Lucene search
K

11234 matches found

OpenVAS
OpenVAS
added 2023/03/15 12:0 a.m.30 views

Adobe Photoshop Multiple RCE Vulnerabilities (APSB23-11) - Windows

Adobe Photoshop is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS7.2AI score0.00326EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/03/15 12:0 a.m.17 views

Adobe Photoshop RCE Vulnerability (APSB23-23)- Mac OS X

Adobe Photoshop is prone to a high-risk vulnerability that can lead to remote code execution RCE. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

7.8CVSS8AI score0.00463EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/03/15 12:0 a.m.36 views

Adobe Photoshop Multiple RCE Vulnerabilities (APSB23-11) - Mac OS X

Adobe Photoshop is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS7.2AI score0.00326EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2023/03/14 11:46 p.m.206 views

Patch Tuesday - March 2023

Microsoft is offering fixes for 101 security issues for March 2023 Patch Tuesday, including two zero-day vulnerabilities; the most interesting of the two zero-day vulnerabilities is a flaw in Outlook which allows an attacker to authenticate against arbitrary remote resources as another user...

5CVSS0.4AI score0.97408EPSS
Exploits40
GithubExploit
GithubExploit
added 2023/03/14 6:49 p.m.573 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Proof of Concept for Log4j CVE-2021-44228 Disclaimer Th...

10CVSS9.4AI score0.99999EPSS
Exploits347
NVD
NVD
added 2023/03/14 5:15 p.m.22 views

CVE-2023-24867

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability...

8.8CVSS9.4AI score0.01289EPSS
Exploits0References1
NVD
NVD
added 2023/03/14 5:15 p.m.16 views

CVE-2023-23403

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability...

8.8CVSS9.4AI score0.01289EPSS
Exploits0References1
CVE
CVE
added 2023/03/14 4:55 p.m.146 views

CVE-2023-24907

CVE-2023-24907 describes a remote code execution vulnerability in the Microsoft PostScript and PCL6 Class Printer Driver . The CVE entry (as per NVD) has a CVSS 3.1 base score of 8.8 (High) with vectors: AV:N, AC:L, PR:L, UI:N, S:U, C:H, I:H, A:H, indicating network attack with no user interactio...

8.8CVSS8.8AI score0.01289EPSS
Exploits0References1Affected Software12
CVE
CVE
added 2023/03/14 4:55 p.m.153 views

CVE-2023-24867

The CVE, CVE-2023-24867, is described in connected sources as a remote code execution vulnerability in Microsoft’s PostScript and PCL6 Class Printer Driver. CNVD-2023-28103 explicitly notes a remote code execution flaw in the Microsoft PostScript Printer Driver; NVD/NIST entries corroborate the v...

8.8CVSS8.8AI score0.01289EPSS
Exploits0References1Affected Software12
CVE
CVE
added 2023/03/14 4:55 p.m.159 views

CVE-2023-23413

Technical details about CVE-2023-23413 (affected product, root cause, versions, exploitability) are not provided in the connected documents. Public details are limited to the initial description; monitor for updates.

8.8CVSS8.8AI score0.01289EPSS
Exploits0References1Affected Software12
CVE
CVE
added 2023/03/14 4:55 p.m.159 views

CVE-2023-23407

CVE-2023-23407 : Windows PPPoE remote code execution affecting the PPPoE stack. According to the CVE record, the vulnerability enables total impact on confidentiality, integrity, and availability (CVSS 3.1: 7.1, HIGH). Exploitation is classified as adjacent network access with high complexity and...

7.1CVSS7.2AI score0.00394EPSS
Exploits0References1Affected Software13
Cvelist
Cvelist
added 2023/03/14 4:55 p.m.27 views

CVE-2023-23403 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

...

8.8CVSS9.4AI score0.01289EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2023/03/13 1:28 p.m.411 views

Exploit for Code Injection in Vmware Spring_Cloud_Function

CVE-2022-22963: Spring4Shell RCE Exploit This is a python im...

9.8CVSS9.6AI score0.99939EPSS
Exploits36
Tenable Nessus
Tenable Nessus
added 2023/03/13 12:0 a.m.33 views

NETGEAR WNR2000 RCE (PSV-2016-0261)

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. This vulnerability can only be exploited when an...

9.8CVSS9.5AI score0.42696EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2023/03/11 3:31 p.m.364 views

Exploit for CVE-2021-3129

CVE-2021-3129 Laravel RCE CVE-2021-3129 Vulnerability O...

9.8CVSS7.5AI score0.99943EPSS
Exploits36
Rapid7 Blog
Rapid7 Blog
added 2023/03/10 7:0 p.m.55 views

Metasploit Weekly Wrap-Up

Wowza, a new credential gatherer and login scanner! This week Metasploit Framework gained a credential gatherer for Wowza Streaming Engine Manager. Credentials for this application are stored in a file named admin.password in a known location and the file is readable by default by BUILTIN\Users o...

5CVSS9.5AI score0.80274EPSS
Exploits8
0day.today
0day.today
added 2023/03/10 12:0 a.m.642 views

SugarCRM 12.x Remote Code Execution / Shell Upload Exploit

This Metasploit module exploits CVE-2023-22952, a remote code execution vulnerability in SugarCRM 11.0 Enterprise, Professional, Sell, Serve, and Ultimate versions prior to 11.0.5 and SugarCRM 12.0 Enterprise, Sell, and Serve versions prior to 12.0.2. This module requires Metasploit:...

8.8CVSS9AI score0.80274EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2023/03/10 12:0 a.m.48 views

Apache Spark <= 3.0.3 / 3.1.1 < 3.1.3 / 3.2.x < 3.2.1 RCE (CVE-2022-33891)

Binary data apachesparkcve-2022-33891.nbin...

8.8CVSS8.9AI score0.92984EPSS
Exploits12References4
Tenable Nessus
Tenable Nessus
added 2023/03/10 12:0 a.m.54 views

Apache Spark < 2.4.6 RCE (CVE-2020-9480)

In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication spark.authenticate via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even...

9.8CVSS7.7AI score0.29157EPSS
Exploits0References2
Huntr
Huntr
added 2023/03/09 8:52 a.m.25 views

File Upload Bypass Leads to Remote Code Execution (RCE)

Description There is no extension checks during file upload. Attacker may upload file to execute malicious code in the server. Proof of Concept Step 1: Create a file with the content below and save it as evil.php " Step 2: Login to the Cockpit web server Step 3: Go to assets Step 4: Upload Assets...

6.5CVSS8.7AI score0.00987EPSS
Exploits1
Rows per page
Query Builder