unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2021-41823
The Web Application Firewall (WAF) in Kemp LoadMaster 7.2.54.1 allows certain uses of onmouseover to bypass an XSS protection mechanism. CVE project by @Sn0wAlice
Create: 2023-01-01 20:13:22 +0000 UTC Push: 2023-01-01 20:13:25 +0000 UTC |
Live-Hack-CVE/CVE-2022-48198
The ntpd_driver component before 1.3.0 and 2.x before 2.2.0 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a robot's behavior. This occurs because a topic name depends on the attacker-controlled time_ref_topic parameter. CVE project by @Sn0wAlice
Create: 2023-01-01 20:13:12 +0000 UTC Push: 2023-01-01 20:13:15 +0000 UTC |
Live-Hack-CVE/CVE-2022-47634
M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867. CVE project by @Sn0wAlice
Create: 2023-01-01 20:13:08 +0000 UTC Push: 2023-01-01 20:13:10 +0000 UTC |
Live-Hack-CVE/CVE-2022-45213
perfSONAR before 4.4.6 inadvertently supports the parse option for a file:// URL. CVE project by @Sn0wAlice
Create: 2023-01-01 20:13:04 +0000 UTC Push: 2023-01-01 20:13:06 +0000 UTC |
Live-Hack-CVE/CVE-2022-45027
perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address. CVE project by @Sn0wAlice
Create: 2023-01-01 20:13:00 +0000 UTC Push: 2023-01-01 20:13:02 +0000 UTC |
Live-Hack-CVE/CVE-2022-40711
PrimeKey EJBCA 7.9.0.2 Community allows stored XSS in the End Entity section. A user with the RA Administrator role can inject an XSS payload to target higher-privilege users. CVE project by @Sn0wAlice
Create: 2023-01-01 20:12:56 +0000 UTC Push: 2023-01-01 20:12:59 +0000 UTC |
Live-Hack-CVE/CVE-2022-37787
An issue was discovered in WeCube platform 3.2.2. A DOM XSS vulnerability has been found on the plugin database execution page. CVE project by @Sn0wAlice
Create: 2023-01-01 20:12:52 +0000 UTC Push: 2023-01-01 20:12:55 +0000 UTC |
Live-Hack-CVE/CVE-2022-37786
An issue was discovered in WeCube Platform 3.2.2. There are multiple CSV injection issues: the [Home / Admin / Resources] page, the [Home / Admin / System Params] page, and the [Home / Design / Basekey Configuration] page. CVE project by @Sn0wAlice
Create: 2023-01-01 20:12:48 +0000 UTC Push: 2023-01-01 20:12:50 +0000 UTC |
Live-Hack-CVE/CVE-2022-37785
An issue was discovered in WeCube Platform 3.2.2. Cleartext passwords are displayed in the configuration for terminal plugins. CVE project by @Sn0wAlice
Create: 2023-01-01 20:12:44 +0000 UTC Push: 2023-01-01 20:12:47 +0000 UTC |
Live-Hack-CVE/CVE-2022-34324
Multiple SQL injections in Sage XRT Business Exchange 12.4.302 allow an authenticated attacker to inject malicious data in SQL queries: Add Currencies, Payment Order, and Transfer History. CVE project by @Sn0wAlice
Create: 2023-01-01 20:12:40 +0000 UTC Push: 2023-01-01 20:12:43 +0000 UTC |
Live-Hack-CVE/CVE-2022-34323
Multiple XSS issues were discovered in Sage XRT Business Exchange 12.4.302 that allow an attacker to execute JavaScript code in the context of other users' browsers. The attacker needs to be authenticated to reach the vulnerable features. An issue is present in the Filters and Display model features (OnlineBanking > We CVE project by @Sn0wAlice
Create: 2023-01-01 20:12:36 +0000 UTC Push: 2023-01-01 20:12:38 +0000 UTC |
Live-Hack-CVE/CVE-2022-34322
Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021 R1.1 that allow an attacker to execute JavaScript code in the context of users' browsers. The attacker needs to be authenticated to reach the vulnerable features. An issue is present in the Notify Users About Modification menu and the Notification CVE project by @Sn0wAlice
Create: 2023-01-01 20:12:32 +0000 UTC Push: 2023-01-01 20:12:34 +0000 UTC |
Live-Hack-CVE/CVE-2018-25063
A vulnerability classified as problematic was found in Zenoss Dashboard up to 1.3.4. Affected by this vulnerability is an unknown functionality of the file ZenPacks/zenoss/Dashboard/browser/resources/js/defaultportlets.js. The manipulation of the argument HTMLString leads to cross site scripting. The attack can be laun CVE project by @Sn0wAlice
Create: 2023-01-01 20:12:28 +0000 UTC Push: 2023-01-01 20:12:30 +0000 UTC |
Live-Hack-CVE/CVE-2018-25062
A vulnerability classified as problematic has been found in flar2 ElementalX up to 6.x. Affected is the function xfrm_dump_policy_done of the file net/xfrm/xfrm_user.c of the component ipsec. The manipulation leads to denial of service. Upgrading to version 7.00 is able to address this issue. The name of the patch is 1 CVE project by @Sn0wAlice
Create: 2023-01-01 20:12:24 +0000 UTC Push: 2023-01-01 20:12:27 +0000 UTC |
Live-Hack-CVE/CVE-2014-125030
A vulnerability, which was classified as critical, has been found in taoeffect Empress. Affected by this issue is some unknown functionality. The manipulation leads to use of hard-coded password. The name of the patch is 557e177d8a309d6f0f26de46efb38d43e000852d. It is recommended to apply a patch to fix this issue. VDB CVE project by @Sn0wAlice
Create: 2023-01-01 20:12:21 +0000 UTC Push: 2023-01-01 20:12:23 +0000 UTC |
Live-Hack-CVE/CVE-2022-43805
To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. CVE project by @Sn0wAlice
Create: 2023-01-01 14:44:12 +0000 UTC Push: 2023-01-01 14:44:15 +0000 UTC |
Live-Hack-CVE/CVE-2022-43804
To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. CVE project by @Sn0wAlice
Create: 2023-01-01 14:44:08 +0000 UTC Push: 2023-01-01 14:44:11 +0000 UTC |
Live-Hack-CVE/CVE-2022-43803
To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. CVE project by @Sn0wAlice
Create: 2023-01-01 14:44:05 +0000 UTC Push: 2023-01-01 14:44:07 +0000 UTC |
Live-Hack-CVE/CVE-2022-43802
To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. CVE project by @Sn0wAlice
Create: 2023-01-01 14:44:00 +0000 UTC Push: 2023-01-01 14:44:03 +0000 UTC |
Live-Hack-CVE/CVE-2022-43801
To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. CVE project by @Sn0wAlice
Create: 2023-01-01 14:43:54 +0000 UTC Push: 2023-01-01 14:43:59 +0000 UTC |
Previous
560
561
562
563
564
565
566
567
Next