Lucene search
K

67 matches found

OSV
OSV
added 2022/09/28 12:0 a.m.27 views

CVE-2022-39249 Matrix Javascript SDK vulnerable to impersonation via forwarded Megolm sessions

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be...

7.5CVSS8.3AI score0.00946EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2022/03/03 7:2 p.m.34 views

Twisted SSH client and server deny of service during SSH handshake.

Impact The Twisted SSH client and server implementation naively accepted an infinite amount of data for the peer's SSH version identifier. A malicious peer can trivially craft a request that uses all available memory and crash the server, resulting in denial of service. The attack is as simple as...

7.5CVSS0.2AI score0.03608EPSS
Exploits1References15Affected Software1
Packet Storm
Packet Storm
added 2022/02/28 12:0 a.m.304 views

Axis IP Camera Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Axis IP Camera Application Upload', 'Description' = %q This module exploits the "Apps" feature in Axis IP cameras. The feature allows third party...

0.5AI score
Exploits0
Metasploit
Metasploit
added 2022/02/26 5:42 p.m.139 views

Axis IP Camera Application Upload

This module exploits the "Apps" feature in Axis IP cameras. The feature allows third party developers to upload and execute 'eap' applications on the device. The system does not validate the application comes from a trusted source, so a malicious attacker can upload and execute arbitrary code. Th...

7.5AI score
Exploits0
ICS
ICS
added 2021/11/09 12:0 a.m.76 views

Schneider Electric GUIcon

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: GUIcon Vulnerabilities: Out-of-bounds Write, Use After Free, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker to execute arbitrary...

7.8CVSS7.7AI score0.00855EPSS
Exploits0References2
CNVD
CNVD
added 2021/10/13 12:0 a.m.24 views

Apache OpenOffice Data Forgery Issue Vulnerability

Apache OpenOffice is an open source office software suite from the Apache Apache Foundation. The suite contains text documents, spreadsheets, presentations, drawings, databases, etc. Apache OpenOffice is vulnerable to a data forgery issue in versions prior to 4.1.10, which stems from a networked...

7.5CVSS2.4AI score0.01346EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/10/11 8:10 a.m.24 views

CVE-2021-41830 Double Certificate Attack

It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory...

7.6AI score0.01346EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/11 12:0 a.m.4 views

Apache OpenOffice 数据伪造问题漏洞

Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents , spreadsheets , presentations , drawings , databases and so on. Versions of Apache OpenOffice prior to 4.1.10 contain a data forgery issue vulnerability that can be...

7.5CVSS7.6AI score0.013EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2021/08/30 4:11 p.m.66 views

Cachet vulnerable to forced reinstall

Impact Authenticated users, regardless of their privileges User or Admin, can trick Cachet and install the instance again, leading to arbitrary code execution on the server. Patches This issue was addressed by improving the middleware ReadyForUse, which now performs a stricter validation of the...

8.8CVSS8.8AI score0.02362EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2021/08/28 12:15 a.m.35 views

CVE-2021-39174

Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges User or Admin, can leak the value of any configuration entry of the dotenv file, e.g. the application secret APPKEY and various passwords email, database, etc. This issue was...

8.8CVSS0.03894EPSS
Exploits2References3
Prion
Prion
added 2021/08/28 12:15 a.m.25 views

Default configuration

Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges User or Admin, can leak the value of any configuration entry of the dotenv file, e.g. the application secret APPKEY and various passwords email, database, etc. This issue was...

6.5CVSS8.4AI score0.03894EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2021/08/27 11:15 p.m.39 views

CVE-2021-39172

Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges User or Admin, can exploit a new line injection in the configuration edition feature e.g. mail settings and gain arbitrary code execution on the server. This issue was addresse...

8.8CVSS0.29172EPSS
Exploits2References3
OSV
OSV
added 2021/08/27 11:15 p.m.18 views

CVE-2021-39172

Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges User or Admin, can exploit a new line injection in the configuration edition feature e.g. mail settings and gain arbitrary code execution on the server. This issue was addresse...

8.8CVSS9AI score
Exploits0References3
Prion
Prion
added 2021/08/27 11:15 p.m.23 views

Design/Logic Flaw

Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges User or Admin, can exploit a new line injection in the configuration edition feature e.g. mail settings and gain arbitrary code execution on the server. This issue was addresse...

6.5CVSS9AI score0.29172EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2021/08/27 11:0 p.m.39 views

CVE-2021-39173 Forced reinstall

Cachet is an open source status page system. Prior to version 2.5.1 authenticated users, regardless of their privileges User or Admin, can trick Cachet and install the instance again, leading to arbitrary code execution on the server. This issue was addressed in version 2.5.1 by improving the...

8.8CVSS9AI score0.02362EPSS
Exploits1References3
Huntr
Huntr
added 2021/08/10 8:50 a.m.14 views

Cross-site Scripting (XSS) - Reflected in erudika/scoold

✍️ Description It occurs when a malicious script is injected directly into a vulnerable web application. Reflected XSS involves the reflecting of a malicious script off of a web application, onto a user's browser. 🕵️‍♂️ Proof of Concept...

0.7AI score
Exploits0References1
Qualys Blog
Qualys Blog
added 2021/05/24 2:4 p.m.123 views

Reinforce Defense with File Reputation and Trusted Source Intelligence in Qualys FIM

Monitoring change events in the file system is both a crucial aspect of security and a critical compliance requirement. A file integrity monitoring tool functions as an essential layer of defense to identify illicit activities across critical system files and registries, diagnose changes, and sen...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2020/01/15 8:47 p.m.88 views

Podcast: NSA Reports Major Crypto-Spoofing Bug to Microsoft

A major Microsoft crypto-spoofing bug impacting Windows 10 made waves this Patch Tuesday, particularly as the flaw was found and reported by the U.S. National Security Agency NSA. Microsoft’s January Patch Tuesday security bulletin disclosed the “important”-severity vulnerability, which could all...

0.2AI score0.0552EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2019/10/01 10:26 a.m.138 views

Exploit for XML Injection (aka Blind XPath Injection) in Nsa Ghidra

CVE-2019-16941 Proof-of-Concept: The vulnerability requires...

9.8CVSS9.4AI score0.05133EPSS
Exploits2
Veracode
Veracode
added 2017/04/11 3:14 a.m.8 views

Arbitrary Command Execution

Salt is vulnerable to command execution. If the pillar content given to cmd.run is not coming from a trusted source, attackers could execute commands on command line...

7.2AI score
Exploits0
Rows per page
Query Builder