Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Hacker One
Hacker Oneadded 2019/07/27 6:2 p.m.36 views

Node.js third-party modules: Command Injection vulnerability in kill-port-process package

I would like to report a command injection vulnerability in the kill-port-process package. It allows an attacker to inject arbitrary commands. Module module name: kill-port-process version: 1.1.0 npm page: https://www.npmjs.com/package/kill-port-process Module Stats 0 downloads in the last day 13...

10CVSS1.3AI score0.05001EPSS
Exploits1
Prion
Prionadded 2018/06/26 4:29 p.m.9 views

Cross site scripting

Medis version 0.6.1 and earlier contains a XSS vulnerability evolving into code execution due to enabled nodeIntegration for the renderer process vulnerability in Key name parameter on new key creation that can result in Unauthorized code execution in the victim's machine, within the rights of th...

4.3CVSS6.4AI score0.00427EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2018/06/01 5:29 p.m.14 views

CVE-2018-3746

The pdfinfojs NPM module versions = 0.3.6 has a command injection vulnerability that allows an attacker to execute arbitrary commands on the victim's machine...

10CVSS9.9AI score0.0386EPSS
Exploits1References1
Kitploit
Kitploitadded 2017/11/24 1:12 p.m.16 views

DBC2 (DropboxC2) - A Modular Post-Exploitation Tool, Composed Of An Agent Running On The Victim'S Machine

DBC2 DropboxC2 is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any machine, powershell modules, and Dropbox servers as a means of communication. This project was initially inspired by the fantastic Empire framework, but also as an...

7.9AI score
Exploits0References1
Metasploit
Metasploitadded 2012/03/29 9:24 p.m.34 views

OS X Gather Colloquy Enumeration

This module will collect Colloquy's info plist file and chat logs from the victim's machine. There are three actions you may choose: INFO, CHATS, and ALL. Please note that the CHAT action may take a long time depending on the victim machine, therefore we suggest to set the regex 'PATTERN' option ...

7.1AI score
Exploits0
Metasploit
Metasploitadded 2012/03/17 5:22 a.m.48 views

OS X Gather Adium Enumeration

This module will collect Adium's account plist files and chat logs from the victim's machine. There are three different actions you may choose: ACCOUNTS, CHATS, and ALL. Note that to use the 'CHATS' action, make sure you set the regex 'PATTERN' option in order to look for certain log names which...

7.2AI score
Exploits0
Check Point Advisories
Check Point Advisoriesadded 2009/07/15 12:0 a.m.1 views

Trickler: Trojan.Downloader.Delf.RGL

Trojan.Downloader.Delf.RGL is a Trickler that downloads and installs malicious files and unwanted content from remote servers onto the victim's machine without their consent...

7AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2005/06/13 12:28 p.m.24 views

Moderate: Red Hat Security Advisory: gedit security update

An updated gedit package that fixes a file name format string vulnerability is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team gEdit is a small text editor designed specifically for the GNOME GUI desktop. A file name format string...

2.6CVSS5.8AI score0.02383EPSS
Exploits0References2
Rows per page
Query Builder