Lucene search
K
AttackerkbMost viewed

74386 matches found

ATTACKERKB
ATTACKERKB
added 2010/12/06 12:0 a.m.429 views

CVE-2010-4478

OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a...

7.5CVSS5.5AI score0.08076EPSS
Exploits2References8
ATTACKERKB
ATTACKERKB
added 2018/08/28 12:0 a.m.424 views

CVE-2018-15919

Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states ‘We understand that the OpenSSH developers do not want to treat such a username enumeration or...

5.3CVSS5.4AI score0.03557EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2018/03/26 12:0 a.m.423 views

CVE-2017-15715

In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match ‘$’ to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the...

8.1CVSS7.5AI score0.86006EPSS
Exploits0References31
ATTACKERKB
ATTACKERKB
added 2023/10/13 12:0 a.m.418 views

CVE-2023-39999

Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4...

4.3CVSS4.8AI score0.01045EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2021/09/07 12:0 a.m.418 views

SURMS - PHP (by: oretnom23 ) v1.0 SQL-Injection-Bypass-Authentication and PWNED PHPSESSID Hijacking

The SURMS – PHP by: oretnom23 v1.0 is vulnerable from remote SQL-Injection-Bypass-Authentication for the admin account and PWNED PHPSESSID Hijacking in app /storage/classes/Login.php. remote SQL-Injection-Bypass-Authentication: . The parameter username from the login form is not protected correct...

0.9AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/03/30 12:0 a.m.417 views

CVE-2023-29059

3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX...

7.8CVSS8AI score0.04373EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2021/12/08 12:0 a.m.412 views

CVE-2021-20038

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server’s modcgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a ‘nobody’ user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware...

9.8CVSS9.5AI score0.99912EPSS
Exploits8References4
ATTACKERKB
ATTACKERKB
added 2020/08/07 12:0 a.m.412 views

CVE-2020-11984 — Multiple Vulnerabilities in Apache Web Server Could Allow for Remote Code Execution

Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE Recent assessments: dabdine-r7 at August 26, 2020 8:06pm UTC reported: The details for this vulnerability were scant from Apache, but this is actually an integer overflow in the modproxyuwsgi Apache module...

9.8CVSS1.5AI score0.90039EPSS
Exploits4References37
ATTACKERKB
ATTACKERKB
added 2021/07/14 6:15 p.m.411 views

CVE-2021-31206

Microsoft Exchange Server Remote Code Execution Vulnerability...

8CVSS7.2AI score0.0979EPSS
Exploits0References3Affected Software5
ATTACKERKB
ATTACKERKB
added 2019/04/15 12:0 a.m.411 views

CVE-2019-0232

When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by...

9.3CVSS7.6AI score0.99652EPSS
Exploits10References31
ATTACKERKB
ATTACKERKB
added 2022/10/19 12:0 a.m.405 views

CVE-2016-20016

MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the “JAWS webserver RCE”...

9.8CVSS9.6AI score0.86289EPSS
Exploits14References4
ATTACKERKB
ATTACKERKB
added 2023/05/12 12:0 a.m.403 views

CVE-2023-32243

Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

9.8CVSS9.5AI score0.75531EPSS
Exploits8References4
ATTACKERKB
ATTACKERKB
added 2013/12/11 12:0 a.m.403 views

CVE-2013-3900

Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the forma...

8.8CVSS7.4AI score0.44647EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2020/08/12 12:0 a.m.398 views

CVE-2020-17496

vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widgettabbedcontainertabpanel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. Recent assessments: zeroSteiner at September 02, 2020 1:23pm UTC reported: A...

9.8CVSS10AI score0.99728EPSS
Exploits28References6
ATTACKERKB
ATTACKERKB
added 2017/12/19 12:0 a.m.397 views

CVE-2017-17105

Zivif PR115-204-P-RS V2.3.4.2103 and V4.7.4.2121 and possibly in-between versions web cameras are vulnerable to unauthenticated, blind remote command injection via CGI scripts used as part of the web interface, as demonstrated by a...

10CVSS9.7AI score0.84558EPSS
Exploits8References5
ATTACKERKB
ATTACKERKB
added 2017/06/24 12:0 a.m.396 views

CVE-2017-9833

/cgi-bin/wapopen in Boa 0.94.14rc21 allows the injection of “../..” using the FILECAMERA variable sent by GET to read files with root privileges. NOTE: multiple third parties report that this is a system-integrator issue e.g., a vulnerability on one type of camera because Boa does not include any...

7.8CVSS7.6AI score0.68243EPSS
Exploits6References3
ATTACKERKB
ATTACKERKB
added 2017/01/30 12:0 a.m.395 views

CVE-2017-5611

SQL injection vulnerability in wp-includes/class-wp-query.php in WPQuery in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name. Recent assessments: Assessed Attacker...

9.8CVSS6.9AI score0.09933EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2021/10/07 12:0 a.m.393 views

CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...

9.8CVSS9.4AI score0.99992EPSS
Exploits175References34
ATTACKERKB
ATTACKERKB
added 2020/02/24 12:0 a.m.391 views

CVE-2020-1938

When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that...

9.8CVSS9.5AI score0.9927EPSS
Exploits49References96
ATTACKERKB
ATTACKERKB
added 2020/05/06 12:0 a.m.388 views

CVE-2020-8899 Samsung Quarm RCE via MMS

There is a buffer overwrite vulnerability in the Quram qmg library of Samsung’s Android OS versions O8.x, P9.0 and Q10.0. An unauthenticated, unauthorized attacker sending a specially crafted MMS to a vulnerable phone can trigger a heap-based buffer overflow in the Quram image codec leading to an...

10CVSS9.7AI score0.05711EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2020/08/14 12:0 a.m.386 views

CVE-2019-5591

A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server. Recent assessments: ccondon-r7 at April 05, 2021 2:16pm UTC reported: One of three vulnerabilities CISA and the FBI have...

9.8CVSS8.9AI score0.99999EPSS
Exploits23References3
ATTACKERKB
ATTACKERKB
added 2024/07/10 12:0 a.m.384 views

CVE-2024-5910

Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credential...

9.8CVSS10AI score0.99597EPSS
Exploits13References3
ATTACKERKB
ATTACKERKB
added 2019/01/31 12:0 a.m.381 views

CVE-2019-6110

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server or Man-in-The-Middle attacker can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred. Recent assessments: Assessed Attacker Value...

6.8CVSS1.7AI score0.20906EPSS
Exploits8References10
ATTACKERKB
ATTACKERKB
added 2022/03/15 12:0 a.m.378 views

CVE-2022-0778

The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...

7.5CVSS6.8AI score0.70561EPSS
Exploits2References39
ATTACKERKB
ATTACKERKB
added 2015/11/18 12:0 a.m.377 views

CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.8CVSS8.6AI score0.96032EPSS
Exploits17References18
ATTACKERKB
ATTACKERKB
added 2016/09/01 12:59 a.m.372 views

CVE-2016-2183

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References155
ATTACKERKB
ATTACKERKB
added 2010/01/13 12:0 a.m.372 views

CVE-2009-3953

The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration “array boundary issue,” a differe...

10CVSS8.9AI score0.83855EPSS
Exploits11References15
ATTACKERKB
ATTACKERKB
added 2021/05/27 11:15 a.m.370 views

CVE-2021-33558

Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, preview.html, js/log.js, log.html, email.html, online-users.html, and config.js. NOTE: multiple third parties report that this is a site-specific issue because those files are not par...

7.5CVSS7.1AI score0.10329EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2023/07/13 12:0 a.m.367 views

CVE-2023-34127

Improper Neutralization of Special Elements used in an OS Command ‘OS Command Injection’ vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics:...

9.8CVSS7.5AI score0.86296EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2017/05/19 12:0 a.m.367 views

CVE-2017-5173

An Improper Neutralization of Special Elements in an OS command issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call...

10CVSS6.7AI score0.29578EPSS
Exploits4References4
ATTACKERKB
ATTACKERKB
added 2025/08/20 12:0 a.m.364 views

Windows Remote Desktop Gateway RCE (CVE-2020-0609)

A remote code execution vulnerability exists in Windows Remote Desktop Gateway RD Gateway when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who...

10CVSS9.7AI score0.74897EPSS
Exploits9References2
ATTACKERKB
ATTACKERKB
added 2019/01/31 12:0 a.m.362 views

CVE-2019-6109

An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server or Man-in-The-Middle attacker can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This...

6.8CVSS2.1AI score0.03807EPSS
Exploits0References13
ATTACKERKB
ATTACKERKB
added 2022/11/09 12:0 a.m.360 views

CVE-2022-41128

Windows Scripting Languages Remote Code Execution Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

8.8CVSS8.2AI score0.24623EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2020/04/14 12:0 a.m.357 views

CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support uncommon, urldecode function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes. Recent assessments: Assessed...

7.5CVSS4.9AI score0.04311EPSS
Exploits1References9
ATTACKERKB
ATTACKERKB
added 2023/07/19 12:0 a.m.352 views

CVE-2023-3519

Unauthenticated remote code execution Recent assessments: rbowes-r7 at July 19, 2023 9:42pm UTC reported: Note that the analysis before is for a separate issue – either a silently-patched vuln or some cleanup. We’ve posted a Rapid7 Analysis with the full details, so check that out! I spent some...

9.8CVSS10AI score0.99445EPSS
Exploits16References5
ATTACKERKB
ATTACKERKB
added 2021/10/07 5:15 p.m.350 views

CVE-2021-42071

In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can achieve remote command execution via shell metacharacters in the cgi-bin/slogin/login.py User-Agent HTTP header...

10CVSS7.7AI score0.69882EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2008/11/04 12:0 a.m.350 views

CVE-2008-2992

Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104. Recent assessments: Assessed Attacker...

9.3CVSS6.9AI score0.98482EPSS
Exploits21References30
ATTACKERKB
ATTACKERKB
added 2015/07/16 12:0 a.m.349 views

CVE-2015-2590

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732. Recent assessments: gwillcox-...

10CVSS4.1AI score0.25469EPSS
Exploits0References26
ATTACKERKB
ATTACKERKB
added 2020/08/17 12:0 a.m.347 views

CVE-2020-1472 aka Zerologon

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NRPC. An attacker who successfully exploited the vulnerability could run a specially crafted application on a...

10CVSS8.4AI score0.99512EPSS
Exploits76References26
ATTACKERKB
ATTACKERKB
added 2018/09/25 12:0 a.m.347 views

Adobe ColdFusion CKEditor file upload

A file upload vulnerability in the CKEditor of Adobe ColdFusion 11 Update 14 and earlier, ColdFusion 2016 Update 6 and earlier, and ColdFusion 2018 July 12 release allows unauthenticated remote attackers to upload and execute JSP files through the filemanager plugin. Recent assessments: jrobles-r...

10CVSS9.2AI score0.9995EPSS
Exploits11References4
ATTACKERKB
ATTACKERKB
added 2018/01/10 12:0 a.m.347 views

CVE-2018-0802

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka “Microsoft Office Memory Corruption Vulnerability”. This CVE is unique from CVE-2018-0797...

9.3CVSS8.6AI score0.99945EPSS
Exploits36References9
ATTACKERKB
ATTACKERKB
added 2011/08/29 12:0 a.m.347 views

CVE-2011-3192

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service memory and CPU consumption via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different...

7.8CVSS2.8AI score0.98945EPSS
Exploits17References79
ATTACKERKB
ATTACKERKB
added 2022/06/03 12:0 a.m.345 views

CVE-2022-26134

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7,...

9.8CVSS9.2AI score0.99999EPSS
Exploits150References8
ATTACKERKB
ATTACKERKB
added 2023/06/02 12:0 a.m.343 views

CVE-2023-34362

In Progress MOVEit Transfer before 2021.0.6 13.0.6, 2021.1.4 13.1.4, 2022.0.4 14.0.4, 2022.1.5 14.1.5, and 2023.0.1 15.0.1, a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer’s database...

9.8CVSS9.1AI score0.99934EPSS
Exploits15References7
ATTACKERKB
ATTACKERKB
added 2021/04/13 12:0 a.m.342 views

CVE-2021-28310

Win32k Elevation of Privilege Vulnerability Recent assessments: ccondon-r7 at April 13, 2021 8:41pm UTC reported: Ah, another day, another Win32k privilege escalation used in the wild. Securelist has a good write-up on this bug, which they discovered because it was used in a BITTER APT zero-day...

7.8CVSS8.3AI score0.78376EPSS
Exploits21References3
ATTACKERKB
ATTACKERKB
added 2021/02/24 12:0 a.m.339 views

VMware vSphere Client Unauth Remote Code Execution Vulnerability — CVE-2021-21972

The vSphere Client HTML5 contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects...

10CVSS10AI score0.9957EPSS
Exploits47References6
ATTACKERKB
ATTACKERKB
added 2018/12/11 12:0 a.m.338 views

CVE-2018-20057

An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. goform/formSysCmd allows remote authenticated users to execute arbitrary OS commands via the sysCmd POST parameter. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value:...

9CVSS8.1AI score0.07396EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2019/04/22 12:0 a.m.337 views

CVE-2019-11447

An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatarfile field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content ...

8.8CVSS8.7AI score0.52901EPSS
Exploits10References5
ATTACKERKB
ATTACKERKB
added 2021/08/12 12:0 a.m.333 views

CVE-2021-36942

Windows LSA Spoofing Vulnerability Recent assessments: jbaines-r7 at January 25, 2022 4:35pm UTC reported: Recently, I was attempting to combine James Forshaw’s remote EFSRPC file write “bug” with a local privilege escalation that I’d discovered. I was getting strange results. Working on one...

9.8CVSS8.2AI score0.66023EPSS
Exploits4References3
ATTACKERKB
ATTACKERKB
added 2017/05/04 12:0 a.m.332 views

CVE-2017-8295

WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to...

5.9CVSS6AI score0.26699EPSS
Exploits7References7
Total number of security vulnerabilities5000