CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1802 matches found

OSV•added 2024/12/03 6:3 p.m.•2 views

MAL-2024-12275 Malicious code in genz-translator (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 983b5b328e433d81113b3e170f313aba83ae5eff0ecd515fc9865ca3a5be1ee9 Installing the package installs a reverse shell. As the mentioned domain doesn't seem to exist, it may be a test designed for an internal usage --- Category:...

7.5AI score

Exploits0References1

GithubExploit•added 2024/12/03 1:56 p.m.•421 views

Exploit for Improper Restriction of XML External Entity Reference in Wordpress

POC CVE-2021029447 - XXE in WordPress WordPress 5.6-5.7 - Au...

7.1CVSS6.5AI score0.90782EPSS

Exploits20

GithubExploit•added 2024/12/03 11:13 a.m.•260 views

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831 Exploit Proof-of-Concept Overview This rep...

7.8CVSS7AI score0.93878EPSS

Exploits49

OSV•added 2024/11/29 10:8 p.m.•3 views

MAL-2024-12314 Malicious code in nirohf-reverse-shell (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c2b0a9ce248bca096b5109a73b943559cabbd6f77433d4a64cd1c804f7ec88df Installing starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

7.5AI score

Exploits0References1

OSSF Malicious Packages•added 2024/11/29 10:8 p.m.•3 views

Malicious code in nirohf-reverse-shell (PyPI)

7.6AI score

Exploits0References1

GithubExploit•added 2024/11/24 5:39 p.m.•367 views

Exploit for Cross-site Scripting in Wondercms

CVE-2023-41425-WonderCMS-Authenticated-RCE Description Won...

6.1CVSS6.2AI score0.91079EPSS

Exploits16

OSV•added 2024/11/11 11:15 p.m.•0 views

UBUNTU-CVE-2024-50636

PyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of arbitrary Python code embedded within .PYM files. Attackers can craft a malicious .PYM file containing a Python reverse shell payload and exploit the function to achieve Remote Command Execution RCE...

9.8CVSS6.2AI score0.06957EPSS

Exploits0References5

Vulnrichment•added 2024/11/11 12:0 a.m.•5 views

CVE-2024-50636

8AI score0.06957EPSS

Exploits0References3

GithubExploit•added 2024/11/07 3:28 a.m.•493 views

Exploit for CVE-2023-6553

CVE-2023-6553 Exploit Development for CVE-2023-6553 on Backup...

9.8CVSS9.8AI score0.93531EPSS

Exploits14

Talos Blog•added 2024/10/30 10:0 a.m.•10 views

Writing a BugSleep C2 server and detecting its traffic with Snort

In June 2024, security researchers published their analysis of a novel implant dubbed "MuddyRot"aka "BugSleep". This remote access tool RAT gives operators reverse shell and file input/output I/O capabilities on a victim's endpoint using a bespoke command and control C2 protocol. This blog will...

8.1AI score

Exploits0

0day.today•added 2024/10/30 12:0 a.m.•812 views

Xerox Printers Authenticated Remote Code Execution Vulnerability

Various Xerox printers, such as models EC80xx, AltaLink, VersaLink, and WorkCentre, suffer from an authenticated remote code execution vulnerability. ======================================================================= title: Authenticated Remote Code Execution product: Multiple Xerox printers...

7.2CVSS7.9AI score0.03669EPSS

Exploits2

OSV•added 2024/10/28 12:23 p.m.•12 views

GHSA-W7HQ-F2PJ-C53G pyLoad vulnerable to remote code execution by download to /.pyload/scripts using /flashgot API

Summary The folder /.pyload/scripts has scripts which are run when certain actions are completed, for e.g. a download is finished. By downloading a executable file to a folder in /scripts and performing the respective action, remote code execution can be achieved. A file can be downloaded to such...

9.4CVSS9.5AI score0.01807EPSS

Exploits1References5