unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2022-32595
In widevine, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446236; Issue ID: ALPS07446236. CVE project by @Sn0wAlice
Create: 2023-02-12 08:07:22 +0000 UTC Push: 2023-02-12 08:07:24 +0000 UTC |
Chocapikk/CVE-2022-44877
Bash Script for Checking Command Injection Vulnerability on CentOS Web Panel [CWP] (CVE-2022-44877)
Create: 2023-02-12 04:45:08 +0000 UTC Push: 2023-02-12 04:45:09 +0000 UTC |
Live-Hack-CVE/CVE-2023-0783
A vulnerability was found in EcShop 4.1.5. It has been classified as critical. This affects an unknown part of the file /ecshop/admin/template.php of the component PHP File Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi CVE project by @Sn0wAlice
Create: 2023-02-12 03:45:34 +0000 UTC Push: 2023-02-12 03:45:36 +0000 UTC |
Live-Hack-CVE/CVE-2023-0782
A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function formSetSysToolDDNS/formGetSysToolDDNS of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public an CVE project by @Sn0wAlice
Create: 2023-02-12 03:45:31 +0000 UTC Push: 2023-02-12 03:45:33 +0000 UTC |
Live-Hack-CVE/CVE-2023-0127
A command injection vulnerability in the firmware_update command, in the device's restricted telnet interface, allows an authenticated attacker to execute arbitrary commands as root. CVE project by @Sn0wAlice
Create: 2023-02-12 03:45:27 +0000 UTC Push: 2023-02-12 03:45:29 +0000 UTC |
Live-Hack-CVE/CVE-2019-10430
Jenkins NeuVector Vulnerability Scanner Plugin 1.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. CVE project by @Sn0wAlice
Create: 2023-02-12 03:45:23 +0000 UTC Push: 2023-02-12 03:45:25 +0000 UTC |
Live-Hack-CVE/CVE-2015-6042
Use-after-free vulnerability in the CWindow object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." CVE project by @Sn0wAlice
Create: 2023-02-12 01:35:12 +0000 UTC Push: 2023-02-12 01:35:14 +0000 UTC |
yuriisanin/CVE-2022-45771
[PoC] Privilege escalation / Code execution via LFI in PwnDoC
Create: 2023-02-11 23:26:14 +0000 UTC Push: 2023-02-11 23:28:11 +0000 UTC |
Live-Hack-CVE/CVE-2022-1253
Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release. CVE project by @Sn0wAlice
Create: 2023-02-11 23:25:24 +0000 UTC Push: 2023-02-11 23:25:26 +0000 UTC |
Live-Hack-CVE/CVE-2023-0781
A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been declared as critical. This vulnerability affects the function query of the file removeOrder.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the CVE project by @Sn0wAlice
Create: 2023-02-11 23:25:04 +0000 UTC Push: 2023-02-11 23:25:06 +0000 UTC |
Live-Hack-CVE/CVE-2022-34445
Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure. CVE project by @Sn0wAlice
Create: 2023-02-11 21:13:06 +0000 UTC Push: 2023-02-11 21:13:08 +0000 UTC |
Live-Hack-CVE/CVE-2022-34444
Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to cause data leak. CVE project by @Sn0wAlice
Create: 2023-02-11 21:13:02 +0000 UTC Push: 2023-02-11 21:13:05 +0000 UTC |
Live-Hack-CVE/CVE-2022-34404
Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in data parser module. A local attacker with high privileges could potentially exploit this vulnerability, leading to credential theft and/or denial of service. CVE project by @Sn0wAlice
Create: 2023-02-11 21:12:59 +0000 UTC Push: 2023-02-11 21:13:01 +0000 UTC |
Live-Hack-CVE/CVE-2022-34392
SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information. CVE project by @Sn0wAlice
Create: 2023-02-11 21:12:56 +0000 UTC Push: 2023-02-11 21:12:58 +0000 UTC |
Live-Hack-CVE/CVE-2022-34389
Dell SupportAssist contains a rate limit bypass issues in screenmeet API third party component. An unauthenticated attacker could potentially exploit this vulnerability and impersonate a legitimate dell customer to a dell support technician. CVE project by @Sn0wAlice
Create: 2023-02-11 21:12:52 +0000 UTC Push: 2023-02-11 21:12:54 +0000 UTC |
Live-Hack-CVE/CVE-2022-34388
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain information disclosure vulnerability. A local malicious user with low privileges could exploit this vulnerability to view and modify sensitive information in the database of the affected appli CVE project by @Sn0wAlice
Create: 2023-02-11 21:12:49 +0000 UTC Push: 2023-02-11 21:12:51 +0000 UTC |
Live-Hack-CVE/CVE-2022-34387
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system. CVE project by @Sn0wAlice
Create: 2023-02-11 21:12:45 +0000 UTC Push: 2023-02-11 21:12:47 +0000 UTC |
Live-Hack-CVE/CVE-2022-34386
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. CVE project by @Sn0wAlice
Create: 2023-02-11 21:12:42 +0000 UTC Push: 2023-02-11 21:12:44 +0000 UTC |
Live-Hack-CVE/CVE-2022-34385
SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. CVE project by @Sn0wAlice
Create: 2023-02-11 21:12:38 +0000 UTC Push: 2023-02-11 21:12:41 +0000 UTC |
Live-Hack-CVE/CVE-2022-34384
Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may pot CVE project by @Sn0wAlice
Create: 2023-02-11 21:12:35 +0000 UTC Push: 2023-02-11 21:12:37 +0000 UTC |
Previous
386
387
388
389
390
391
392
393
Next