Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Rapid7 Blog
Rapid7 Blogadded 2023/01/12 2:20 p.m.69 views

Recog Release v3.0.3

Recog Release v3.0.3, which is available now, includes updated fingerprints for Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus; Atlassian Bitbucket Server; and Supervisord Supervisor. It also includes new fingerprints and a number of bug fixes, all of which are detailed...

0.1AI score0.9994EPSS
Exploits29
Metasploit
Metasploitadded 2022/09/19 7:51 p.m.193 views

MimiPenguin

This searches process memory for needles that indicate where cleartext passwords may be located. If any needles are discovered in the target process memory, collected strings in adjacent memory will be hashed and compared with password hashes found in /etc/shadow. Module Options msf use...

7.8CVSS8AI score0.01495EPSS
Exploits1
Metasploit
Metasploitadded 2022/03/10 5:42 p.m.24 views

Windows Encrypted Reverse Shell

Connect back to attacker and spawn an encrypted command shell Module Options msf use payload/windows/x64/encryptedshellreversetcp msf payloadencryptedshellreversetcp show actions ...actions... msf payloadencryptedshellreversetcp set ACTION msf payloadencryptedshellreversetcp show options ...show...

5.9AI score
Exploits0
0day.today
0day.todayadded 2020/09/22 12:0 a.m.58 views

Jenkins 2.56 CLI Deserialization / Code Execution Exploit

An unauthenticated Java object deserialization vulnerability exists in the CLI component for Jenkins versions 2.56 and below. The readFrom method within the Command class in the Jenkins CLI remoting component deserializes objects received from clients without first checking / sanitizing the data...

4.5CVSS0.3AI score0.99686EPSS
Exploits46
Exploit DB
Exploit DBadded 2020/02/10 12:0 a.m.255 views

Ricoh Driver - Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/exe' class MetasploitModule 'Ricoh Driver Privilege Escalation', 'Description' = %q Various Ricoh printer drivers allow escalation of privilege...

7.8CVSS7.8AI score0.04566EPSS
Exploits8
Exploit DB
Exploit DBadded 2019/09/10 12:0 a.m.322 views

LibreNMS - Collectd Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreNMS Collectd Command Injection', 'Description' = %q This module exploits a command injection vulnerability in the Collectd graphing...

7.2CVSS7.4AI score0.80662EPSS
Exploits5
Metasploit
Metasploitadded 2019/08/12 8:22 p.m.42 views

LibreNMS Collectd Command Injection

This module exploits a command injection vulnerability in the Collectd graphing functionality in LibreNMS. The to and from parameters used to define the range for a graph are sanitized using the mysqliescaperealstring function, which permits backticks. These parameters are used as part of a shell...

7.2CVSS0.6AI score0.80662EPSS
Exploits5
Exploit DB
Exploit DBadded 2019/07/16 12:0 a.m.3710 views

Microsoft Windows 10 < build 17763 - AppXSvc Hard Link Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AppXSvc Hard Link Privilege Escalation', 'Description' = %q There exists a privilege escalation vulnerability for Windows 10 builds prior to buil...

7.8CVSS6.9AI score0.41667EPSS
Exploits19
Rows per page
Query Builder