unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2022-35977
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis ver CVE project by @Sn0wAlice
Create: 2023-02-03 00:09:45 +0000 UTC Push: 2023-02-03 00:09:47 +0000 UTC |
Live-Hack-CVE/CVE-2018-3962
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the CreationDate property of the this.info object. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If CVE project by @Sn0wAlice
Create: 2023-02-03 00:09:41 +0000 UTC Push: 2023-02-03 00:09:43 +0000 UTC |
Live-Hack-CVE/CVE-2019-14892
A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code. CVE project by @Sn0wAlice
Create: 2023-02-03 00:09:37 +0000 UTC Push: 2023-02-03 00:09:40 +0000 UTC |
duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC
Create: 2023-02-02 23:34:28 +0000 UTC Push: 2023-02-02 23:34:29 +0000 UTC |
Live-Hack-CVE/CVE-2023-0643
Improper Handling of Additional Special Element in GitHub repository squidex/squidex prior to 7.4.0. CVE project by @Sn0wAlice
Create: 2023-02-02 21:57:50 +0000 UTC Push: 2023-02-02 21:57:52 +0000 UTC |
Live-Hack-CVE/CVE-2023-0642
Cross-Site Request Forgery (CSRF) in GitHub repository squidex/squidex prior to 7.4.0. CVE project by @Sn0wAlice
Create: 2023-02-02 21:57:46 +0000 UTC Push: 2023-02-02 21:57:48 +0000 UTC |
Live-Hack-CVE/CVE-2022-46965
PrestaShop module, totadministrativemandate before v1.7.1 was discovered to contain a SQL injection vulnerability. CVE project by @Sn0wAlice
Create: 2023-02-02 21:57:42 +0000 UTC Push: 2023-02-02 21:57:45 +0000 UTC |
Live-Hack-CVE/CVE-2020-24307
An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. CVE project by @Sn0wAlice
Create: 2023-02-02 21:57:38 +0000 UTC Push: 2023-02-02 21:57:41 +0000 UTC |
Live-Hack-CVE/CVE-2022-33323
Active Debug Code vulnerability in robot controller of Mitsubishi Electric Corporation industrial robot MELFA SD/SQ Series and MELFA F-Series allows a remote unauthenticated attacker to gain unauthorized access by authentication bypass through an unauthorized telnet login. As for the affected model names, controller ty CVE project by @Sn0wAlice
Create: 2023-02-02 19:49:22 +0000 UTC Push: 2023-02-02 19:49:24 +0000 UTC |
Live-Hack-CVE/CVE-2022-40269
Authentication Bypass by Spoofing vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B to 1.285X allows a re CVE project by @Sn0wAlice
Create: 2023-02-02 19:49:17 +0000 UTC Push: 2023-02-02 19:49:20 +0000 UTC |
Live-Hack-CVE/CVE-2022-40268
Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B to CVE project by @Sn0wAlice
Create: 2023-02-02 19:49:14 +0000 UTC Push: 2023-02-02 19:49:16 +0000 UTC |
Live-Hack-CVE/CVE-2023-0641
A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password requirements. The attack can CVE project by @Sn0wAlice
Create: 2023-02-02 19:49:10 +0000 UTC Push: 2023-02-02 19:49:12 +0000 UTC |
Live-Hack-CVE/CVE-2023-0640
A vulnerability was found in TRENDnet TEW-652BRP 3.04b01. It has been classified as critical. Affected is an unknown function of the file ping.ccp of the component Web Interface. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m CVE project by @Sn0wAlice
Create: 2023-02-02 19:49:06 +0000 UTC Push: 2023-02-02 19:49:09 +0000 UTC |
Live-Hack-CVE/CVE-2023-0639
A vulnerability was found in TRENDnet TEW-652BRP 3.04b01 and classified as problematic. This issue affects some unknown processing of the file get_set.ccp of the component Web Management Interface. The manipulation of the argument nextPage leads to cross site scripting. The attack may be initiated remotely. The associa CVE project by @Sn0wAlice
Create: 2023-02-02 19:49:02 +0000 UTC Push: 2023-02-02 19:49:05 +0000 UTC |
Live-Hack-CVE/CVE-2023-0638
A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-220018 i CVE project by @Sn0wAlice
Create: 2023-02-02 19:48:59 +0000 UTC Push: 2023-02-02 19:49:01 +0000 UTC |
Live-Hack-CVE/CVE-2023-0637
A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. This affects an unknown part of the file wan.asp of the component Web Management Interface. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the pub CVE project by @Sn0wAlice
Create: 2023-02-02 19:48:55 +0000 UTC Push: 2023-02-02 19:48:57 +0000 UTC |
Live-Hack-CVE/CVE-2023-0400
The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This allowed a local user to bypass DLP controls when uploading sensitive data from a mapped drive into a web email client. Loading from a local driver was correctly prevented. Versions prior to 11.9 correctly detected and bl CVE project by @Sn0wAlice
Create: 2023-02-02 19:48:51 +0000 UTC Push: 2023-02-02 19:48:53 +0000 UTC |
Live-Hack-CVE/CVE-2022-2546
The All-in-One WP Migration WordPress plugin before 7.63 uses the wrong content type, and does not properly escape the response from the ai1wm_export AJAX action, allowing an attacker to craft a request that when submitted by any visitor will inject arbitrary html or javascript into the response that will be executed i CVE project by @Sn0wAlice
Create: 2023-02-02 19:48:47 +0000 UTC Push: 2023-02-02 19:48:50 +0000 UTC |
Live-Hack-CVE/CVE-2022-43665
A denial of service vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.8.645. A specially-crafted PE file can lead to killing target process. An attacker can provide a malicious file to trigger this vulnerability. CVE project by @Sn0wAlice
Create: 2023-02-02 19:48:44 +0000 UTC Push: 2023-02-02 19:48:46 +0000 UTC |
ColdFusionX/CVE-20204-4877-CWP7
Control Web Panel 7 (CWP7) Remote Code Execution (RCE) (CVE-2022-44877) (Unauthenticated)
Create: 2023-02-02 19:00:32 +0000 UTC Push: 2023-02-02 19:00:33 +0000 UTC |
Previous
682
683
684
685
686
687
688
689
Next