Lucene search
K
AttackerkbMost viewed

74967 matches found

ATTACKERKB
ATTACKERKB
added 2020/05/19 12:0 a.m.24 views

CVE-2020-13167

Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php with certain Referer headers launches a command line with client-supplied parameters, and allows injection of shell metacharacters. Recent assessments: wvu-r7 at May 21, 2020 5:51am UTC...

9.8CVSS5.3AI score0.95415EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2020/02/13 12:0 a.m.24 views

RCE in LibreOffice and OpenOffice via the Apache UNO API

LibreOffice and OpenOffice are vulnerable to RCE via the Apache UNO API if either program is running as a listener on the host machine. Recent assessments: space-r7 at September 12, 2019 6:07pm UTC reported: Details The soffice binary allows passing arguments in order to listen on a host ip and...

1.4AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2020/02/13 12:0 a.m.24 views

Rapid7 Metasploit Framework Zip Import Directory Traversal

Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level...

7.4CVSS7.5AI score0.02758EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2020/02/13 12:0 a.m.24 views

Two kernel-mode type-confusion / memory-corruption vulnerabilities in win32k!xxxRemoteReconnect

The Windows Kernel is subject to two related kernel-mode type-confusion vulnerabilities inside win32k!xxxRemoteReconnect. In both cases, a user-mode parameter passed to the syscall is incorrectly resolved to its underlying kernel representation via ObReferenceObjectByHandle passing NULL as the...

3.2AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2020/02/12 12:0 a.m.24 views

CVE-2019-19194

The Bluetooth Low Energy Secure Manager Protocol SMP implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices installs a zero long term key LTK if an out-of-order link-layer encryption request...

8.8CVSS3AI score0.01002EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2020/02/03 12:0 a.m.24 views

CVE-2020-8510

An issue was discovered in phpABook 0.9 Intermediate. On the login page, if one sets a userInfo cookie with the value of admin+1+en user+perms+lang, one can login as any user without a password. Recent assessments: horshark at March 09, 2020 8:27pm UTC reported: CVE in SourceForge project phpABoo...

9.8CVSS1.1AI score0.01247EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2020/01/14 12:0 a.m.24 views

Remote Desktop Client remote code execution vulnerability

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka ‘Remote Desktop Client Remote Code Execution Vulnerability’. Recent assessments: busterb at January 15, 2020 2:29am UTC reported: This is a client-side exploit, which...

7.5CVSS2.4AI score0.0808EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2019/07/17 12:0 a.m.24 views

CVE-2019-3969: Comodo Antivirus Privilege Escalation

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Privilege Escalation due to CmdAgent’s handling of COM clients. A local process can bypass the signature check enforced by CmdAgent via process hollowing which can then allow the process to invoke sensitive COM methods in CmdAgen...

7.8CVSS1.9AI score0.00558EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2019/04/24 12:0 a.m.24 views

CVE-2018-20434 - LibreNMS Addhost Command Injection

LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $POST'community' parameter to html/pages/addhost.inc.php during creation of a new device, and then making a /ajaxoutput.php?id=capture&format=text&type=snmpwalk&hostname=localhost request that triggers...

10CVSS0.8AI score0.71487EPSS
Exploits9References2
ATTACKERKB
ATTACKERKB
added 2019/04/04 12:0 a.m.24 views

Pimcore Deserialization Vulnerability

In Pimcore versions prior to 5.7.1, a deserialization vulnerability exists in the handler function for the bulk-commit POST request. Recent assessments: space-r7 at September 12, 2019 6:07pm UTC reported: Details There exists a PHP deserialization vulnerability in Pimcore versions prior to 5.7.1...

8.8CVSS9.2AI score0.69356EPSS
Exploits5References6
ATTACKERKB
ATTACKERKB
added 2019/03/26 12:0 a.m.24 views

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-004

Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability. Recent assessments: busterb at May 09, 2019 5:57pm UTC reported: XSS always requires extra effort in a pentest, it depends on the actual app...

5.4CVSS3AI score0.12408EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2019/03/07 12:0 a.m.24 views

TIBCO JasperReports Library Directory Traversal Vulnerability

The default server implementation of TIBCO Software Inc.’s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for...

9.9CVSS6.6AI score0.79064EPSS
Exploits4References8
ATTACKERKB
ATTACKERKB
added 2018/09/19 12:0 a.m.24 views

Snap Creek Duplicator RCE

The Snap Creek Duplicator plugin for Wordpress enables the possibility for code execution after a backup has been created. This affects versions prior to v1.2.42. Recent assessments: space-r7 at May 09, 2019 5:57pm UTC reported: Details With over 1 million installations of this plugin in Wordpres...

9.8CVSS3.6AI score0.58794EPSS
Exploits4References3
ATTACKERKB
ATTACKERKB
added 2018/03/27 12:0 a.m.25 views

CVE-2017-12319

A vulnerability in the Border Gateway Protocol BGP over an Ethernet Virtual Private Network EVPN for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service DoS condition, or potentially corrupt the BGP routing table,...

7.1CVSS2.2AI score0.05347EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2016/12/15 12:0 a.m.24 views

CVE-2016-7892

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution. Recent assessments: gwillcox-r7 at November 22, 2020 3:24am UTC reported: Reported ...

9.3CVSS0.6AI score0.18786EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2016/11/10 12:0 a.m.24 views

CVE-2016-7243

The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka “Scripting Engine Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-7200, CVE-2016-7201,...

8.8CVSS8.4AI score0.8249EPSS
Exploits13References4
ATTACKERKB
ATTACKERKB
added 2016/02/10 12:0 a.m.24 views

CVE-2016-0973

Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before...

9.3CVSS8.9AI score0.55375EPSS
Exploits4References10
ATTACKERKB
ATTACKERKB
added 2015/07/16 12:0 a.m.24 views

Oracle Java JRE AES Intrinsics Remote Denial of Service

Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers to affect availability via unknown vectors related to Security. Recent assessments: jcran at November 14, 2019 9:43pm UTC reported: Causes a hard crash for the web application server for example,...

5CVSS2.6AI score0.03491EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2015/02/11 12:0 a.m.24 views

CVE-2015-0071

Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka “Internet Explorer ASLR Bypass Vulnerability.” Recent assessments: gwillcox-r7 at November 23, 2020 6:02pm UTC reported: Reported as exploited in the wild as part o...

6.5CVSS6.1AI score0.33581EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2015/01/20 12:0 a.m.24 views

Advantech Adamview Buffer Overflow

Multiple stack-based buffer overflows in Advantech AdamView 4.3 and earlier allow remote attackers to execute arbitrary code via a crafted 1 display properties or 2 conditional bitmap parameter in a GNI file. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC reported: Details Accordin...

7.5CVSS0.6AI score0.05921EPSS
Exploits7References2
ATTACKERKB
ATTACKERKB
added 2007/05/11 12:0 a.m.24 views

CVE-2007-2617

srsexec in Sun Remote Services SRS Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options. Recent assessments: h00die at March 25, 2020 12:46am UTC...

7.5CVSS6.1AI score0.63824EPSS
Exploits8References10
ATTACKERKB
ATTACKERKB
added 2026/06/25 4:42 p.m.23 views

CVE-2026-55697

pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can install configDependencies declared in pnpm-workspace.yaml before command dispatch. Before the patch, a repository could declare pacquet or @pnpm/pacquet as a config dependency and pnpm treated that repository-controlled dependency ...

7.5CVSS5.9AI score0.00127EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/04 2:22 p.m.23 views

CVE-2026-5228

Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mobile App: from 1.3.0 through 04062026...

8.8CVSS5.8AI score0.00245EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/02 9:45 a.m.23 views

CVE-2025-53302

Missing Authorization vulnerability in Anton Shevchuk Constructor allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Constructor: from n/a through 1.6.5...

5.3CVSS5.8AI score0.00187EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/29 6:15 p.m.23 views

CVE-2026-49384

In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible...

6.1CVSS5.8AI score0.00181EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/15 3:26 p.m.23 views

CVE-2026-45803

gh is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...

3.5CVSS6AI score0.00206EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 7:59 p.m.23 views

CVE-2026-44638

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixeldecoderaw and sixeldecode causes a NULL pointer dereference whenever the allocation fails. The check tests the address of the output parameter alway...

2.5CVSS5.8AI score0.00131EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:58 p.m.23 views

CVE-2026-40407

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.9AI score0.00304EPSS
Exploits0References2Affected Software20
ATTACKERKB
ATTACKERKB
added 2026/04/23 12:2 a.m.23 views

CVE-2026-32679

The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...

8.4CVSS5.9AI score0.0016EPSS
Exploits0References3Affected Software4
ATTACKERKB
ATTACKERKB
added 2026/04/06 8:48 p.m.23 views

CVE-2026-35392

goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, PUT upload in httpserver/updown.go has no path sanitization. This vulnerability is fixed in 2.0.0-beta.3...

9.8CVSS7.2AI score0.00683EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/30 7:47 a.m.23 views

CVE-2026-5121

A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for...

9.8CVSS6.7AI score0.01073EPSS
Exploits0References36
ATTACKERKB
ATTACKERKB
added 2026/02/14 8:26 a.m.23 views

CVE-2026-1254

The Modula Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.13.6. This is due to the plugin not properly verifying that a user is authorized to modify specific posts before updating them via the REST API...

4.3CVSS5.7AI score0.00177EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/11 12:18 p.m.23 views

CVE-2025-54149

An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a local attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central...

7.1CVSS5.5AI score0.00242EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/06 10:55 p.m.23 views

CVE-2026-25793

Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates which is not the default configuration, it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability to use a copy of th...

7.6CVSS5.3AI score0.00133EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/06 6:11 p.m.23 views

CVE-2025-69214

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an SQL Injection vulnerability exists in the ajaxselect.php endpoint when handling the componenti operation. An authenticated attacker can inject malicious SQL code through the...

8.7CVSS5.9AI score0.00423EPSS
Exploits3References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/20 2:49 p.m.23 views

CVE-2025-58080

A reflected cross-site scripting xss vulnerability exists in the modifyHL7App functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

6.1CVSS5.5AI score0.00235EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/04/03 12:0 a.m.23 views

CVE-2025-30406

Gladinet CentreStack through 16.1.10296.56315 fixed in 16.4.10315.56368 has a deserialization vulnerability due to the CentreStack portal’s hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors who know the machineKey to serialize a payload for server-side...

9.8CVSS10AI score0.93842EPSS
Exploits6References4
ATTACKERKB
ATTACKERKB
added 2025/03/04 12:0 a.m.23 views

CVE-2025-22225

VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox. Recent assessments: remmons-r7 at January 13, 2026 1:24am UTC reported: CVE-2025-22225 is an arbitrary write...

9.3CVSS8.9AI score0.01676EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2024/07/30 5:15 p.m.23 views

CVE-2024-7297

Langflow versions prior to 1.0.13 suffer from a Privilege Escalation vulnerability, allowing a remote and low privileged attacker to gain super admin privileges by performing a mass assignment request on the '/api/v1/users' endpoint...

8.8CVSS5.9AI score0.21346EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2024/07/02 12:0 a.m.23 views

CVE-2024-39891

In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data, as exploited in the wild in June 2024. Specifically, the endpoint accepted a stream of requests containing phone numbers, and...

5.3CVSS6.5AI score0.01477EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2024/05/23 12:0 a.m.23 views

CVE-2024-4978

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands. Recent assessments: Assessed Attacker...

8.7CVSS7AI score0.26937EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2024/02/13 12:0 a.m.23 views

CVE-2024-21413

Microsoft Outlook Remote Code Execution Vulnerability Recent assessments: nu11secur1ty at March 20, 2024 10:13am UTC reported: Vulnerable software: About Outlook Version: You have Microsoft Outlook Version 1.2024.313.100 Production. Client Version is 20240308003.16 Description: By sending a...

9.8CVSS7.7AI score0.9466EPSS
Exploits23References3
ATTACKERKB
ATTACKERKB
added 2023/06/28 12:0 a.m.23 views

CVE-2023-21237

In applyRemoteView of NotificationContentInflater.java, there is a possible way to hide foreground service notification due to misleading or insufficient UI. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

6.2CVSS6.3AI score0.00264EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/12/08 4:15 p.m.23 views

CVE-2022-45118

OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions...

6.2CVSS6.1AI score0.00175EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/10/11 12:0 a.m.23 views

CVE-2022-38028

Windows Print Spooler Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

7.8CVSS6.5AI score0.14949EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/04/06 11:15 a.m.23 views

CVE-2022-1240

Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the rstrncpy function. Therefore I think it is very likely to be exploitable. For more general...

7.8CVSS7.4AI score0.00725EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/02/11 12:0 a.m.23 views

CVE-2022-0185

A heap-based buffer overflow flaw was found in the way the legacyparseparam function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged in case of unprivileged user namespaces enabled, otherwise needs namespaced CAPSYSADMIN privile...

8.4CVSS7.3AI score0.25151EPSS
Exploits11References16
ATTACKERKB
ATTACKERKB
added 2022/02/04 5:15 p.m.23 views

CVE-2022-24260

A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level...

10CVSS7.5AI score0.50926EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2021/10/06 12:0 a.m.23 views

CVE-2021-25487

Lack of boundary checking of a buffer in setskbpriv of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...

7.8CVSS7.7AI score0.00597EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/08/31 12:0 a.m.23 views

Ship Ferry Ticket Reservation System v1.0 SQL-Injection-Bypass-Authentication

Description: The Ship/Ferry Ticket Reservation System v1.0 is vulnerable in the application /shipticketing/classes/Login.php from SQL-Injection-Bypass-Authentication. The parameter username from the login form is not protected correctly and there is no security and escaping from malicious payload...

0.4AI score
Exploits0References1
Total number of security vulnerabilities5000