Lucene search
K

1361 matches found

Cvelist
Cvelist
added 2020/08/24 7:10 p.m.24 views

CVE-2020-7376 Rapid7 Metasploit Framework Relative Path Traversal in enum_osx module

The Metasploit Framework module "post/osx/gather/enumosx module" is affected by a relative path traversal vulnerability in the getkeychains method which can be exploited to write arbitrary files to arbitrary locations on the host filesystem when the module is run on a malicious host...

7.1CVSS9.5AI score0.01123EPSS
Exploits1References1
Gitee
Gitee
added 2020/08/07 12:45 p.m.2 views

metasploit-framework

This is a Metasploit Framework repository, a widely used penetration testing tool. The framework is used for identifying and exploiting vulnerabilities in computer systems and applications. The primary target of this framework is the Metasploit Framework itself, which is a Ruby-based framework fo...

8.3AI score
Exploits0
Gitee
Gitee
added 2020/07/17 1:28 a.m.4 views

metasploit-framework

This is an offensive tool for Metasploit Framework. It is a collection of modules and tools for exploiting vulnerabilities in various systems and applications. The repository contains a wide range of modules, including exploits, payloads, and post-exploitation tools. The primary target of this to...

8.2AI score
Exploits0
Gitee
Gitee
added 2020/06/26 11:0 a.m.3 views

Gopherus

This is a Python script for generating gopher links to exploit Server-Side Request Forgery SSRF vulnerabilities in various servers. The script is designed to be used with the Metasploit framework. The script defines several classes for different types of servers, including MySQL, FastCGI,...

7.4AI score
Exploits0
GithubExploit
GithubExploit
added 2020/06/19 8:38 p.m.127 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

SMBGhost-LPE-Metasploit-Module This is an implementation of th...

10CVSS9.1AI score0.9981EPSS
Exploits125
BDU FSTEC
BDU FSTEC
added 2020/06/17 12:0 a.m.6 views

The vulnerability of the libnotify module in penetration testing software, such as the Metasploit Framework, allows a hacker to execute arbitrary commands.

The vulnerability of the libnotify module in testing software with the Metasploit Framework exists due to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

7.8CVSS7.6AI score0.04879EPSS
Exploits4References3Affected Software1
Gitee
Gitee
added 2020/05/13 9:34 p.m.2 views

metasploit-framework

This is an instance of the Metasploit Framework repository, a widely used penetration testing tool. The Metasploit Framework is a comprehensive platform for testing and exploiting vulnerabilities in computer systems and applications. It is a collection of tools and scripts that can be used to...

7.2AI score
Exploits0
Gitee
Gitee
added 2020/04/23 5:10 p.m.4 views

metasploit-framework

This is a Metasploit Framework repository. The framework is a penetration testing tool that allows users to create and execute exploits against various targets. The repository contains a wide range of modules, including exploits, payloads, and auxiliary tools. The framework is written in Ruby and...

7.8AI score
Exploits0
OSV
OSV
added 2020/04/22 10:15 p.m.4 views

CVE-2020-7350

Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. An attacker can create a specially-crafted hostname or service name to b...

7.8CVSS7.1AI score0.04879EPSS
Exploits4References1
Prion
Prion
added 2020/04/22 10:15 p.m.17 views

Command injection

Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. An attacker can create a specially-crafted hostname or service name to b...

6.8CVSS7.9AI score0.04879EPSS
Exploits4References1Affected Software1
CVE
CVE
added 2020/04/22 9:25 p.m.116 views

CVE-2020-7350

CVE-2020-7350 affects Rapid7 Metasploit Framework libnotify plugin. Versions before 5.0.85 allow OS command injection via untrusted data in a remote hostname/service name; an attacker must supply a crafted file processed by db_import to trigger code execution on the operator’s terminal. A fix was...

7.8CVSS7AI score0.04879EPSS
Exploits4References1Affected Software1
Cvelist
Cvelist
added 2020/04/22 9:25 p.m.33 views

CVE-2020-7350 Metasploit Framework Plugin Libnotify Command Injection

Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. An attacker can create a specially-crafted hostname or service name to b...

6.1CVSS7.9AI score0.04879EPSS
Exploits4References1
ATTACKERKB
ATTACKERKB
added 2020/04/16 12:0 a.m.17 views

CVE-2020-7350

Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer’s hostname or service name. An attacker can create a specially-crafted hostname or service name to b...

7.8CVSS8.1AI score0.04879EPSS
Exploits4References2
Gitee
Gitee
added 2020/03/28 4:31 p.m.2 views

metasploit-framework

This is an exploit module for the Metasploit Framework, a penetration testing tool. The module is designed to exploit a vulnerability in a specific target, but the exact target and vulnerability are not specified in the provided code. The module is written in Ruby and uses the Metasploit framewor...

7.1AI score
Exploits0
Gitee
Gitee
added 2020/02/21 5:1 p.m.3 views

metasploit-framework

This is the Metasploit Framework repository, a widely used penetration testing tool. It is an offensive tool for penetration testing and vulnerability assessment. The primary target of this tool is the Metasploit Framework itself, which is a Ruby-based framework for developing and executing...

8.5AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2020/02/13 12:0 a.m.24 views

Rapid7 Metasploit Framework Zip Import Directory Traversal

Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level...

7.4CVSS7.5AI score0.02758EPSS
Exploits1References4
Gitee
Gitee
added 2020/02/11 11:48 p.m.3 views

vmware_escape

This is a VMware Escape Exploit targeting VMware WorkStation 12.5.5. The exploit is designed to escape the sandbox environment and execute arbitrary code on the host system. The exploit is likely to be a heap overflow vulnerability, which is a type of buffer overflow attack that occurs when a...

8.2AI score
Exploits0
Circl
Circl
added 2020/02/10 11:42 a.m.4 views

CVE-2020-8772

creationtimestamp| type| source ---|---|--- 2020-02-10 11:42:10+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wpinfinitewpauthbypass.rb 2025-10-23 21:12:59+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

9.8CVSS9AI score0.8787EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2020/01/29 12:0 a.m.32 views

CVE-2020-7247

smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the “uncommented” default configuration...

10CVSS9.6AI score0.98946EPSS
In wildExploits27References20
Gitee
Gitee
added 2020/01/21 4:30 p.m.2 views

metasploit-framework

This is an offensive tool for Metasploit Framework. The Metasploit Framework is a penetration testing platform that provides a comprehensive set of tools for exploiting vulnerabilities in software applications. It is primarily used by security researchers and penetration testers to identify and...

7.1AI score
Exploits0
Rows per page
Query Builder