---|--- 1.0 | May 2nd, 2018 | Initial Release Affected Platforms: All EOS platforms Affected Software Version: 4.20.1FX-Virtual-Router The CVE-ID tracking this issue is CVE-2017-18017 CVSS v3: 9.8...

10CVSS6.9AI score0.3431EPSS

NVD•added 2018/04/25 1:29 p.m.•13 views

CVE-2017-7652

In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. If there are lots of clients connected so that there are no more file descriptors/sockets available default limit...

7.5CVSS7.4AI score0.01004EPSS

Exploits0References5

ThreatPost•added 2018/04/19 4:30 p.m.•10 views

Cloud Credentials: New Attack Surface for Old Problem

SAN FRANCISCO – Credential theft and abuse have long been a nagging problem for local network administrators. The threat surface ranges from pretexting scams to insiders who abuse network privileges in order to grant themselves higher permissions than otherwise assigned. Here at RSA Conference,...

1.5AI score

Hacker One•added 2018/04/09 11:7 p.m.•62 views

Roblox: Subdomain Takeover to Authentication bypass

Vulnerability Type: ----------- Subdomain Takeover Description: ----------- Due to unclaimed or expired Hubspot instance an attacker is able to claim and serve content from devrel.roblox.com and perform different kind of attacks which i shared in impact section. Affected Area: -----------...

6.9AI score