Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Clash ProjectClash

3 matches found

CVE
CVEadded 2022/03/28 12:15 a.m.60 views

CVE-2022-26255

Clash for Windows v0.19.8 was discovered to allow arbitrary code execution via a crafted payload injected into the Proxies name column.

9.8CVSS9.6AI score0.01061EPSS
CVE
CVEadded 2022/03/21 3:15 p.m.51 views

CVE-2020-24772

In Dreamacro Clash for Windows v0.11.4, an attacker could embed a malicious iframe in a website with a crafted URL that would launch the Clash Windows client and force it to open a remote SMB share. Windows will perform NTLM authentication when opening the SMB share and that request can be relayed ...

8.8CVSS8.8AI score0.00114EPSS
CVE
CVEadded 2022/09/29 12:15 p.m.40 views

CVE-2022-40126

A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.

7.8CVSS8.1AI score0.00073EPSS