7 matches found
Exploit for Command Injection in Contec Solarview_Compact_Firmware
nmap-CVE-2023-23333-exploit Nmap NSE script to dump /etc/passw...
GHSA-398J-F7M7-795J PHPMailer vulnerable to email header injection
Impact Arbitrary additional email headers can be injected via crafted From or Sender headers. Patches Fixed in 2.2.1 Workarounds Filter user-supplied values prior to using them in From or Sender properties. References https://nvd.nist.gov/vuln/detail/CVE-2012-0796 For more information If you have...
Exploit for Argument Injection in Atlassian Bitbucket
Original Project https://github.com/BenHays142/CVE-2022-3680...
Reddit: Regular Expression Denial of Service vulnerability
Summary: The vulnerability I have found is classified as a Regular Expression Denial of Service. While inspecting the source code file RealtimeGQLSubscriptionAsync.js I came across the nodemodule subscriptions-transport-ws See Screenshot 1. The search result of the subscriptions-transport-ws...
Top 30 Critical Security Vulnerabilities Most Exploited by Hackers
Intelligence agencies in Australia, the U.K., and the U.S. issued a joint advisory on Wednesday detailing the most exploited vulnerabilities in 2020 and 2021, once again demonstrating how threat actors are able to swiftly weaponize publicly disclosed flaws to their advantage. "Cyber actors contin...
cve_manager_VS - A Collection Of Python Apps And Shell Scripts To Email An Xlsx Spreadsheet Of New Vulnerabilities In The NIST CVE Database And Their Associated Products On A Daily Schedule
A collection of python apps and shell scripts to email an xlsx spreadsheet of new vulnerabilities in the NIST CVE database and their associated products on a daily schedule. The spreadsheet can then be manually interpreted for risk to your specific organization. Based off of an opensource product...
Exploit for Uncontrolled Search Path Element in Cisco Anyconnect_Secure_Mobility_Client
CVE-2020-3153 Cisco AnyConnect Secure Mobility Client EoP PoC...