Lucene search
K

11233 matches found

NVD
NVD
added 2023/04/10 8:15 a.m.12 views

CVE-2023-27603

In Apache Linkis =1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability. We recommend users upgrade the version of Linkis to version 1.3.2...

9.8CVSS9.5AI score0.01808EPSS
Exploits0References2
Prion
Prion
added 2023/04/10 8:15 a.m.16 views

Design/Logic Flaw

In Apache Linkis =1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability. We recommend users upgrade the version of Linkis to version 1.3.2...

7.5CVSS9.4AI score0.01808EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2023/04/10 8:1 a.m.38 views

Remote Code Execution (RCE)

net.sourceforge.htmlunit:htmlunit is vulnerable to Remote Code Execution RCE. The vulnerability exists in the transform function in XSLTProcessor.java, which allows an attacker to upload and execute malicious code on the system...

9.8CVSS9.5AI score0.02513EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/10 7:36 a.m.10 views

CVE-2023-27603 Apache Linkis Mangaer module engineConn material upload exists Zip Slip issue

In Apache Linkis =1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability. We recommend users upgrade the version of Linkis to version 1.3.2...

7.2AI score0.01808EPSS
Exploits0References2
CVE
CVE
added 2023/04/10 7:36 a.m.63 views

CVE-2023-27603

CVE-2023-27603 affects Apache Linkis

9.8CVSS9.5AI score0.01808EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/04/10 7:36 a.m.15 views

CVE-2023-27603 Apache Linkis Mangaer module engineConn material upload exists Zip Slip issue

In Apache Linkis =1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability. We recommend users upgrade the version of Linkis to version 1.3.2...

9.7AI score0.01808EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2023/04/10 12:0 a.m.273 views

IBM Aspera Faspex 4.4.1 YAML Deserialization

Exploit Title: IBM Aspera Faspex 4.4.1 - YAML deserialization RCE Date: 02/02/2023 Exploit Author: Maurice Lambert Vendor Homepage: https://www.ibm.com/ Software Link: https://www.ibm.com/docs/en/aspera-faspex/5.0?topic=welcome-faspex Version: 4.4.1 Tested on: Linux CVE : CVE-2022-47986 """ This...

9.8CVSS9.4AI score0.99968EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/04/10 12:0 a.m.299 views

Microsoft Excel 365 MSO 2302 Build 16.0.16130.20186 Remote Code Execution

Title: Microsoft Excel RCE Vulnerability / Microsoft®365 MSO Version 2302 Build 16.0.16130.20186 64-bit Author: nu11secur1ty Date: 03.16.2023 Vendor: https://www.microsoft.com/en-us/microsoft-365/excel Software: https://www.microsoft.com/en-us/microsoft-365/excel Reference:...

7.8CVSS7.8AI score0.02532EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/04/10 12:0 a.m.276 views

Online Computer and Laptop Store 1.0 - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Online Computer and Laptop Store 1.0 - Remote Code Execution RCE Date: 09/04/2023 Exploit Author: Matisse Beckandt Backendt Vendor Homepage:...

9.8CVSS9.7AI score0.04353EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.448 views

Microsoft Excel 365 MSO (Version 2302 Build 16.0.16130.20186) 64-bit - Remote Code Execution (RCE)

Exploit Title: Microsoft Excel 365 MSO Version 2302 Build 16.0.16130.20186 64-bit - Remote Code Execution RCE Exploit Author: nu11secur1ty Date: 03.16.2023 Vendor: https://www.microsoft.com/en-us/microsoft-365/excel Software: https://www.microsoft.com/en-us/microsoft-365/excel Reference:...

7.8CVSS7.8AI score0.02532EPSS
Exploits3
0day.today
0day.today
added 2023/04/08 12:0 a.m.227 views

Microsoft Excel 365 MSO (v 2302 Build 16.0.16130.20186) 64-bit - Remote Code Execution Vulnerability

Exploit Title: Microsoft Excel 365 MSO Version 2302 Build 16.0.16130.20186 64-bit - Remote Code Execution RCE Exploit Author: nu11secur1ty Date: 03.16.2023 Vendor: https://www.microsoft.com/en-us/microsoft-365/excel Software: https://www.microsoft.com/en-us/microsoft-365/excel Reference:...

7.8CVSS7.8AI score0.02532EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.325 views

Goanywhere Encryption helper 7.1.1 - Remote Code Execution (RCE)

// Exploit Title: Goanywhere Encryption helper 7.1.1 - Remote Code Execution RCE // Google Dork: title:"GoAnywhere" // Date: 3/26/2023 // Exploit Author: Youssef Muhammad // Vendor Homepage: https://www.goanywhere.com/ // Software Link:...

7.2CVSS7.4AI score0.99999EPSS
Exploits12
NVD
NVD
added 2023/04/07 3:15 a.m.12 views

CVE-2023-26817

codefever before 2023.2.7-commit-b1c2e7f was discovered to contain a remote code execution RCE vulnerability via the component /controllers/api/user.php...

8.8CVSS9.1AI score0.01502EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/04/07 12:0 a.m.18 views

CVE-2023-26817

codefever before 2023.2.7-commit-b1c2e7f was discovered to contain a remote code execution RCE vulnerability via the component /controllers/api/user.php...

9.3AI score0.01502EPSS
Exploits1References1
CVE
CVE
added 2023/04/07 12:0 a.m.50 views

CVE-2023-26817

CVE-2023-26817 concerns CodeFever before 2023.2.7-commit-b1c2e7f, with a remote code execution flaw in the component /controllers/api/user.php. Multiple connected sources corroborate the RCE in this version range and cite a high impact (CVSS 3.1: 8.8, HIGH) with NETWORK attack vector and LOW priv...

8.8CVSS9.4AI score0.01502EPSS
Exploits1References1Affected Software1
GithubExploit
GithubExploit
added 2023/04/06 3:40 a.m.436 views

Exploit for Deserialization of Untrusted Data in Fortra Goanywhere_Managed_File_Transfer

This exploit is a Python script designed to exploit the CVE-2023...

7.2CVSS7.8AI score0.99999EPSS
Exploits12
CVE
CVE
added 2023/04/06 12:0 a.m.48 views

CVE-2023-29475

The CVE-2023-29475 vulnerability affects Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform versions 10 R1 through 10 R1.34.3. An unauthenticated attacker can execute arbitrary commands on the platform OS and obtain administrative access (OSFOURK-23543). Affected versions requ...

9.8CVSS9.5AI score0.00899EPSS
Exploits0References2Affected Software2
0day.today
0day.today
added 2023/04/06 12:0 a.m.203 views

atrocore 1.5.25 User interaction - Unauthenticated File upload Vulnerability

Exploit Title: atrocore 1.5.25 User interaction - Unauthenticated File upload - RCE Author: nu11secur1ty Vendor: https://atropim.com/ Software: https://github.com/atrocore/atrocore/releases/tag/1.5.25 Reference: https://portswigger.net/web-security/file-upload Description: The Create Import Feed...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.287 views

Froxlor 2.0.3 Stable Remote Code Execution

!/usr/bin/python3 Exploit Title: Froxlor 2.0.3 Stable - Remote Code Execution RCE Date: 2023-01-08 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2023-0315 Vendor Homepage: https://froxlor.org/ Version: v2.0.3 Tested on: Ubuntu 20.04 / PHP 8.2 import telnetlib import requests import socket import...

8.8CVSS8.7AI score0.97653EPSS
Exploits8
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.314 views

Dompdf 1.2.1 Remote Code Execution

!/usr/bin/python3 Exploit Title: Dompdf 1.2.1 - Remote Code Execution RCE Date: 16 February 2023 Exploit Author: Ravindu Wickramasinghe @rvizx9 Vendor Homepage: https://dompdf.github.io/ Software Link: https://github.com/dompdf/dompdf Version: 1.2.1 Tested on: Kali linux CVE : CVE-2022-28368 Gith...

9.8CVSS9.4AI score0.82438EPSS
Exploits8
Rows per page
Query Builder