Lucene search
K

81 matches found

Packet Storm
Packet Storm
added 2021/01/08 12:0 a.m.269 views

Apache Flink 1.11.0 Arbitrary File Read / Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Flink File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in Apache Fli...

0.4AI score0.97856EPSS
Exploits14
Exploit DB
Exploit DB
added 2021/01/08 12:0 a.m.275 views

Apache Flink 1.11.0 - Unauthenticated Arbitrary File Read (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Flink File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in Apache Fli...

9.1CVSS7.7AI score0.97856EPSS
Exploits14
Exploit DB
Exploit DB
added 2020/02/10 12:0 a.m.524 views

OpenSMTPD - MAIL FROM Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSMTPD MAIL FROM Remote Code Execution', 'Description' = %q This module exploits a command injection in the MAIL FROM field during SMTP...

10CVSS7.4AI score0.98946EPSS
Exploits27
exploitpack
exploitpack
added 2019/09/16 12:0 a.m.81 views

Symantec Advanced Secure Gateway (ASG) ProxySG - Unrestricted File Upload

Symantec Advanced Secure Gateway ASG ProxySG - Unrestricted File Upload ===========Security Intelligence============ Vendor Homepage: adobe.com Version: 2018 Tested on: Adobe ColdFusion 2018 Exploit Author: Pankaj Kumar Thakur Nepal ==========Table of Contents============== Overview Detailed...

8.5CVSS0.16561EPSS
Exploits7
OpenVAS
OpenVAS
added 2019/06/26 12:0 a.m.58 views

Django AdminURLFieldWidget XSS Vulnerability - Linux

Django is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django";...

6.1CVSS6.7AI score0.02563EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.39 views

Fedora 30 : python-urllib3 (2019-6afaa38e7b)

Fix an issue similar to CVE-2018-20060 where the authorization header was removed only when the case matched. - Fix an issue where the system CA bundle was loaded even when an alternate bundle was explicitly specified https://www.openwall.com/lists/oss-security/2019/04/17/ 3 Full changelog at:...

9.8CVSS6.8AI score0.04488EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/04/30 12:0 a.m.23 views

Fedora 28 : python-urllib3 (2019-8560719e80)

Fix an issue similar to CVE-2018-20060 where the authorization header was removed only when the case matched. - Fix an issue where the system CA bundle was loaded even when an alternate bundle was explicitly specified https://www.openwall.com/lists/oss-security/2019/04/17/ 3 Full changelog at:...

9.8CVSS6.8AI score0.04488EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/04/24 12:0 a.m.39 views

Fedora 29 : python-urllib3 (2019-a6c56f9756)

Fix an issue similar to CVE-2018-20060 where the authorization header was removed only when the case matched. - Fix an issue where the system CA bundle was loaded even when an alternate bundle was explicitly specified https://www.openwall.com/lists/oss-security/2019/04/17/ 3 Full changelog at:...

9.8CVSS6.8AI score0.04488EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2019/02/07 12:0 a.m.77 views

Dovecot 1.1.0 - 2.2.36 and 2.3.0 - 2.3.4 Authentication Bypass Vulnerability

Dovecot is prone to an authentication bypass vulnerability. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Softwar...

7.7CVSS7.1AI score0.02462EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2019/01/16 12:0 a.m.60 views

blueman set_dhcp_handler D-Bus Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'blueman setdhcphandler D-Bus Privilege Escalation', 'Description' = %q This module attempts to gain root privileges by exploiting a Python code...

7.2CVSS0.8AI score0.0634EPSS
Exploits4
Prion
Prion
added 2018/04/10 3:29 p.m.32 views

Heap overflow

Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file because of incorrect j2kdecode, j2kreadeoc, and tcddecodetile interaction, a...

6.8CVSS8AI score0.05515EPSS
Exploits0References2Affected Software2
UbuntuCve
UbuntuCve
added 2018/04/10 3:29 p.m.32 views

CVE-2014-0158

Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file because of incorrect j2kdecode, j2kreadeoc, and tcddecodetile interaction, a...

8.8CVSS7.5AI score0.01828EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/11/09 12:0 a.m.31 views

MediaWiki XXE Vulnerability - Windows

The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service DoS, or possibly have other impact via an XML external entity XXE attack. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be...

9.8CVSS8.1AI score0.02021EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/11/24 12:0 a.m.36 views

Perl 'XSLoader Method' Code Execution Vulnerability - Windows

Perl is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:perl:perl"; ifdescription...

7.8CVSS7.9AI score0.00787EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2016/11/10 12:0 a.m.138 views

Dropbear < 2016.74 Multiple Vulnerabilities

Dropbear is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dropbearsshproject:dropbearssh"; i...

10CVSS8.3AI score0.10494EPSS
Exploits0References1
Hacker One
Hacker One
added 2016/10/17 12:11 p.m.58 views

Internet Bug Bounty: Heap overflow in mysqlnd related to BIT fields (CVE-2016-7412)

This report is related to a bug in PHP that has now been fixed and publicly disclosed. It was assigned CVE-2016-7412. The details are at: https://bugs.php.net/bug.php?id=72293 Disclosure was on Sep 15: http://www.openwall.com/lists/oss-security/2016/09/15/10 Thanks!...

6.8CVSS7.9AI score0.0885EPSS
Exploits1
OpenVAS
OpenVAS
added 2016/10/17 12:0 a.m.37 views

Ruby on Rails Active Record Security Bypass Vulnerability (Jan 2016) - Windows

Ruby on Rails is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rubyonrails:rails";...

5.3CVSS5.6AI score0.0425EPSS
Exploits0References2
exploitpack
exploitpack
added 2016/10/10 12:0 a.m.103 views

Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Local Privilege Escalation

Linux Kernel 4.6.2 Ubuntu 16.04.1 - IP6TSOSETREPLACE Local Privilege Escalation Exploit Title: Linux kernel = 4.6.2 - Local Privileges Escalation via IP6TSOSETREPLACE compat setsockopt call Date: 2016.10.8 Exploit Author: Qian Zhang@MarvelTeam Qihoo 360 Version: Linux kernel = 4.6.2 Tested on:...

7.2CVSS0.4AI score0.05676EPSS
Exploits10
OpenVAS
OpenVAS
added 2016/07/14 12:0 a.m.108 views

PHP < 5.5.32, 5.6.x < 5.6.18, 7.x < 7.0.3 Multiple Vulnerabilities (Jul 2016) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

10CVSS9.6AI score0.10997EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2016/07/07 12:0 a.m.38 views

GraphicsMagick Code Execution And Denial of Service Vulnerabilities (Jul 2016) - Windows

GraphicsMagick is prone to arbitrary code execution and denial of service vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS8.4AI score0.49982EPSS
Exploits1References8
Rows per page
Query Builder