unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Halcy0nic/CVE-2022-36234
Create: 2023-02-01 04:59:35 +0000 UTC Push: 2023-02-01 04:59:35 +0000 UTC |
Live-Hack-CVE/CVE-2022-45172
An issue was discovered in LIVEBOX Collaboration vDesk before v018. Broken Access Control can occur under the /api/v1/registration/validateEmail endpoint, the /api/v1/vdeskintegration/user/adduser endpoint, and the /api/v1/registration/changePasswordUser endpoint. The web application is affected by flaws in authorizati CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:26 +0000 UTC Push: 2023-02-01 03:58:28 +0000 UTC |
Live-Hack-CVE/CVE-2022-47854
i-librarian 4.10 is vulnerable to Arbitrary file upload in ajaxsupplement.php. CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:22 +0000 UTC Push: 2023-02-01 03:58:25 +0000 UTC |
Live-Hack-CVE/CVE-2022-47701
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting (XSS). CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:19 +0000 UTC Push: 2023-02-01 03:58:21 +0000 UTC |
Live-Hack-CVE/CVE-2022-47700
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Incorrect Access Control. Improper authentication allows requests to be made to back-end scripts without a valid session or authentication. CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:15 +0000 UTC Push: 2023-02-01 03:58:17 +0000 UTC |
Live-Hack-CVE/CVE-2022-47699
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control. CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:12 +0000 UTC Push: 2023-02-01 03:58:14 +0000 UTC |
Live-Hack-CVE/CVE-2022-47698
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting (XSS) via the URL filtering feature in the router. CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:08 +0000 UTC Push: 2023-02-01 03:58:10 +0000 UTC |
Live-Hack-CVE/CVE-2022-47697
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts. CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:04 +0000 UTC Push: 2023-02-01 03:58:06 +0000 UTC |
Live-Hack-CVE/CVE-2023-22610
A CWE-285: Improper Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port. Affected Products: EcoStruxure™ Geo SCADA Expert 2019, EcoStruxure™ Geo SCADA Expert 2020, EcoStruxure™ Geo SCADA Expert CVE project by @Sn0wAlice
Create: 2023-02-01 03:58:01 +0000 UTC Push: 2023-02-01 03:58:03 +0000 UTC |
Live-Hack-CVE/CVE-2022-0316
The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from ChimpStudio and PixFill doe CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:57 +0000 UTC Push: 2023-02-01 03:57:59 +0000 UTC |
Live-Hack-CVE/CVE-2016-4279
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:53 +0000 UTC Push: 2023-02-01 03:57:56 +0000 UTC |
Live-Hack-CVE/CVE-2016-6929
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:49 +0000 UTC Push: 2023-02-01 03:57:52 +0000 UTC |
Live-Hack-CVE/CVE-2016-6930
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:46 +0000 UTC Push: 2023-02-01 03:57:48 +0000 UTC |
Live-Hack-CVE/CVE-2016-6921
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6923, CVE-2016-6925, CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:42 +0000 UTC Push: 2023-02-01 03:57:44 +0000 UTC |
Live-Hack-CVE/CVE-2016-6932
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:38 +0000 UTC Push: 2023-02-01 03:57:41 +0000 UTC |
Live-Hack-CVE/CVE-2022-4017
The Booster for WooCommerce WordPress plugin before 6.0.1, Booster Plus for WooCommerce WordPress plugin before 6.0.1, Booster Elite for WooCommerce WordPress plugin before 6.0.1 have either flawed CSRF checks or are missing them completely in numerous places, allowing attackers to make logged in users perform unwanted CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:32 +0000 UTC Push: 2023-02-01 03:57:34 +0000 UTC |
Live-Hack-CVE/CVE-2022-4303
The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based restrictions on login forms. CVE project by @Sn0wAlice
Create: 2023-02-01 03:57:28 +0000 UTC Push: 2023-02-01 03:57:30 +0000 UTC |
tin-z/solidity_CVE-2021-42574-POC
Simple POC of the CVE-2021-42574 with solidity and solc compiler
Create: 2023-02-01 02:15:00 +0000 UTC Push: 2023-02-01 02:15:00 +0000 UTC |
Live-Hack-CVE/CVE-2021-43445
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An attacker can authenticate with the web socket service of the ONLYOFFICE document editor which is protected by JWT auth by using a default JWT signing key. CVE project by @Sn0wAlice
Create: 2023-02-01 01:47:33 +0000 UTC Push: 2023-02-01 01:47:35 +0000 UTC |
Live-Hack-CVE/CVE-2021-43444
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak default URL signing key. CVE project by @Sn0wAlice
Create: 2023-02-01 01:47:29 +0000 UTC Push: 2023-02-01 01:47:31 +0000 UTC |
Previous
696
697
698
699
700
701
702
703
Next