unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2020-36654
A vulnerability classified as problematic has been found in GENI Portal. This affects the function no_invocation_id_error of the file portal/www/portal/sliceresource.php. The manipulation of the argument invocation_id/invocation_user leads to cross site scripting. It is possible to initiate the attack remotely. The nam CVE project by @Sn0wAlice
Create: 2023-01-18 19:51:54 +0000 UTC Push: 2023-01-18 19:51:57 +0000 UTC |
Live-Hack-CVE/CVE-2020-36653
A vulnerability was found in GENI Portal. It has been rated as problematic. Affected by this issue is some unknown functionality of the file portal/www/portal/error-text.php. The manipulation of the argument error leads to cross site scripting. The attack may be launched remotely. The name of the patch is c2356cc412605 CVE project by @Sn0wAlice
Create: 2023-01-18 19:51:50 +0000 UTC Push: 2023-01-18 19:51:53 +0000 UTC |
Live-Hack-CVE/CVE-2015-10068
A vulnerability classified as critical was found in danynab movify-j. This vulnerability affects the function getByMovieId of the file app/business/impl/ReviewServiceImpl.java. The manipulation of the argument movieId/username leads to sql injection. The name of the patch is c3085e01936a4d7eff1eda3093f25d56cc4d2ec5. It CVE project by @Sn0wAlice
Create: 2023-01-18 19:51:46 +0000 UTC Push: 2023-01-18 19:51:49 +0000 UTC |
Live-Hack-CVE/CVE-2023-0122
A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmet_setup_auth(), allows an attacker to perform a Pre-Auth Denial of Service (DoS) attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4. CVE project by @Sn0wAlice
Create: 2023-01-18 19:51:42 +0000 UTC Push: 2023-01-18 19:51:45 +0000 UTC |
jfrog/git-crasher-poc-cve-2022-23521
Create: 2023-01-18 18:27:34 +0000 UTC Push: 2023-01-18 18:27:35 +0000 UTC |
lanqingaa/CVE-2022-46463
Create: 2023-01-18 15:34:58 +0000 UTC Push: 2023-01-18 15:34:58 +0000 UTC |
Live-Hack-CVE/CVE-2022-47911
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands. CVE project by @Sn0wAlice
Create: 2023-01-18 14:23:03 +0000 UTC Push: 2023-01-18 14:23:06 +0000 UTC |
Live-Hack-CVE/CVE-2022-47395
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its monitor services. An attacker could take advantage of this vulnerability to execute arbitrary maintenance operations and cause a denial-of-service condition. CVE project by @Sn0wAlice
Create: 2023-01-18 14:22:59 +0000 UTC Push: 2023-01-18 14:23:02 +0000 UTC |
Live-Hack-CVE/CVE-2022-46733
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands. CVE project by @Sn0wAlice
Create: 2023-01-18 14:22:55 +0000 UTC Push: 2023-01-18 14:22:58 +0000 UTC |
Live-Hack-CVE/CVE-2022-45444
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 contains hard-coded passwords for select users in the application’s database. This could allow a remote attacker to login to the database with unrestricted access. CVE project by @Sn0wAlice
Create: 2023-01-18 14:22:50 +0000 UTC Push: 2023-01-18 14:22:53 +0000 UTC |
Live-Hack-CVE/CVE-2022-45127
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition. CVE project by @Sn0wAlice
Create: 2023-01-18 14:22:46 +0000 UTC Push: 2023-01-18 14:22:48 +0000 UTC |
Live-Hack-CVE/CVE-2022-43483
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands. CVE project by @Sn0wAlice
Create: 2023-01-18 14:22:43 +0000 UTC Push: 2023-01-18 14:22:45 +0000 UTC |
Live-Hack-CVE/CVE-2022-41989
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not validate the length of RTLS report payloads during communication. This allows an attacker to send an exceedingly long payload, resulting in an out-of-bounds write to cause a denial-of-service condition or code execu CVE project by @Sn0wAlice
Create: 2023-01-18 14:22:38 +0000 UTC Push: 2023-01-18 14:22:41 +0000 UTC |
Live-Hack-CVE/CVE-2015-10067
A vulnerability was found in oznetmaster SSharpSmartThreadPool. It has been classified as problematic. This affects an unknown part of the file SSharpSmartThreadPool/SmartThreadPool.cs. The manipulation leads to race condition within a thread. The name of the patch is 0e58073c831093aad75e077962e9fb55cad0dc5f. It is rec CVE project by @Sn0wAlice
Create: 2023-01-18 14:22:34 +0000 UTC Push: 2023-01-18 14:22:37 +0000 UTC |
Live-Hack-CVE/CVE-2023-21679
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21543, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556. CVE project by @Sn0wAlice
Create: 2023-01-18 14:22:30 +0000 UTC Push: 2023-01-18 14:22:33 +0000 UTC |
Live-Hack-CVE/CVE-2023-21678
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21760, CVE-2023-21765. CVE project by @Sn0wAlice
Create: 2023-01-18 14:22:26 +0000 UTC Push: 2023-01-18 14:22:29 +0000 UTC |
Live-Hack-CVE/CVE-2023-21677
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2023-21683, CVE-2023-21758. CVE project by @Sn0wAlice
Create: 2023-01-18 14:22:22 +0000 UTC Push: 2023-01-18 14:22:25 +0000 UTC |
Live-Hack-CVE/CVE-2023-21676
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. CVE project by @Sn0wAlice
Create: 2023-01-18 14:22:18 +0000 UTC Push: 2023-01-18 14:22:21 +0000 UTC |
Live-Hack-CVE/CVE-2023-0358
Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV. CVE project by @Sn0wAlice
Create: 2023-01-18 14:22:14 +0000 UTC Push: 2023-01-18 14:22:17 +0000 UTC |
Live-Hack-CVE/CVE-2023-21563
BitLocker Security Feature Bypass Vulnerability. CVE project by @Sn0wAlice
Create: 2023-01-18 14:22:10 +0000 UTC Push: 2023-01-18 14:22:13 +0000 UTC |
Previous
750
751
752
753
754
755
756
757
Next