CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1620 matches found

OSV•added 2024/09/03 12:0 a.m.•20 views

ALSA-2024:6162 Moderate: python-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 For more details about the security issues, including the impact, a...

6.5CVSS6AI score0.00216EPSS

Exploits1References4

Packet Storm•added 2024/09/01 12:0 a.m.•202 views

Wordpress BulletProof Security Backup Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'Wordpress BulletProof Security Backup Disclosure', 'Description' = %q The Wordpress plugin BulletProof Security, versions 'Ron...

5.3CVSS7.4AI score0.90941EPSS

Exploits7

Packet Storm•added 2024/09/01 12:0 a.m.•169 views

WordPress Mobile Edition File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Mobile Edition File Read Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability in WordPress Plugi...

7.4AI score

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•405 views

Drupal Views Module Users Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupal Views Module Users Enumeration', 'Description' = %q This module exploits an information disclosure vulnerability in the 'Views' module of...

7.4AI score

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•155 views

SAP Web GUI Login Brute Forcer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port of a plugin available in the Onapsis Bizploit Opensource ERP Penetration Testing framework -...

7.4AI score

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•232 views

ManageEngine Support Center Plus Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Support Center Plus Directory Traversal", 'Description' = %q This module exploits a directory traversal vulnerability found in...

5CVSS7.1AI score0.78866EPSS

Exploits3

Packet Storm•added 2024/09/01 12:0 a.m.•505 views

Libssh Authentication Bypass Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'libssh Authentication Bypass Scanner', 'Description' = %q This module exploits an authentication bypass in libssh server code where a...

9.1CVSS7AI score0.74906EPSS

Exploits10

Packet Storm•added 2024/08/31 12:0 a.m.•275 views

BIND TKEY Query Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BIND TKEY Query Denial of Service', 'Description' = %q This module sends a malformed TKEY query, which exploits an error in handling TKEY queries...

7.8CVSS7.2AI score0.92376EPSS

Exploits12

Packet Storm•added 2024/08/31 12:0 a.m.•153 views

Oracle TNS Listener SID Brute Forcer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle TNS Listener SID Brute Forcer', 'Description' = %q This module simply attempts to discover the protected SID. , 'Author' = 'MC' , 'License...

7.4AI score

Exploits0

Packet Storm•added 2024/08/31 12:0 a.m.•230 views

NetBIOS Response Brute Force Spoof

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NetBIOS Response Brute Force Spoof Direct', 'Description' = %q This module continuously spams NetBIOS responses to a target for given hostname,...

7.4AI score

Exploits0

Packet Storm•added 2024/08/31 12:0 a.m.•347 views

Samba Symlink Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Samba Symlink Directory Traversal', 'Description' = %Q This module exploits a directory traversal flaw in the Samba CIFS server. To exploit this...

3.5CVSS6.9AI score0.56307EPSS

Exploits6

Packet Storm•added 2024/08/31 12:0 a.m.•182 views

Hashtable Collisions

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Hashtable Collisions', 'Description' = %q This module uses a denial-of-service DoS condition appearing in a variety of programming languages. Thi...

7.8CVSS7.3AI score0.85815EPSS

Exploits16

Packet Storm•added 2024/08/31 12:0 a.m.•144 views

URGENT/11 Scanner, Based On Detection Tool By Armis

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'URGENT/11 Scanner, Based on Detection Tool by Armis', 'Description' = %q This module detects VxWorks and the IPnet IP stack, along with devices...

7.5CVSS7AI score0.05895EPSS

Exploits2

RedhatCVE•added 2024/08/27 12:43 p.m.•19 views

CVE-2024-44938

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2 returned 0, causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop directly when negative shif...

5.5CVSS6.9AI score0.00016EPSS

Exploits0References4

Fedora•added 2024/08/26 2:5 a.m.•24 views

[SECURITY] Fedora 40 Update: nginx-mod-vts-0.2.2-9.fc40

Nginx virtual host traffic status module...

5.7CVSS4.8AI score0.00197EPSS

Exploits0

Fedora•added 2024/08/26 1:31 a.m.•16 views

[SECURITY] Fedora 39 Update: nginx-mod-vts-0.2.2-9.fc39

Nginx virtual host traffic status module...

5.7CVSS4.8AI score0.00197EPSS

Exploits0

OpenVAS•added 2024/08/26 12:0 a.m.•7 views

Fedora: Security Advisory for nginx-mod-fancyindex (FEDORA-2024-8ba5080dfa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.7CVSS7AI score0.00197EPSS

Exploits0References2

Metasploit•added 2024/08/23 6:52 p.m.•418 views

Ray Agent Job RCE

RCE in Ray via the agent job submission endpoint. This is intended functionality as Ray's main purpose is executing arbitrary workloads. By default Ray has no authentication. Module Options msf use exploit/linux/http/rayagentjobrce msf exploitrayagentjobrce show targets ...targets... msf...

9.8CVSS7.2AI score0.92192EPSS

Exploits6

Rockylinux•added 2024/08/21 2:52 p.m.•70 views

httpd:2.4 security update

An update is available for module.modmd, module.modhttp2, modhttp2, httpd, modmd, module.httpd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd package...

9.8CVSS9.5AI score0.03019EPSS

Exploits0

AlpineLinux•added 2024/08/19 7:6 p.m.•31 views

CVE-2024-7592

There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resourc...

7.5CVSS7.3AI score0.00883EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by