CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2182 matches found

Packet Storm•added 2017/04/26 12:0 a.m.•33 views

Mercurial Custom hg-ssh Wrapper Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Mercurial Custom hg-ssh Wrapper Remote Code Exec", 'Description' = %q This module takes advantage of custom hg-ssh wrapper implementations that...

Exploits0

Tenable Nessus•added 2017/03/31 12:0 a.m.•22 views

Code Injection (Php://input Wrapper)

A modern web application will be reliant on several different programming languages. These languages can be broken up in two flavours. These are client-side languages such as those that run in the browser -- like JavaScript and server-side languages which are executed by the server -- like ASP,...

8.3AI score

Exploits0References1

CNVD•added 2017/03/02 12:0 a.m.•3 views

Local Elevation of Privilege Vulnerability in Multiple Intel Products

Intel Parallel Studio X is a suite of software for improving application performance and big data analytics; Intel Inspector is a suite of tools for dynamically testing applications for memory access errors and thread access errors. Intel Inspector is a set of tools specialized in dynamically...

9.3CVSS6.9AI score0.00973EPSS

Exploits0References1

Cvelist•added 2017/02/28 7:0 p.m.•16 views

CVE-2017-5682

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives,...

7.2AI score0.00973EPSS

Exploits0References2

Intel•added 2017/02/28 12:0 a.m.•26 views

Intel PSET Application Install wrapper contains an escalation of privilege vulnerability.

Summary: Intel PSET Application Install wrapper contains an escalation of privilege vulnerability. Description: Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer a...

7.3AI score

Exploits0

CNVD•added 2017/02/09 12:0 a.m.•3 views

Gradle Arbitrary Code Execution Vulnerability

Gradle is a set of JVM-based project build tools , it supports maven, Ivy repository and so on. A security vulnerability exists in the Object Socket Wrapper.java file in Gradle version 2.12. Remote attackers can exploit the vulnerability to execute arbitrary code with the help of specially crafte...

9.8CVSS9.6AI score0.04674EPSS

Exploits1References1

OSV•added 2017/02/07 3:59 p.m.•4 views

UBUNTU-CVE-2016-6199

ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to execute arbitrary code via a crafted serialized object...

9.8CVSS6.2AI score0.04674EPSS

Exploits1References4

NVD•added 2017/01/12 8:59 p.m.•11 views

CVE-2017-0399

An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitiv...

5.5CVSS4.6AI score0.00458EPSS

Exploits0References3

0day.today•added 2017/01/11 12:0 a.m.•104 views

PHP 7.1.0 and prior open_basedir bypass through glob wrapper Vulnerability

Exploit for php platform in category local exploits ./php -v PHP 7.1.0 cli built: Dec 23 2016 16:08:30 NTS DEBUG Copyright c 1997-2016 The PHP Group Zend Engine v3.1.0-dev, Copyright c 1998-2016 Zend Technologies Test script: --------------- ?php if $dh = opendir$argv1 while $file = readdir$dh !=...

6.8AI score

Exploits0

VulnCheck KEV•added 2017/01/09 12:0 a.m.•5 views

VulnCheck KEV: CVE-2013-1670

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote...

4.3CVSS6.8AI score0.10981EPSS

Exploits4References1

Kitploit•added 2016/12/12 2:11 p.m.•49 views

FileBuster - An Extremely Fast And Flexible Web Fuzzer

An extremely fast and flexible web fuzzer. Why another fuzzer? My main motivation was to write a script that would allow me to fuzz a website based on a dictionary but that allowed me to filter words on that dictionary based on regex patterns. This necessity came from the frustration of trying to...

6.9AI score

Exploits0References3

OSV•added 2016/12/11 2:59 a.m.•1 views

DEBIAN-CVE-2016-9853

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

5.3CVSS5.6AI score0.02542EPSS

Exploits0References1

OSV•added 2016/12/11 2:59 a.m.•31 views

CVE-2016-9853

5.3CVSS7AI score

Exploits0References3

OSV•added 2016/12/11 2:59 a.m.•7 views

CVE-2016-9852

5.3CVSS9.4AI score

Exploits0References3

OSV•added 2016/12/11 2:59 a.m.•4 views

DEBIAN-CVE-2016-9852