unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2023-0131
Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE project by @Sn0wAlice
Create: 2023-01-11 05:58:38 +0000 UTC Push: 2023-01-11 05:58:41 +0000 UTC |
Live-Hack-CVE/CVE-2022-4636
Black Box KVM Firmware version 3.4.31307 on models ACR1000A-R-R2, ACR1000A-T-R2, ACR1002A-T, ACR1002A-R, and ACR1020A-T is vulnerable to path traversal, which may allow an attacker to steal user credentials and other sensitive information through local file inclusion. CVE project by @Sn0wAlice
Create: 2023-01-11 05:58:34 +0000 UTC Push: 2023-01-11 05:58:37 +0000 UTC |
Live-Hack-CVE/CVE-2022-45614
An issue in the /index.php/user/edit_user/ component of Book Store Management System v1.0 allows unauthenticated attackers to retrieve the password hashes of all existing user accounts via a crafted request. CVE project by @Sn0wAlice
Create: 2023-01-11 05:58:30 +0000 UTC Push: 2023-01-11 05:58:33 +0000 UTC |
Live-Hack-CVE/CVE-2022-31054
Argo Events is an event-driven workflow automation framework for Kubernetes. Prior to version 1.7.1, several `HandleRoute` endpoints make use of the deprecated `ioutil.ReadAll()`. `ioutil.ReadAll()` reads all the data into memory. As such, an attacker who sends a large request to the Argo Events server will be able to CVE project by @Sn0wAlice
Create: 2023-01-11 05:58:19 +0000 UTC Push: 2023-01-11 05:58:23 +0000 UTC |
Live-Hack-CVE/CVE-2022-4780
ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change. CVE project by @Sn0wAlice
Create: 2023-01-11 03:49:06 +0000 UTC Push: 2023-01-11 03:49:09 +0000 UTC |
Live-Hack-CVE/CVE-2022-44441
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. CVE project by @Sn0wAlice
Create: 2023-01-11 03:49:00 +0000 UTC Push: 2023-01-11 03:49:01 +0000 UTC |
Live-Hack-CVE/CVE-2022-44442
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. CVE project by @Sn0wAlice
Create: 2023-01-11 03:48:52 +0000 UTC Push: 2023-01-11 03:48:56 +0000 UTC |
Live-Hack-CVE/CVE-2022-45875
Improper validation of script alert plugin parameters in Apache DolphinScheduler to avoid remote command execution vulnerability. This issue affects Apache DolphinScheduler version 3.0.1 and prior versions; version 3.1.0 and prior versions. CVE project by @Sn0wAlice
Create: 2023-01-11 03:48:48 +0000 UTC Push: 2023-01-11 03:48:51 +0000 UTC |
Live-Hack-CVE/CVE-2022-44430
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. CVE project by @Sn0wAlice
Create: 2023-01-11 03:48:43 +0000 UTC Push: 2023-01-11 03:48:46 +0000 UTC |
Live-Hack-CVE/CVE-2022-44431
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. CVE project by @Sn0wAlice
Create: 2023-01-11 03:48:38 +0000 UTC Push: 2023-01-11 03:48:39 +0000 UTC |
Live-Hack-CVE/CVE-2022-44432
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. CVE project by @Sn0wAlice
Create: 2023-01-11 03:48:33 +0000 UTC Push: 2023-01-11 03:48:37 +0000 UTC |
Live-Hack-CVE/CVE-2023-0162
The CPO Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of its content type settings parameters in versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permiss CVE project by @Sn0wAlice
Create: 2023-01-11 03:48:17 +0000 UTC Push: 2023-01-11 03:48:20 +0000 UTC |
patrickhener/CVE-2023-22855
Create: 2023-01-11 02:27:40 +0000 UTC Push: 2023-01-11 02:27:40 +0000 UTC |
viardant/CVE-2021-29447
CVE-2021-29447 - Authenticated XXE Injection - WordPress < 5.7.1 & PHP > 8
Create: 2023-01-11 01:55:19 +0000 UTC Push: 2023-01-11 01:55:19 +0000 UTC |
Live-Hack-CVE/CVE-2021-22600
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 CVE project by @Sn0wAlice
Create: 2023-01-11 01:35:28 +0000 UTC Push: 2023-01-11 01:35:31 +0000 UTC |
Live-Hack-CVE/CVE-2014-125073
A vulnerability was found in mapoor voteapp. It has been rated as critical. Affected by this issue is the function create_poll/do_poll/show_poll/show_refresh of the file app.py. The manipulation leads to sql injection. The name of the patch is b290c21a0d8bcdbd55db860afd3cadec97388e72. It is recommended to apply a patch CVE project by @Sn0wAlice
Create: 2023-01-11 01:35:12 +0000 UTC Push: 2023-01-11 01:35:15 +0000 UTC |
Live-Hack-CVE/CVE-2022-44439
In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. CVE project by @Sn0wAlice
Create: 2023-01-11 01:35:06 +0000 UTC Push: 2023-01-11 01:35:10 +0000 UTC |
Live-Hack-CVE/CVE-2022-44438
In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. CVE project by @Sn0wAlice
Create: 2023-01-11 01:35:02 +0000 UTC Push: 2023-01-11 01:35:05 +0000 UTC |
Live-Hack-CVE/CVE-2022-44437
In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. CVE project by @Sn0wAlice
Create: 2023-01-11 01:34:57 +0000 UTC Push: 2023-01-11 01:35:00 +0000 UTC |
Live-Hack-CVE/CVE-2022-44436
In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. CVE project by @Sn0wAlice
Create: 2023-01-11 01:34:52 +0000 UTC Push: 2023-01-11 01:34:55 +0000 UTC |
Previous
524
525
526
527
528
529
530
531
Next