CVE-2018-11236: fix stack buffer overflow when realpath() input length is close to SSIZE_MAX. CVE-2024-2961: fix out-of-bound writes in ISO-2022-CN-EXT escape...
9.8CVSS
7.2AI Score
0.014EPSS
Exploit for Deserialization of Untrusted Data in Clear Clearml
ClearML Exploit Script This repository contains a Python...
8.8CVSS
7.5AI Score
0.001EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
log4j-shell-poc A Proof-Of-Concept for the recently found...
8.6AI Score
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft
ThemeBleed Proof-of-Concept for CVE-2023-38146 ("ThemeBleed")...
8.9AI Score
Mattermost fails to authenticate the source of certain types of post actions
Mattermost versions 8.1.x before 8.1.11, 9.3.x before 9.3.3, 9.4.x before 9.4.4, and 9.5.x before 9.5.2 fail to authenticate the source of certain types of post actions, allowing an authenticated attacker to create posts as other users via a crafted post...
6.5CVSS
6.5AI Score
0.0004EPSS
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
CVE-2024-21762 Check Safely detect whether a FortiGate SSL...
9.8CVSS
7.1AI Score
0.018EPSS
Exploit for Access of Uninitialized Pointer in Microsoft
CVE-2022-21971: Uninitialized pointer free in prauthproviders...
7.8CVSS
8AI Score
0.343EPSS
Exploit for Out-of-bounds Write in Gnu Glibc
PoC of CVE-2023-4911 Looney Tunables This is a PoC of...
7.8CVSS
8.3AI Score
0.014EPSS
Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of...
9.6CVSS
9.4AI Score
0.002EPSS
Temporal Server Denial of Service
Denial of Service in Temporal Server prior to version 1.20.5, 1.21.6, and 1.22.7 allows an authenticated user who has permissions to interact with workflows and has crafted an invalid UTF-8 string for submission to potentially cause a crashloop. If left unchecked, the task containing the invalid...
4.4CVSS
6.6AI Score
0.0004EPSS
Insufficient Verification Of Data Authenticity
org.wildfly.security:wildfly-elytron-http-oidc is vulnerable to Insufficient Verification of Data Authenticity. The vulnerability is due to the session token caching logic when an OIDC app serving multiple tenants accesses a new tenant with a different OIDC configuration. This flaw occurs in...
7.3CVSS
6.7AI Score
0.0004EPSS
Exploit for Out-of-bounds Write in 7-Zip
INFORMATION I haven't posted any poc code anywhere for...
7.8CVSS
AI Score
0.001EPSS
Exploit for Deserialization of Untrusted Data in Clear Clearml
How it works- Need access to the team work space...
8.8CVSS
8.8AI Score
0.001EPSS
Exploit for Deserialization of Untrusted Data in Clear Clearml
How it works- Need access to the team work space...
8.8CVSS
6.8AI Score
0.001EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Log4Shell sample vulnerable application (CVE-2021-44228)...
9.1AI Score
Exploit for Deserialization of Untrusted Data in Apache Log4J
Log4jPatcher A Java Agent based mitigation for Log4j2 JNDI...
8.7AI Score
Exploit for Deserialization of Untrusted Data in Apache Log4J
CVE-2021-44228 Remote Code Injection In Log4j...
10CVSS
10AI Score
0.975EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
CVE-2021-44228(Apache Log4j Remote Code Execution) [all...
10CVSS
10AI Score
0.975EPSS
Exploit for Deserialization of Untrusted Data in Clear Clearml
NOTE: this cve was not found by me, i'm simply reuploading a...
8.8CVSS
6.8AI Score
0.001EPSS
YARP Denial of Service Vulnerability
Impact A denial of service vulnerability exists in YARP. Patches If you're using YARP 1.x, you should update to NuGet package version 1.1.2. If you're using YARP 2.0.0, you should update to NuGet package version 2.0.1. You can do so by updating the PackageReference in your .csproj file diff...
7.5CVSS
6.6AI Score
0.001EPSS
.NET Denial of Service vulnerability
Microsoft Security Advisory CVE-2023-29331: .NET Denial of Service vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their...
7.5CVSS
6.5AI Score
0.001EPSS
.NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2023-21538: .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to.....
7.5CVSS
1.5AI Score
0.002EPSS
Exploit for Out-of-bounds Write in Gnu Glibc
PoC of CVE-2023-4911 "Looney Tunables" This is a PoC of...
7.8CVSS
8.5AI Score
0.014EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
[![Download](https://img.shields.io/github/v/release/rakutentech......
9AI Score
.NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2023-21538: .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to.....
7.5CVSS
7.6AI Score
0.002EPSS
.NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2023-38178: .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0. This advisory also provides guidance on what developers can do to update their applications to.....
7.5CVSS
6.7AI Score
0.001EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
LogMePwn LogMePwn is a fully automated, multi-protocol,...
8.9AI Score
Exploit for Out-of-bounds Write in Gnu Glibc
CVE-2023-4911 This is a PoC (Proof Of Concept) for the Looney...
7.8CVSS
8.3AI Score
0.014EPSS
.NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2023-38178: .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0. This advisory also provides guidance on what developers can do to update their applications to.....
7.5CVSS
6.7AI Score
0.001EPSS
Permanent device denial of service due to a huge amount of scheduled alarms
In multiple functions of SnoozeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...
6.9AI Score
0.0004EPSS
Exploit for Logging of Excessive Data in Salesagility Suitecrm
CVE-2024-36416 Tool for validating CVE-2024-36416 Usage...
8.6CVSS
7.2AI Score
0.0005EPSS
Exploit for Deserialization of Untrusted Data in Clear Clearml
_____ _ __ __ _ _____ ____ _...
8.8CVSS
9AI Score
0.001EPSS
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ This exploit...
10CVSS
9.7AI Score
0.931EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment...
10CVSS
10AI Score
0.975EPSS
.NET Elevation of Privilege Vulnerability
Microsoft Security Advisory CVE-2024-21409 | .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 ,and .NET 8.0. This advisory also provides guidance on what developers can do to....
7.3CVSS
6.5AI Score
0.0004EPSS
Exploit for Deserialization of Untrusted Data in Clear Clearml
CVE-2024-24590-ClearML-RCE-Exploit Python script that...
8.8CVSS
9.1AI Score
0.001EPSS
YARP Denial of Service Vulnerability
Impact A denial of service vulnerability exists in YARP. Patches If you're using YARP 1.x, you should update to NuGet package version 1.1.2. If you're using YARP 2.0.0, you should update to NuGet package version 2.0.1. You can do so by updating the PackageReference in your .csproj file diff...
7.5CVSS
6.6AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.001EPSS
.NET Denial of Service vulnerability
Microsoft Security Advisory CVE-2023-29331: .NET Denial of Service vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their...
7.5CVSS
6.5AI Score
0.001EPSS
9.2AI Score
Exploit for Race Condition in Microsoft
CVE-2023-36884: MS Office HTML RCE with crafted documents On...
7.5CVSS
8.2AI Score
0.305EPSS
8.8CVSS
9.4AI Score
0.65EPSS
Anti-Malware Security and Brute-Force Firewall < 4.23.56 - Unauthenticated Remote Code Execution
Description The Anti-Malware Security and Brute-Force Firewall plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.21.96 due to weak nonce generation combined with missing authorization. This makes it possible for unauthenticated attackers to brute...
9CVSS
8.1AI Score
0.0004EPSS
The AES-GCM specification in RFC 5084, as used in Android 5.x and 6.x, recommends 12 octets for the aes-ICVlen parameter field, which might make it easier for attackers to defeat a cryptographic protection mechanism and discover an authentication key via a crafted application, aka internal bug...
5.5CVSS
6.2AI Score
0.001EPSS
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
CVE-2024-21762 out-of-bounds write in Fortinet FortiOS ...
9.8CVSS
8.7AI Score
0.018EPSS
Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The.....
8CVSS
7.9AI Score
0.001EPSS
CVE-2024-20716 Force high-usage of resources by generating unlimited coupons: Adobe Commerce
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to an application denial-of-service. A high-privileged attacker could leverage this vulnerability to exhaust system resources, causing the application....
4.9CVSS
5.3AI Score
0.001EPSS
CVE-2023-4966 Citrix Memory Leak Exploit 🔒 Leak session...
9.4CVSS
7.8AI Score
0.969EPSS
Exploit for Cleartext Transmission of Sensitive Information in Keepass
KeePass 2.X Master Password Dumper...
7.4AI Score
Exploit for Out-of-bounds Write in Lenovo Diagnostics
CVE-2022-3699 Incorrect access control for the Lenovo...
7.8CVSS
7.9AI Score
0.002EPSS