unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2023-21538
.NET Denial of Service Vulnerability. CVE project by @Sn0wAlice
Create: 2023-01-11 08:09:42 +0000 UTC Push: 2023-01-11 08:09:45 +0000 UTC |
Live-Hack-CVE/CVE-2022-4337
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. CVE project by @Sn0wAlice
Create: 2023-01-11 08:09:38 +0000 UTC Push: 2023-01-11 08:09:41 +0000 UTC |
Live-Hack-CVE/CVE-2023-0141
Insufficient policy enforcement in CORS in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) CVE project by @Sn0wAlice
Create: 2023-01-11 05:59:35 +0000 UTC Push: 2023-01-11 05:59:38 +0000 UTC |
Live-Hack-CVE/CVE-2023-0140
Inappropriate implementation in in File System API in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Low) CVE project by @Sn0wAlice
Create: 2023-01-11 05:59:30 +0000 UTC Push: 2023-01-11 05:59:33 +0000 UTC |
Live-Hack-CVE/CVE-2023-0139
Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to bypass download restrictions via a crafted HTML page. (Chromium security severity: Low) CVE project by @Sn0wAlice
Create: 2023-01-11 05:59:26 +0000 UTC Push: 2023-01-11 05:59:29 +0000 UTC |
Live-Hack-CVE/CVE-2023-0132
Inappropriate implementation in in Permission prompts in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to force acceptance of a permission prompt via a crafted HTML page. (Chromium security severity: Medium) CVE project by @Sn0wAlice
Create: 2023-01-11 05:59:22 +0000 UTC Push: 2023-01-11 05:59:24 +0000 UTC |
Live-Hack-CVE/CVE-2023-0138
Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) CVE project by @Sn0wAlice
Create: 2023-01-11 05:59:17 +0000 UTC Push: 2023-01-11 05:59:20 +0000 UTC |
Live-Hack-CVE/CVE-2023-0129
Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and specific interactions. (Chromium security severity: High) CVE project by @Sn0wAlice
Create: 2023-01-11 05:59:13 +0000 UTC Push: 2023-01-11 05:59:16 +0000 UTC |
Live-Hack-CVE/CVE-2023-0137
Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE project by @Sn0wAlice
Create: 2023-01-11 05:59:08 +0000 UTC Push: 2023-01-11 05:59:11 +0000 UTC |
Live-Hack-CVE/CVE-2023-0130
Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) CVE project by @Sn0wAlice
Create: 2023-01-11 05:59:04 +0000 UTC Push: 2023-01-11 05:59:07 +0000 UTC |
Live-Hack-CVE/CVE-2023-0136
Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to execute incorrect security UI via a crafted HTML page. (Chromium security severity: Medium) CVE project by @Sn0wAlice
Create: 2023-01-11 05:58:59 +0000 UTC Push: 2023-01-11 05:59:03 +0000 UTC |
Live-Hack-CVE/CVE-2023-0128
Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE project by @Sn0wAlice
Create: 2023-01-11 05:58:55 +0000 UTC Push: 2023-01-11 05:58:58 +0000 UTC |
Live-Hack-CVE/CVE-2023-0135
Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database corruption and a crafted HTML page. (Chromium security severity: Medium) CVE project by @Sn0wAlice
Create: 2023-01-11 05:58:52 +0000 UTC Push: 2023-01-11 05:58:54 +0000 UTC |
Live-Hack-CVE/CVE-2023-0134
Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database corruption and a crafted HTML page. (Chromium security severity: Medium) CVE project by @Sn0wAlice
Create: 2023-01-11 05:58:47 +0000 UTC Push: 2023-01-11 05:58:50 +0000 UTC |
Live-Hack-CVE/CVE-2023-0133
Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypass main origin permission delegation via a crafted HTML page. (Chromium security severity: Medium) CVE project by @Sn0wAlice
Create: 2023-01-11 05:58:43 +0000 UTC Push: 2023-01-11 05:58:46 +0000 UTC |
Live-Hack-CVE/CVE-2023-0131
Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE project by @Sn0wAlice
Create: 2023-01-11 05:58:38 +0000 UTC Push: 2023-01-11 05:58:41 +0000 UTC |
Live-Hack-CVE/CVE-2022-4636
Black Box KVM Firmware version 3.4.31307 on models ACR1000A-R-R2, ACR1000A-T-R2, ACR1002A-T, ACR1002A-R, and ACR1020A-T is vulnerable to path traversal, which may allow an attacker to steal user credentials and other sensitive information through local file inclusion. CVE project by @Sn0wAlice
Create: 2023-01-11 05:58:34 +0000 UTC Push: 2023-01-11 05:58:37 +0000 UTC |
Live-Hack-CVE/CVE-2022-45614
An issue in the /index.php/user/edit_user/ component of Book Store Management System v1.0 allows unauthenticated attackers to retrieve the password hashes of all existing user accounts via a crafted request. CVE project by @Sn0wAlice
Create: 2023-01-11 05:58:30 +0000 UTC Push: 2023-01-11 05:58:33 +0000 UTC |
Live-Hack-CVE/CVE-2022-31054
Argo Events is an event-driven workflow automation framework for Kubernetes. Prior to version 1.7.1, several `HandleRoute` endpoints make use of the deprecated `ioutil.ReadAll()`. `ioutil.ReadAll()` reads all the data into memory. As such, an attacker who sends a large request to the Argo Events server will be able to CVE project by @Sn0wAlice
Create: 2023-01-11 05:58:19 +0000 UTC Push: 2023-01-11 05:58:23 +0000 UTC |
Live-Hack-CVE/CVE-2022-4780
ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change. CVE project by @Sn0wAlice
Create: 2023-01-11 03:49:06 +0000 UTC Push: 2023-01-11 03:49:09 +0000 UTC |
Previous
1076
1077
1078
1079
1080
1081
1082
1083
Next