unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2019-6614
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, internal methods used to prevent arbitrary file overwrites in Appliance Mode were not fully effective. An authenticated attacker with a high privilege level may be able to bypass protections implemented in appliance mode to overwrite arbitrary system files. CVE project by @Sn0wAlice
Create: 2023-02-11 03:49:20 +0000 UTC Push: 2023-02-11 03:49:22 +0000 UTC |
Live-Hack-CVE/CVE-2019-6612
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, DNS query TCP connections that are aborted before receiving a response from a DNS cache may cause TMM to restart. CVE project by @Sn0wAlice
Create: 2023-02-11 03:49:16 +0000 UTC Push: 2023-02-11 03:49:18 +0000 UTC |
Live-Hack-CVE/CVE-2019-6613
On BIG-IP 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, SNMP may expose sensitive configuration objects over insecure transmission channels. This issue is exposed when a passphrase is used with various profile types and is accessed using SNMPv2. CVE project by @Sn0wAlice
Create: 2023-02-11 03:49:12 +0000 UTC Push: 2023-02-11 03:49:15 +0000 UTC |
Live-Hack-CVE/CVE-2019-13751
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE project by @Sn0wAlice
Create: 2023-02-11 03:49:08 +0000 UTC Push: 2023-02-11 03:49:11 +0000 UTC |
Live-Hack-CVE/CVE-2019-13752
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE project by @Sn0wAlice
Create: 2023-02-11 03:49:03 +0000 UTC Push: 2023-02-11 03:49:05 +0000 UTC |
Live-Hack-CVE/CVE-2019-13753
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE project by @Sn0wAlice
Create: 2023-02-11 03:48:59 +0000 UTC Push: 2023-02-11 03:49:01 +0000 UTC |
Live-Hack-CVE/CVE-2019-13755
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page. CVE project by @Sn0wAlice
Create: 2023-02-11 03:48:55 +0000 UTC Push: 2023-02-11 03:48:58 +0000 UTC |
Live-Hack-CVE/CVE-2019-13756
Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE project by @Sn0wAlice
Create: 2023-02-11 03:48:51 +0000 UTC Push: 2023-02-11 03:48:54 +0000 UTC |
Live-Hack-CVE/CVE-2019-13757
Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE project by @Sn0wAlice
Create: 2023-02-11 03:48:47 +0000 UTC Push: 2023-02-11 03:48:50 +0000 UTC |
Live-Hack-CVE/CVE-2019-13759
Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE project by @Sn0wAlice
Create: 2023-02-11 03:48:43 +0000 UTC Push: 2023-02-11 03:48:46 +0000 UTC |
un4gi/CVE-2018-1207
A proof of concept for CVE-2018-1207.
Create: 2023-02-11 03:06:50 +0000 UTC Push: 2023-02-11 03:06:51 +0000 UTC |
BKreisel/CVE-2022-23935
? Python Exploit for CVE-2022-23935
Create: 2023-02-11 02:22:44 +0000 UTC Push: 2023-02-11 02:22:45 +0000 UTC |
Live-Hack-CVE/CVE-2023-24613
The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handle CVE project by @Sn0wAlice
Create: 2023-02-11 01:37:08 +0000 UTC Push: 2023-02-11 01:37:11 +0000 UTC |
Live-Hack-CVE/CVE-2023-24234
A stored cross-site scripting (XSS) vulnerability in the component php-inventory-management-system/brand.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Brand Name parameter. CVE project by @Sn0wAlice
Create: 2023-02-11 01:37:04 +0000 UTC Push: 2023-02-11 01:37:07 +0000 UTC |
Live-Hack-CVE/CVE-2023-24233
A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/orders.php?o=add of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Client Name parameter. CVE project by @Sn0wAlice
Create: 2023-02-11 01:37:01 +0000 UTC Push: 2023-02-11 01:37:03 +0000 UTC |
Live-Hack-CVE/CVE-2023-24232
A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/product.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter. CVE project by @Sn0wAlice
Create: 2023-02-11 01:36:57 +0000 UTC Push: 2023-02-11 01:36:59 +0000 UTC |
Live-Hack-CVE/CVE-2023-24231
A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/categories.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Categories Name parameter. CVE project by @Sn0wAlice
Create: 2023-02-11 01:36:54 +0000 UTC Push: 2023-02-11 01:36:56 +0000 UTC |
Live-Hack-CVE/CVE-2023-24230
A stored cross-site scripting (XSS) vulnerability in the component /formwork/panel/dashboard of Formwork v1.12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page title parameter. CVE project by @Sn0wAlice
Create: 2023-02-11 01:36:50 +0000 UTC Push: 2023-02-11 01:36:52 +0000 UTC |
Live-Hack-CVE/CVE-2022-21676
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the `engine.io` package starting fro CVE project by @Sn0wAlice
Create: 2023-02-11 01:36:37 +0000 UTC Push: 2023-02-11 01:36:40 +0000 UTC |
Live-Hack-CVE/CVE-2022-23639
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of `{i,u}64` was always the same as `Atomic{I,U}64`. However, the alignment of `{i,u}64` on a 32-bit target CVE project by @Sn0wAlice
Create: 2023-02-11 01:36:34 +0000 UTC Push: 2023-02-11 01:36:36 +0000 UTC |
Previous
388
389
390
391
392
393
394
395
Next