CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

123 matches found

Metasploit•added 2026/04/02 7:2 p.m.•126 views

HTTPS Fetch, Windows Reverse HTTP Stager (winhttp)

Fetch and execute an x86 payload from an HTTPS server. Tunnel communication over HTTP Windows winhttp Module Options msf use payload/cmd/windows/https/x86/dllinject/reversewinhttp msf payloadreversewinhttp show actions ...actions... msf payloadreversewinhttp set ACTION msf payloadreversewinhttp...

5.9AI score

Exploits0

Metasploit•added 2026/04/02 7:2 p.m.•123 views

HTTPS Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an HTTPS server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/https/x86/peinject/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf payloadbindipv6tcpuuid set ACTION msf...

5.9AI score

Exploits0

Metasploit•added 2026/04/02 7:2 p.m.•119 views

HTTPS Fetch, Windows Reverse HTTPS Stager (wininet)

Fetch and execute an x86 payload from an HTTPS server. Tunnel communication over HTTPS Windows wininet Module Options msf use payload/cmd/windows/https/x86/meterpreter/reversehttps msf payloadreversehttps show actions ...actions... msf payloadreversehttps set ACTION msf payloadreversehttps show...

5.9AI score

Exploits0

Metasploit•added 2026/04/02 7:2 p.m.•129 views

HTTPS Fetch, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/https/x86/meterpreter/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show...

5.9AI score

Exploits0

Metasploit•added 2026/04/02 7:2 p.m.•124 views

HTTPS Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/patchupdllinject/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf payloadreversetcprc4dns show...

5.9AI score

Exploits0

Metasploit•added 2026/04/02 7:2 p.m.•123 views

HTTPS Fetch, Find Tag Ordinal Stager

Fetch and execute an x86 payload from an HTTPS server. Use an established connection Module Options msf use payload/cmd/windows/https/x86/patchupdllinject/findtag msf payloadfindtag show actions ...actions... msf payloadfindtag set ACTION msf payloadfindtag show options ...show and set options...

5.9AI score

Exploits0

Metasploit•added 2026/04/02 7:2 p.m.•170 views

HTTPS Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an HTTPS server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/https/x86/meterpreter/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf payloadbindipv6tcpuuid set ACTION msf...

5.9AI score

Exploits0

Metasploit•added 2026/04/02 7:2 p.m.•166 views

HTTPS Fetch, Windows shellcode stage, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/custom/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf...

5.9AI score

Exploits0

OSV•added 2026/03/05 4:23 p.m.•1 views

CVE-2026-27023 Twenty: SSRF protection bypass via HTTP redirect following in secure HTTP client

Twenty is an open source CRM. Prior to version 1.18, the SSRF protection in SecureHttpClientService validated request URLs at the request level but did not validate redirect targets. An authenticated user who could control outbound request URLs e.g., webhook endpoints, image URLs could bypass...

5CVSS5.7AI score0.00042EPSS

Exploits0References4

Cvelist•added 2026/03/05 4:23 p.m.•26 views

CVE-2026-27023 Twenty: SSRF protection bypass via HTTP redirect following in secure HTTP client

5CVSS0.00042EPSS

Exploits0References2

Metasploit•added 2026/01/14 6:54 p.m.•285 views

HTTPS Fetch, Linux Chmod

Fetch and execute an ARMLE payload from an HTTPS server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/https/armle/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and set options...

5.8AI score

Exploits0

Snyk•added 2026/01/08 4:41 p.m.•1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of resource-limiting controls in the gRPC, HTTPS, and HTTP3 server implementations. An attacker can exhaust memory and cause the server to degrade or crash by opening...

8.7CVSS6.8AI score0.00112EPSS

Exploits0References2

Vulnrichment•added 2026/01/08 3:33 p.m.•2 views

CVE-2025-68151 CoreDNS gRPC/HTTPS/HTTP3 servers lack resource limits, enabling DoS via unbounded connections and oversized messages

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.0, multiple CoreDNS server implementations gRPC, HTTPS, and HTTP/3 lack critical resource-limiting controls. An unauthenticated remote attacker can exhaust memory and degrade or crash the server by opening many concurrent...

8.7CVSS6.8AI score0.00112EPSS

Exploits0References3

Metasploit•added 2026/01/05 6:59 p.m.•282 views

HTTPS Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an RISC-V 32-bit payload from an HTTPS server. Connect back to attacker and spawn a command shell. Module Options msf use payload/cmd/linux/https/riscv32le/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf...

5.8AI score

Exploits0

Metasploit•added 2026/01/05 6:59 p.m.•263 views

HTTPS Fetch, Linux Execute Command

Fetch and execute an RISC-V 64-bit payload from an HTTPS server. Execute an arbitrary command Module Options msf use payload/cmd/linux/https/riscv64le/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf payloadexec...

5.9AI score

Exploits0

Metasploit•added 2026/01/05 6:59 p.m.•269 views

HTTPS Fetch, Linux Chmod

Fetch and execute an RISC-V 64-bit payload from an HTTPS server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/https/riscv64le/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and s...

5.8AI score

Exploits0

Metasploit•added 2025/12/09 6:55 p.m.•359 views

HTTPS Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an MIPSLE payload from an HTTPS server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/https/ppc/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...

5.8AI score

Exploits0

Metasploit•added 2025/12/09 6:55 p.m.•423 views

HTTPS Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an MIPSLE payload from an HTTPS server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/https/ppc/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sh...

5.8AI score

Exploits0