CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2023/10/25 6:17 p.m.•10 views

PYSEC-2023-220

6.5CVSS6.6AI score0.00209EPSS

OSV•added 2023/10/24 2:17 p.m.•20 views

CVE-2023-46128 Exposure of hashed user passwords via REST API in Nautobot

6.5CVSS6.3AI score0.00209EPSS

Exploits1References5

CVE•added 2023/10/24 2:17 p.m.•86 views

CVE-2023-46128

CVE-2023-46128 affects Nautobot (network automation platform built on Django) prior to version 2.0.3. In Nautobot 2.0.x, certain REST API endpoints, when used with the query parameter ?depth=, can cause authenticated users to retrieve hashed (not plaintext) passwords stored in the database. This ...

6.5CVSS6.2AI score0.00209EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/10/24 2:17 p.m.•8 views

CVE-2023-46128 Exposure of hashed user passwords via REST API in Nautobot

6.5CVSS6.5AI score0.00209EPSS

Vulnrichment•added 2023/10/24 2:17 p.m.•10 views

CVE-2023-46128 Exposure of hashed user passwords via REST API in Nautobot

6.5CVSS6.3AI score0.00209EPSS

GithubExploit•added 2023/09/28 3:55 p.m.•691 views

Exploit for Code Injection in Cisco Telepresence_Video_Communication_Server

I started looking at Cisco Expressway after I noticed quite a fe...

7.2CVSS7.3AI score0.34269EPSS

Exploits1

Fedora•added 2023/05/26 1:52 a.m.•26 views

[SECURITY] Fedora 38 Update: python-fastapi-0.95.2-1.fc38

FastAPI is a modern, fast high-performance, web framework for building APIs with Python 3.7+ based on standard Python type hints. The key features are: =EF=BF=BD=EF=BF=BD=EF=BF=BD Fast: Very high performance, on par with NodeJS and Go thanks to Starlette and Pydantic. One of the fastest Python...

7.4AI score

Gitee•added 2022/08/30 11:27 a.m.•2 views

frankenstein

This is a Python-based framework called Frankenstein, designed to provide a virtual environment for fuzzing wireless firmwares. The framework is currently optimized for the CYW20735 Bluetooth evaluation board but also supports the CYW20819A1 evaluation board. The framework allows users to attach ...

7.2AI score

Kitploit•added 2022/03/21 8:30 p.m.•35 views

Vortex - VPN Overall Reconnaissance, Testing, Enumeration And eXploitation Toolkit

VPN Overall Reconnaissance, Testing, Enumeration and Exploitation Toolkit Overview A very simple Python framework, inspired by SprayingToolkit, that tries to automate most of the process required to detect, enumerate and attack common O365 and VPN endpoints like Cisco, Citrix, Fortinet, Pulse,...

8AI score

Exploits0References12

Packet Storm•added 2021/09/14 12:0 a.m.•207 views

Facebook ParlAI 1.0.0 Code Execution / Deserialization

Exploit Title: Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai Date: 2021-09-11 Exploit Author: Abhiram V Vendor Homepage: https://parl.ai/ Software Link: https://github.com/facebookresearch/ParlAI Version: 1.1.0 Tested on: Linux CVE: CVE-2021-24040 References :...

0.5AI score0.36239EPSS

Exploits4

Exploit DB•added 2021/09/13 12:0 a.m.•299 views

Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai

9.8CVSS9.6AI score0.36239EPSS

Exploits4

Gitee•added 2021/07/08 3:17 p.m.•2 views

isf

This is an Industrial Exploitation Framework ISF repository, a Python-based framework for exploitation and testing of industrial control systems ICS. The framework is similar to Metasploit and is designed to be used for penetration testing and vulnerability assessment of ICS devices. The reposito...

Gitee•added 2021/04/26 8:40 p.m.•2 views

glimmer

This is a Python-based framework called Glimmer, which is a poc proof-of-concept framework for various attacks. The framework is designed to be extensible and allows users to write their own parsers for different protocols and targets. The framework has several dependencies, including rich,...

7.2AI score

Gitee•added 2021/04/15 8:51 p.m.•2 views

pocsuite3

This is a Python package called pocsuite3 that provides a framework for remote vulnerability testing and proof-of-concept development. It is designed to be used by penetration testers and security researchers. The package has a powerful proof-of-concept engine and comes with many features,...

6.7AI score

Gitee•added 2020/11/23 5:32 p.m.•1 views

isf

This repository is an Industrial Exploitation Framework ISF for testing and exploiting industrial control systems ICS. It is a Python-based framework similar to Metasploit. The framework is based on the open-source project routersploit and includes various clients and modules for different ICS...

Gitee•added 2020/11/04 1:54 a.m.•1 views

Pocsuite

This is an offensive tool for penetration testing and vulnerability assessment. It is a Python-based framework called Pocsuite, developed by the Knownsec 404 Team. The tool is designed to perform remote vulnerability testing and proof-of-concept development. The target product/service or framewor...

Gitee•added 2020/11/03 2:9 p.m.•2 views

isf1

This is an offensive tool for Industrial Control Systems ICS exploitation. It is a Python-based framework, similar to Metasploit, designed for ICS exploitation. The framework is called ICSSploit and is a fork of the routersploit project. The tool has various modules for different types of ICS...

7.1AI score

Gitee•added 2020/09/10 9:29 a.m.•3 views

isf

This is an offensive tool for ICS exploitation. It is a Python-based framework for exploiting Industrial Control Systems ICS, similar to Metasploit. The framework, known as ICSSploit, is a fork of the routersploit project and is designed for ICS exploitation. It includes various modules for...