Exploit for Deserialization of Untrusted Data in Apache Log4J
Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment...
10CVSS
10AI Score
0.976EPSS
Use Of Insufficiently Random Values
zendframework/zendframework is vulnerable to insufficient entropy. The vulnerability is due to using PHP's mt_rand() function as a fallback for generating random bytes, which is predictable and susceptible to brute force attacks on the...
7.1AI Score
Exploit for Out-of-bounds Write in Gnu Glibc
CVE-2023-4911-Looney-Tunables Looney Tunables Local privilege...
7.8CVSS
8.6AI Score
0.014EPSS
Exploit for Out-of-bounds Write in Gnu Glibc
CVE-2023-4911 - Looney Tunables This is a (atm very rough)...
7.8CVSS
8.4AI Score
0.014EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Log4j-check 支持RC1绕过 log4J...
8.9AI Score
go.opentelemetry.io/collector/config/configgrpc is vulnerable to Denial Of Service (DoS). The vulnerability is due to compressed HTTP requests which can be maliciously designed to crash the system by consuming excessive memory. Attackers can exploit this by sending specially crafted "zip bomb"...
7AI Score
gpac is vulnerable to Denial of Service (DoS) attacks. If keys or parameters are received from an unreliable source, applications employing DH_check(), DH_check_ex(), or EVP_PKEY_param_check() may face lengthy delays, resulting in denial of service...
5.3CVSS
6.7AI Score
0.003EPSS
node-tar is vulnerable to Denial of service (DoS). The vulnerability is caused due to lack of validation on the number of folders created during the folder creation process.This allows an attackers to consume excessive CPU and memory resources, potentially causing the system to become unresponsive....
6.5CVSS
6.7AI Score
0.0004EPSS
libfreerdp.so is vulnerable to Out-of-bounds Read. The vulnerability is due to improper handling of nWidth and nHeight when both are zero, This allowing an attacker to potentially access or modify memory outside the intended buffer...
9.8CVSS
9.6AI Score
0.0004EPSS
chromium is vulnerable to Out-of-bounds Write. The vulnerability is due to inadequate bounds checking within a sandbox environment via a carefully crafted HTML page, allowing a remote attacker to execute arbitrary...
6.7AI Score
0.0004EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Nmap Log4Shell NSE script for discovery Apache Log4j RCE...
9.2AI Score
qemu is vulnerable to a Denial of Service(DoS) attack. The vulnerability is due to an assertion failure in the update_sctp_checksum() function in hw/net/net_tx_pkt.c, allows a malicious guest to trigger a denial of...
5.5CVSS
6.9AI Score
0.0004EPSS
Deserialization Of Untrusted Data
typo3/phar-stream-wrapper is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper handling of user-supplied Phar achive data before deserialization, which allows attackers to manipulate the serialized data to execute arbitrary...
7.7AI Score
apache2 is vulnerable to Denial of Service (DoS). This vulnerability allows an attacker to cause denial of service conditions on a vulnerable system by exploiting a race condition that occurs when a HTTP/2 connection is reset (RST frame) by a...
5.9CVSS
6.6AI Score
0.004EPSS
libfreerdp.so is vulnerable to an out-of-bounds read. The vulnerability is due to inadequate bounds checking in the zgfx_decompress_segment function because the variable count is not checked against Stream_GetRemainingLength. This could allow an attacker to potentially access sensitive information....
9.8CVSS
6.6AI Score
0.0004EPSS
MediaWiki is vulnerable to Denial Of Service (DoS). The vulnerability is due to a flaw in includes/specials/SpecialMovePage.php. If a user with the necessary rights to move the page opens Special:MovePage for a page with tens of thousands of subpages, then the page will exceed the maximum request.....
6.9AI Score
0.0004EPSS
Deserialization Of Untrusted Data
mlflow is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to inadequate input validation in the _load_custom_objects function within mlflow/tensorflow/init.py, which allows attackers to execute arbitrary code by injecting a malicious pickle object into the Tensorflow...
8.8CVSS
7.5AI Score
0.0004EPSS
Exploit for Deserialization of Untrusted Data in Apache Activemq
ActiveMQ-RCE ActiveMQ RCE (CVE-2023-46604) exploit, written...
9.9AI Score
Exploit for Deserialization of Untrusted Data in Apache Dubbo
更全面的Dubbo漏洞扫描工具见我的另一个项目:https://github.com/YYHYlh/Dubbo-Scan...
9.8CVSS
9.3AI Score
0.015EPSS
github.com/envoyproxy/envoy is vulnerable to Denial Of Service (DOS). The vulnerability is due to the async HTTP client buffering the mirror response with an unbounded buffer, which allows attackers to potentially cause an out-of-memory scenario by sending huge...
6.5CVSS
5.5AI Score
0.0004EPSS
9.8CVSS
8.2AI Score
0.003EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Log4j Vulnerability - CVE-2021-44228 :green_book: ...
10CVSS
9.7AI Score
0.976EPSS
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
FortiGate cve-2024-21762-checker This script is used to check...
9.8CVSS
7.2AI Score
0.018EPSS
Exploit for Out-of-bounds Write in Gnu Glibc
CVE-2023-4911-Looney-Tunables Looney Tunables Local privilege...
7.8CVSS
8.6AI Score
0.014EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Log4Shell sample vulnerable application (CVE-2021-44228)...
9.1AI Score
8.8AI Score
Exploit for Out-of-bounds Write in 7-Zip
CVE-2022-29072 7-Zip through 21.07 on Windows allows...
7.8CVSS
0.8AI Score
0.001EPSS
Exploit for Cleartext Transmission of Sensitive Information in Keepass
KeePass 2.X Master Password Dumper...
7.4AI Score
pimcore/pimcore is vulnerable to Denial Of Service. The vulnerability due to the lack of restrictions on the scaling factors that can be applied to image thumbnails, potentially creating disproportionately large files or overwhelming server CPU...
7.5CVSS
6.7AI Score
0.001EPSS
libdjvulibre.so is Denial Of Service (DoS). The vulnerability exists in the IW44Image::Map::image function at IW44Image.cpp due to a divide by zero bug resulting in a floating point exception causing an application...
6.5CVSS
6.7AI Score
0.001EPSS
libdjvulibre.so is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the lack of input validation in the IW44EncodeCodec.cpp when preparing the gray level conversion table, which allows an attacker to cause an application crash via divide by...
6.5CVSS
6.7AI Score
0.001EPSS
NodeJS is vulnerable to Denial Of Service (DOS). The vulnerability is caused due the fact that the fetch() function in Node.js always decodes Brotli, making it possible for an attacker to cause resource exhaustion when fetching content from an untrusted URL. An attacker controlling the URL passed.....
6.5CVSS
6.9AI Score
0.0004EPSS
strukturag/libde265 is vulnerable to Denial of Service (DoS). The vulnerability is caused due to a lack of proper bounds checking when calculating memory allocation sizes within image.cc. An attacker could manipulate the values to exceed the intended dimensions, leading to a buffer overflow and...
7.2AI Score
0.0004EPSS
apache2 is vulnerable to Out-of-bounds Read. An attacker could exploit this vulnerability by sending a specially crafted HTTP request to a vulnerable Apache HTTP Server. The request would contain a specially crafted mod_macro directive that would cause the server to read data from outside of the...
7.5CVSS
6.8AI Score
0.01EPSS
libfreerdp.so is vulnerable to an out-of-bounds read. The vulnerability is due to insufficient validation of the SrcSize before reading data from pSrcData, potentially allowing reading beyond the allocated memory when SrcSize is less than 4. This could allow an attacker to access sensitive...
9.8CVSS
6.6AI Score
0.0004EPSS
Node.js is vulnerable to Denial of Service (DoS). The vulnerability is due to improper handling of HTTP/2 CONTINUATION frames, where sending a small amount of HTTP/2 frames packets can cause data to be left in nghttp2 memory after a reset, leading to a race condition when the Http2Session...
8.2CVSS
8.3AI Score
0.0004EPSS
node-tar is vulnerable to Denial of service (DoS). The vulnerability is caused by to lack of validation on the number of folders created during the folder creation process. This allows an attacker to consume excessive CPU and memory resources, potentially causing the system to become unresponsive.....
6.5CVSS
7AI Score
0.0004EPSS
FreeRDP is vulnerable to Out-of-bounds Read. The vulnerability is caused due to an incorrect calculation of the WCHAR string length during conversion to UTF-8 within redirection.c, resulting in out-of-bounds...
7.5CVSS
7.4AI Score
0.0004EPSS
libfreerdp.so is vulnerable to an out-of-bounds read. This vulnerability is due to inadequate bounds checking in the planar_skip_plane_rle function, leading to potential out-of-bounds reads when processing RLE-encoded...
9.8CVSS
7AI Score
0.0004EPSS
FreeRDP is vulnerable to Out-of-bounds Read. The vulnerability is caused due to inadequate bounds checking when reading data from a buffer.This allows an attacker to access or manipulate data outside its intended range, potentially leading to unauthorized information...
9.8CVSS
9.2AI Score
0.0004EPSS
Exploit for Out-of-bounds Write in Fortinet Fortios
CVE-2022-42475-RCE-POC 漏洞名称 CVE-2022-42475 飞塔RCE漏洞 POC...
9.8CVSS
9.9AI Score
0.321EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
log4j2-scan is a single binary...
10CVSS
9.6AI Score
0.976EPSS
7.4AI Score
Exploit for Out-of-bounds Write in Lenovo Diagnostics
CVE-2022-3699 Incorrect access control for the Lenovo...
7.8CVSS
7.9AI Score
0.002EPSS
Exploit for Incorrect Implementation of Authentication Algorithm in Microsoft
Recreation of the SharePoint PoC for CVE-2023-29357 in C# with...
9.8CVSS
9.7AI Score
0.89EPSS
Exploit for Out-of-bounds Write in Microsoft
CVE-2023-28252-Compiled-exe A modification of Fortra's...
7.8CVSS
9.2AI Score
0.026EPSS
Exploit for Deserialization of Untrusted Data in Clear Clearml
CVE-2024-24590 Deserialization of untrusted data can occur in...
8.8CVSS
7.2AI Score
0.001EPSS
Exploit for Incorrect Implementation of Authentication Algorithm in Microsoft
🛑 Microsoft SharePoint: CVE-2023-29357 🛑 **Microsoft...
9.8CVSS
9.9AI Score
0.89EPSS
Exploit for Cleartext Storage of Sensitive Information in Mremoteng
mRemoteNG <= v1.77.3.1784-NB Password Dumper...
7.5CVSS
8AI Score
0.003EPSS
Deserialization Of Untrusted Data
mlflow is vulnerable to Deserialization of Untrusted Data. The vulnerability is caused due to inadequate input validation in the _load_model function within mlflow/pytorch/init .py. This allows an attacker to execute arbitrary code on the victim's system by injecting a malicious pickle object...
8.8CVSS
8.9AI Score
0.0004EPSS