unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2022-43755
A Insufficient Entropy vulnerability in SUSE Rancher allows attackers that gained knowledge of the cattle-token to continue abusing this even after the token was renewed. This issue affects: SUSE Rancher Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1. CVE project by @Sn0wAlice
Create: 2023-02-07 23:39:26 +0000 UTC Push: 2023-02-07 23:39:28 +0000 UTC |
Live-Hack-CVE/CVE-2022-31249
A Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in wrangler of SUSE Rancher allows remote attackers to inject commands in the underlying host via crafted commands passed to Wrangler. This issue affects: SUSE Rancher wrangler version 0.7.3 and prior versions; wr CVE project by @Sn0wAlice
Create: 2023-02-07 23:39:22 +0000 UTC Push: 2023-02-07 23:39:25 +0000 UTC |
Live-Hack-CVE/CVE-2022-21953
A Missing Authorization vulnerability in of SUSE Rancher allows authenticated user to create an unauthorized shell pod and kubectl access in the local cluster This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1. CVE project by @Sn0wAlice
Create: 2023-02-07 23:39:18 +0000 UTC Push: 2023-02-07 23:39:21 +0000 UTC |
Live-Hack-CVE/CVE-2021-37491
An issue discovered in src/wallet/wallet.cpp in Dogecoin Project Dogecoin Core 1.14.3 and earlier allows attackers to view sensitive information via CWallet::CreateTransaction() function. CVE project by @Sn0wAlice
Create: 2023-02-07 23:39:14 +0000 UTC Push: 2023-02-07 23:39:17 +0000 UTC |
Live-Hack-CVE/CVE-2023-22389
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file when the device configuration is exported via Save/Restore–>Backup Settings, which could be read by any user accessing the file. CVE project by @Sn0wAlice
Create: 2023-02-07 23:39:09 +0000 UTC Push: 2023-02-07 23:39:11 +0000 UTC |
Live-Hack-CVE/CVE-2023-23582
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code or crash the device remotely. CVE project by @Sn0wAlice
Create: 2023-02-07 23:39:05 +0000 UTC Push: 2023-02-07 23:39:07 +0000 UTC |
jfrog/jfrog-CVE-2022-21449-OpenSSH_Double-Free
Create: 2023-02-07 23:33:41 +0000 UTC Push: 2023-02-07 23:33:42 +0000 UTC |
jfrog/jfrog-CVE-2023-25136-OpenSSH_Double-Free
Create: 2023-02-07 23:33:41 +0000 UTC Push: 2023-02-07 23:33:42 +0000 UTC |
Live-Hack-CVE/CVE-2022-21948
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in paste allows remote attackers to place Javascript into SVG files. This issue affects: openSUSE paste paste version b57b9f87e303a3db9465776e657378e96845493b and prior versions. CVE project by @Sn0wAlice
Create: 2023-02-07 21:25:33 +0000 UTC Push: 2023-02-07 21:25:36 +0000 UTC |
Live-Hack-CVE/CVE-2015-10075
A vulnerability was found in Custom-Content-Width 1.0. It has been declared as problematic. Affected by this vulnerability is the function override_content_width/register_settings of the file custom-content-width.php. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has b CVE project by @Sn0wAlice
Create: 2023-02-07 21:25:29 +0000 UTC Push: 2023-02-07 21:25:32 +0000 UTC |
0xFTW/CVE-2022-23935
CVE-2022-23935 exploit PoC exiftool version 12.37 written in python
Create: 2023-02-07 21:02:40 +0000 UTC Push: 2023-02-07 21:02:41 +0000 UTC |
amitlttwo/CVE-2021-22986
Create: 2023-02-07 19:19:20 +0000 UTC Push: 2023-02-07 19:19:20 +0000 UTC |
Live-Hack-CVE/CVE-2023-23696
Dell Command Intel vPro Out of Band, versions prior to 4.3.1, contain an Improper Authorization vulnerability. A locally authenticated malicious users could potentially exploit this vulnerability in order to write arbitrary files to the system. CVE project by @Sn0wAlice
Create: 2023-02-07 19:15:27 +0000 UTC Push: 2023-02-07 19:15:29 +0000 UTC |
Live-Hack-CVE/CVE-2023-22643
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPO_ALIAS, REPO_TYPE or REPO_METADATA_PATH settings to CVE project by @Sn0wAlice
Create: 2023-02-07 19:15:23 +0000 UTC Push: 2023-02-07 19:15:25 +0000 UTC |
Live-Hack-CVE/CVE-2023-0706
A vulnerability, which was classified as critical, has been found in SourceCodester Medical Certificate Generator App 1.0. Affected by this issue is some unknown functionality of the file manage_record.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The identifier o CVE project by @Sn0wAlice
Create: 2023-02-07 19:15:19 +0000 UTC Push: 2023-02-07 19:15:22 +0000 UTC |
Live-Hack-CVE/CVE-2022-31254
A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt user to escalate to root. This issue affe CVE project by @Sn0wAlice
Create: 2023-02-07 19:15:15 +0000 UTC Push: 2023-02-07 19:15:18 +0000 UTC |
Live-Hack-CVE/CVE-2015-10074
A vulnerability was found in OpenSeaMap online_chart 1.2. It has been classified as problematic. Affected is the function init of the file index.php. The manipulation of the argument mtext leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version staging is able to address this i CVE project by @Sn0wAlice
Create: 2023-02-07 19:15:12 +0000 UTC Push: 2023-02-07 19:15:14 +0000 UTC |
amitlttwo/CVE-2020-5902
Create: 2023-02-07 19:07:23 +0000 UTC Push: 2023-02-07 19:07:23 +0000 UTC |
Live-Hack-CVE/CVE-2023-22736
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions starting with 2.5.0-rc1 and above, prior to 2.5.8, and version 2.6.0-rc4, are vulnerable to an authorization bypass bug which allows a malicious Argo CD user to deploy Applications outside the configured allowed namespaces. Reconciled Ap CVE project by @Sn0wAlice
Create: 2023-02-07 14:48:25 +0000 UTC Push: 2023-02-07 14:48:27 +0000 UTC |
Live-Hack-CVE/CVE-2023-24827
syft is a a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. A password disclosure flaw was found in Syft versions v0.69.0 and v0.69.1. This flaw leaks the password stored in the SYFT_ATTEST_PASSWORD environment variable. The `SYFT_ATTEST_PASSWORD` enviro CVE project by @Sn0wAlice
Create: 2023-02-07 14:48:22 +0000 UTC Push: 2023-02-07 14:48:24 +0000 UTC |
Previous
402
403
404
405
406
407
408
409
Next