Lucene search
K

7081 matches found

Positive Technologies
Positive Technologies
added 2021/05/14 12:0 a.m.4 views

PT-2021-18307 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: An attacker can cause a denial of service via a FPE runtime error in tf.raw ops.Reverse. This ...

5.5CVSS5.2AI score0.00189EPSS
Exploits1References13
GithubExploit
GithubExploit
added 2021/05/11 6:45 p.m.508 views

Exploit for Code Injection in Exiftool_Project Exiftool

CVE-2021-22204-exiftool Python exploit for the CVE-2021-22204...

7.8CVSS8.1AI score0.99981EPSS
Exploits39
Debian CVE
Debian CVE
added 2021/05/11 4:50 p.m.37 views

CVE-2021-29509

Puma is a concurrent HTTP 1.1 server for Ruby/Rack applications. The fix for CVE-2019-16770 was incomplete. The original fix only protected existing connections that had already been accepted from having their requests starved by greedy persistent-connections saturating all threads in the same...

7.5CVSS7.4AI score0.01599EPSS
Exploits0
OSV
OSV
added 2021/05/11 3:15 p.m.3 views

DEBIAN-CVE-2021-29471

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 "Push rules" can specify conditions under which they will match, including eventmatch, which matches event...

5.3CVSS6.8AI score0.01647EPSS
Exploits0References1
OSV
OSV
added 2021/05/11 3:15 p.m.24 views

PYSEC-2021-135

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 "Push rules" can specify conditions under which they will match, including eventmatch, which matches event...

5.3CVSS1.2AI score0.01647EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/05/11 3:15 p.m.23 views

CVE-2021-29471

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 "Push rules" can specify conditions under which they will match, including eventmatch, which matches event...

5.3CVSS6.8AI score0.01647EPSS
Exploits0References4
PyPA
PyPA
added 2021/05/11 3:15 p.m.6 views

PYSEC-2021-135

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 "Push rules" can specify conditions under which they will match, including eventmatch, which matches event...

5.3CVSS6.8AI score0.01647EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2021/05/11 3:15 p.m.21 views

Design/Logic Flaw

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 "Push rules" can specify conditions under which they will match, including eventmatch, which matches event...

5CVSS5.3AI score0.01647EPSS
Exploits0References4Affected Software2
Debian CVE
Debian CVE
added 2021/05/11 3:5 p.m.25 views

CVE-2021-29471

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 "Push rules" can specify conditions under which they will match, including eventmatch, which matches event...

5.3CVSS5.4AI score0.01647EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/05/11 3:5 p.m.47 views

CVE-2021-29471

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 "Push rules" can specify conditions under which they will match, including eventmatch, which matches event...

5.3CVSS5AI score0.01647EPSS
Exploits0
FreeBSD
FreeBSD
added 2021/05/07 12:0 a.m.41 views

tomcat -- HTTP request smuggling in multiple versions

Bahruz Jabiyev, Steven Sprecher and Kaan Onarlioglu of NEU seclab reports: Apache Tomcat did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: Tomcat incorrectly ignored...

5.3CVSS6.4AI score0.75353EPSS
Exploits1References1
OSV
OSV
added 2021/05/06 1:15 p.m.14 views

CVE-2021-29490

Jellyfin is a free software media system that provides media from a dedicated server to end-user devices via multiple apps. Verions prior to 10.7.3 vulnerable to unauthenticated Server-Side Request Forgery SSRF attacks via the imageUrl parameter. This issue potentially exposes both internal and...

5.8CVSS7AI score
Exploits0References1
Prion
Prion
added 2021/05/06 1:15 p.m.18 views

Server side request forgery (ssrf)

Jellyfin is a free software media system that provides media from a dedicated server to end-user devices via multiple apps. Verions prior to 10.7.3 vulnerable to unauthenticated Server-Side Request Forgery SSRF attacks via the imageUrl parameter. This issue potentially exposes both internal and...

5CVSS5.8AI score0.69856EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/05/05 6:25 p.m.27 views

CVE-2021-29490 Unauthenticated GET requests through Remote Image endpoints

Jellyfin is a free software media system that provides media from a dedicated server to end-user devices via multiple apps. Verions prior to 10.7.3 vulnerable to unauthenticated Server-Side Request Forgery SSRF attacks via the imageUrl parameter. This issue potentially exposes both internal and...

5.8CVSS6AI score0.69856EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/05/04 7:34 p.m.2 views

golang: data race in certain net/http servers including ReverseProxy can lead to DoS

A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability...

5.9CVSS7.3AI score0.02893EPSS
Exploits0References5
Huntr
Huntr
added 2021/05/03 3:53 a.m.20 views

OS Command Injection in sztheory/exifcleaner

✍️ Description Command Injection using XSS via EXIF Data. The application displays the image metadata in HTML format without removing malicious tags, therefore an XSS attack can be performed. bash exiftool -Comment='OverJT' MYIMAGE.png Being an application made in electron, it allows to easily...

1.1AI score0.0434EPSS
Exploits1References2
0day.today
0day.today
added 2021/05/03 12:0 a.m.45 views

Windows/x64 Inject All Processes With Meterpreter Reverse Shell Shellcode (655 bytes)

Shellcode Title: Windows/x64 - Inject All Processes with Meterpreter Reverse Shell 655 Bytes Shellcode Author: Bobby Cooke boku Tested on: Windows 10 v2004 x64 Compiled from: Kali Linux x8664 Shellcode Description: 64bit Windows 10 shellcode that injects all processes with Meterpreter reverse...

0.1AI score
Exploits0
Fedora
Fedora
added 2021/04/30 12:55 a.m.40 views

[SECURITY] Fedora 34 Update: nginx-1.20.0-2.fc34

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

7.8CVSS2.2AI score0.04863EPSS
Exploits6
Fedora
Fedora
added 2021/04/29 12:58 a.m.67 views

[SECURITY] Fedora 33 Update: nginx-1.20.0-2.fc33

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

7.8CVSS2.2AI score0.04863EPSS
Exploits6
Kitploit
Kitploit
added 2021/04/28 9:30 p.m.34 views

PwnLnX - An Advanced Multi-Threaded, Multi-Client Python Reverse Shell For Hacking Linux Systems

An advanced multi-threaded , multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out with the development. Disclaimer : This reverse shell should only be used in the lawful, remote administration of authorized systems. Accessing a comput...

7.8AI score
Exploits0References1
Rows per page
Query Builder