unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2017-20175
A vulnerability classified as problematic has been found in DaSchTour matomo-mediawiki-extension up to 2.4.2. This affects an unknown part of the file Piwik.hooks.php of the component Username Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been d CVE project by @Sn0wAlice
Create: 2023-02-06 05:32:46 +0000 UTC Push: 2023-02-06 05:32:49 +0000 UTC |
voidz0r/CVE-2022-44268
A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read
Create: 2023-02-06 02:42:27 +0000 UTC Push: 2023-02-06 03:20:26 +0000 UTC |
dumitory-dev/CVE-2020-35391-POC
Tenda N300 Authentication Bypass via Malformed HTTP Eequest Header
Create: 2023-02-05 21:42:55 +0000 UTC Push: 2023-02-05 21:42:58 +0000 UTC |
Live-Hack-CVE/CVE-2023-22849
An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Sling App CMS version 1.1.4 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting (XSS) attack in multiple features. Upgrade to Apache Sling App CMS >= 1.1.6 CVE project by @Sn0wAlice
Create: 2023-02-05 07:33:13 +0000 UTC Push: 2023-02-05 07:33:15 +0000 UTC |
Live-Hack-CVE/CVE-2022-45786
There are issues with the AGE drivers for Golang and Python that enable SQL injections to occur. This impacts AGE for PostgreSQL 11 & AGE for PostgreSQL 12, all versions up-to-and-including 1.1.0, when using those drivers. The fix is to update to the latest Golang and Python drivers in addition to the latest version of CVE project by @Sn0wAlice
Create: 2023-02-05 07:33:10 +0000 UTC Push: 2023-02-05 07:33:12 +0000 UTC |
peteribi/CVE-2021-27077
Create: 2023-02-05 06:13:35 +0000 UTC Push: 2023-02-05 06:13:35 +0000 UTC |
n2x4/Feb2023-CVE-2021-21974-OSINT
Analysis of the ransom demands from Shodan results
Create: 2023-02-05 05:23:20 +0000 UTC Push: 2023-02-05 05:23:21 +0000 UTC |
Live-Hack-CVE/CVE-2023-25193
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. CVE project by @Sn0wAlice
Create: 2023-02-05 05:19:30 +0000 UTC Push: 2023-02-05 05:19:32 +0000 UTC |
Live-Hack-CVE/CVE-2017-11358
The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file. CVE project by @Sn0wAlice
Create: 2023-02-05 02:00:47 +0000 UTC Push: 2023-02-05 02:00:49 +0000 UTC |
Live-Hack-CVE/CVE-2021-3643
A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information. CVE project by @Sn0wAlice
Create: 2023-02-05 02:00:43 +0000 UTC Push: 2023-02-05 02:00:45 +0000 UTC |
Live-Hack-CVE/CVE-2023-0678
Improper Authorization in GitHub repository phpipam/phpipam prior to v1.5.1. CVE project by @Sn0wAlice
Create: 2023-02-04 23:50:30 +0000 UTC Push: 2023-02-04 23:50:32 +0000 UTC |
Live-Hack-CVE/CVE-2023-0677
Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to v1.5.1. CVE project by @Sn0wAlice
Create: 2023-02-04 23:50:27 +0000 UTC Push: 2023-02-04 23:50:29 +0000 UTC |
Live-Hack-CVE/CVE-2023-0676
Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to 1.5.1. CVE project by @Sn0wAlice
Create: 2023-02-04 23:50:23 +0000 UTC Push: 2023-02-04 23:50:25 +0000 UTC |
PyterSmithDarkGhost/CVE-2023-21608-EXPLOIT
Create: 2023-02-04 22:44:19 +0000 UTC Push: 2023-02-04 22:44:19 +0000 UTC |
Live-Hack-CVE/CVE-2023-0663
A vulnerability was found in Calendar Event Management System 2.3.0. It has been rated as critical. This issue affects some unknown processing of the component Login Page. The manipulation of the argument name/pwd leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public CVE project by @Sn0wAlice
Create: 2023-02-04 19:26:36 +0000 UTC Push: 2023-02-04 19:26:38 +0000 UTC |
Live-Hack-CVE/CVE-2023-0675
A vulnerability, which was classified as critical, was found in Calendar Event Management System 2.3.0. This affects an unknown part. The manipulation of the argument start/end leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The ident CVE project by @Sn0wAlice
Create: 2023-02-04 19:26:33 +0000 UTC Push: 2023-02-04 19:26:35 +0000 UTC |
Live-Hack-CVE/CVE-2023-0674
A vulnerability, which was classified as problematic, has been found in XXL-JOB 2.3.1. Affected by this issue is some unknown functionality of the file /user/updatePwd of the component New Password Handler. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been d CVE project by @Sn0wAlice
Create: 2023-02-04 19:26:29 +0000 UTC Push: 2023-02-04 19:26:31 +0000 UTC |
Live-Hack-CVE/CVE-2023-0673
A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file oews/products/view_product.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The associated identifier of CVE project by @Sn0wAlice
Create: 2023-02-04 19:26:26 +0000 UTC Push: 2023-02-04 19:26:28 +0000 UTC |
Live-Hack-CVE/CVE-2019-25101
A vulnerability classified as critical has been found in OnShift TurboGears 1.0.11.10. This affects an unknown part of the file turbogears/controllers.py of the component HTTP Header Handler. The manipulation leads to http response splitting. It is possible to initiate the attack remotely. Upgrading to version 1.0.11.1 CVE project by @Sn0wAlice
Create: 2023-02-04 19:26:23 +0000 UTC Push: 2023-02-04 19:26:25 +0000 UTC |
Live-Hack-CVE/CVE-2018-25080
A vulnerability, which was classified as problematic, has been found in MobileDetect 2.8.31. This issue affects the function initLayoutType of the file examples/session_example.php of the component Example. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. The attack may be initiated CVE project by @Sn0wAlice
Create: 2023-02-04 19:26:19 +0000 UTC Push: 2023-02-04 19:26:21 +0000 UTC |
Previous
410
411
412
413
414
415
416
417
Next