A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential.....
7.5CVSS
7.1AI Score
0.027EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Nmap Log4Shell NSE script for discovery Apache Log4j RCE...
9.2AI Score
9.2AI Score
Permanent device denial of service due to a huge amount of scheduled alarms
In multiple functions of SnoozeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...
6.9AI Score
0.0004EPSS
CVE-2023-4966 Citrix Memory Leak Exploit 🔒 Leak session...
9.4CVSS
7.8AI Score
0.971EPSS
apache-any23-encoding is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the guessEncoding function of TikaEncodingDetector.java, which leads to excessive resource allocation, allowing an attacker to cause an application crash by providing a maliciously crafted...
6.5CVSS
6.7AI Score
0.001EPSS
Amazon Web Services EC2 SSM enumeration
Provided AWS credentials, this module will call the authenticated API of Amazon Web Services to list all SSM-enabled EC2 instances accessible to the account. Once enumerated as SSM-enabled, the instances can be controlled using out-of-band WebSocket sessions provided by the AWS API (nominally,...
7.1AI Score
Exploit for Out-of-bounds Write in Lenovo Diagnostics
CVE-2022-3699 Incorrect access control for the Lenovo...
7.8CVSS
7.9AI Score
0.002EPSS
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
CVE-2024-21762 out-of-bounds write in Fortinet FortiOS ...
9.8CVSS
8.7AI Score
0.018EPSS
Exploit for Incorrect Implementation of Authentication Algorithm in Microsoft
Recreation of the SharePoint PoC for CVE-2023-29357 in C# with...
9.8CVSS
9.7AI Score
0.89EPSS
org.iq80.snappy: snappy is vulnerable to Out-of-Bounds-Read. The vulnerability is due to the usage of the JDK class sun.misc.Unsafe to speed up memory access without performing additional bounds checks, which can result in non-deterministic behavior or a JVM...
5.3CVSS
6.6AI Score
0.0004EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
CVE-2021-44228 Remote Code Injection In Log4j...
10CVSS
10AI Score
0.976EPSS
Exploit for Deserialization of Untrusted Data in Apache Activemq
ActiveMQ-RCE ActiveMQ RCE (CVE-2023-46604) exploit, written...
9.9AI Score
Exploit for Deserialization of Untrusted Data in Apache Dubbo
更全面的Dubbo漏洞扫描工具见我的另一个项目:https://github.com/YYHYlh/Dubbo-Scan...
9.8CVSS
9.3AI Score
0.015EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
本工具仅为企业测试漏洞使用,严禁他人使用本工具攻击 本工具仅为企业测试漏洞使用,严禁他人使用本工具攻击...
9AI Score
Exploit for Out-of-bounds Write in Gnu Glibc
CVE-2023-4911-Looney-Tunables Looney Tunables Local privilege...
7.8CVSS
8.6AI Score
0.014EPSS
Insufficient Granularity Of Access Control
lunary is vulnerable to an Insufficient Granularity of Access Control vulnerability. The vulnerability is due to improper validation of dataset ownership, allowing users to create, update, get, and delete prompt variations for datasets not owned by their organization, leading to unauthorized...
8.1CVSS
6.8AI Score
0.001EPSS
typo3/cms is vulnerable to Denial of Service (DoS). The vulnerability is caused by allowing an excessively high maximum result limit in TYPO3's Indexed Search component. This flaw potentially enables attackers to execute a Denial of Service (DoS)...
7.2AI Score
Exploit for Deserialization of Untrusted Data in Clear Clearml
CVE-2024-24590 Deserialization of untrusted data can occur in...
8.8CVSS
7.2AI Score
0.001EPSS
Exploit for Incorrect Implementation of Authentication Algorithm in Microsoft
🛑 Microsoft SharePoint: CVE-2023-29357 🛑 **Microsoft...
9.8CVSS
9.9AI Score
0.89EPSS
Exploit for Cleartext Storage of Sensitive Information in Mremoteng
mRemoteNG <= v1.77.3.1784-NB Password Dumper...
7.5CVSS
8AI Score
0.003EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Log4jPatcher A Java Agent based mitigation for Log4j2 JNDI...
8.7AI Score
org.codehaus.janino:janino is vulnerable to Denial of Service (DoS) attacks. The vulnerability is due to the guessParameterNames method caused to an uncaught stack overflow exception, which can be triggered by user input with deeply nested structures causing the application to...
5.5CVSS
7.1AI Score
0.0004EPSS
Exploit for Out-of-bounds Write in Fortinet Fortios
CVE-2022-42475-RCE-POC 漏洞名称 CVE-2022-42475 飞塔RCE漏洞 POC...
9.8CVSS
9.9AI Score
0.321EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
log4j2-scan is a single binary...
10CVSS
9.6AI Score
0.976EPSS
7.4AI Score
Denial of service in Kubernetes
The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral...
5.5CVSS
7AI Score
0.0004EPSS
Denial of service in Kubernetes
The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral...
5.5CVSS
6.5AI Score
0.0004EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Log4Shell sample vulnerable application (CVE-2021-44228)...
9.1AI Score
Exploit for Deserialization of Untrusted Data in Apache Log4J
Log4jHorizon Exploiting CVE-2021-44228 in VMWare Horizon for...
9.1AI Score
Exploit for Deserialization of Untrusted Data in Apache Log4J
🤝 Show your support - give a ⭐️ if you...
10CVSS
9.9AI Score
0.976EPSS
Use-of-uninitialized-value in spvTextEncodeOperand
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69388 Crash type: Use-of-uninitialized-value Crash state: spvTextEncodeOperand spvTextEncodeOpcode...
7.2AI Score
9.7AI Score
Exploit for Deserialization of Untrusted Data in Apache Log4J
LogMePwn LogMePwn is a fully automated, multi-protocol,...
8.9AI Score
Exploit for Out-of-bounds Write in Gnu Glibc
CVE-2023-4911 This is a PoC (Proof Of Concept) for the Looney...
7.8CVSS
8.3AI Score
0.014EPSS
10CVSS
9.9AI Score
0.976EPSS
8.1AI Score
Exploit for Deserialization of Untrusted Data in Apache Log4J
Vm4J A tool for detect vmware product log4j vulnerability....
8.8AI Score
directus is vulnerable to Denial Of Service (DoS). The vulnerability is caused by providing a non-numeric length value to the random string generation utility, which prevents the generation of random session IDs, resulting in Denial Of Service...
7.5CVSS
7.5AI Score
0.0004EPSS
Exploit for Out-of-bounds Write in Xpdfreader Xpdf
Xpdf Docker Images This repository contains docker images...
6.1AI Score
9.8CVSS
8.2AI Score
0.003EPSS
A vulnerability, which was classified as critical, has been found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0. This issue affects some unknown processing of the file /admin/login.php. The manipulation of the argument txtusername/txtpassword leads to.....
8.1CVSS
8.3AI Score
0.005EPSS
A vulnerability has been found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file register.php. The manipulation of the argument...
6.1CVSS
6AI Score
0.001EPSS
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
FortiGate cve-2024-21762-checker This script is used to check...
9.8CVSS
7.2AI Score
0.018EPSS
Exploit for Out-of-bounds Write in 7-Zip
CVE-2022-29072 7-Zip through 21.07 on Windows allows...
7.8CVSS
0.8AI Score
0.001EPSS
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
CVE-2024-21762 Check Safely detect whether a FortiGate SSL...
9.8CVSS
7.1AI Score
0.018EPSS
Denial of service of Minder Server from maliciously crafted GitHub attestations
Minder is vulnerable to a denial-of-service (DoS) attack which could allow an attacker to crash the Minder server and deny other users access to it. The root cause of the vulnerability is that Minders sigstore verifier reads an untrusted response entirely into memory without enforcing a limit on...
5.3CVSS
6.4AI Score
0.0004EPSS
Exploit for Logging of Excessive Data in Salesagility Suitecrm
CVE-2024-36416 Tool for validating CVE-2024-36416 Usage...
8.6CVSS
7.2AI Score
0.0005EPSS
According to its self-reported version, Cisco Firepower Threat Defense (FTD) Software is affected by a vulnerability. Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to...
5.8CVSS
5.8AI Score
0.0004EPSS
Exploit for Deserialization of Untrusted Data in Clear Clearml
_____ _ __ __ _ _____ ____ _...
8.8CVSS
9AI Score
0.001EPSS