unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2022-48195
An issue was discovered in Mellium mellium.im/sasl before 0.3.1. When performing SCRAM-based SASL authentication, if the remote end advertises support for channel binding, no random nonce is generated (instead, the nonce is empty). This causes authentication to fail in the best case, but (if paired with a remote end th CVE project by @Sn0wAlice
Create: 2023-01-01 00:41:51 +0000 UTC Push: 2023-01-01 00:41:53 +0000 UTC |
Live-Hack-CVE/CVE-2022-4867
Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.0-beta1. CVE project by @Sn0wAlice
Create: 2023-01-01 00:41:47 +0000 UTC Push: 2023-01-01 00:41:49 +0000 UTC |
Live-Hack-CVE/CVE-2022-4866
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice
Create: 2023-01-01 00:41:43 +0000 UTC Push: 2023-01-01 00:41:46 +0000 UTC |
Live-Hack-CVE/CVE-2022-4865
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice
Create: 2023-01-01 00:41:40 +0000 UTC Push: 2023-01-01 00:41:42 +0000 UTC |
Live-Hack-CVE/CVE-2022-4868
Improper Authorization in GitHub repository froxlor/froxlor prior to 2.0.0-beta1. CVE project by @Sn0wAlice
Create: 2023-01-01 00:41:37 +0000 UTC Push: 2023-01-01 00:41:39 +0000 UTC |
Live-Hack-CVE/CVE-2017-20157
A vulnerability was found in Ariadne Component Library up to 2.x. It has been classified as critical. Affected is an unknown function of the file src/url/Url.php. The manipulation leads to server-side request forgery. Upgrading to version 3.0 is able to address this issue. It is recommended to upgrade the affected comp CVE project by @Sn0wAlice
Create: 2023-01-01 00:41:34 +0000 UTC Push: 2023-01-01 00:41:36 +0000 UTC |
Live-Hack-CVE/CVE-2017-20156
A vulnerability was found in Exciting Printer and classified as critical. This issue affects some unknown processing of the file lib/printer/jobs/prepare_page.rb of the component Argument Handler. The manipulation of the argument URL leads to command injection. The name of the patch is 5f8c715d6e2cc000f621a6833f0a86a67 CVE project by @Sn0wAlice
Create: 2023-01-01 00:41:30 +0000 UTC Push: 2023-01-01 00:41:32 +0000 UTC |
Live-Hack-CVE/CVE-2017-20159
A vulnerability was found in rf Keynote up to 0.x. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/keynote/rumble.rb. The manipulation of the argument value leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.0.0 is able to ad CVE project by @Sn0wAlice
Create: 2023-01-01 00:41:27 +0000 UTC Push: 2023-01-01 00:41:29 +0000 UTC |
Live-Hack-CVE/CVE-2017-20158
** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in vova07 Yii2 FileAPI Widget up to 0.1.8. It has been declared as problematic. Affected by this vulnerability is the function run of the file actions/UploadAction.php. The manipulation of the argument file leads to cross site scr CVE project by @Sn0wAlice
Create: 2023-01-01 00:41:24 +0000 UTC Push: 2023-01-01 00:41:26 +0000 UTC |
Live-Hack-CVE/CVE-2020-8813
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. CVE project by @Sn0wAlice
Create: 2023-01-01 00:41:20 +0000 UTC Push: 2023-01-01 00:41:22 +0000 UTC |
Live-Hack-CVE/CVE-2020-25706
A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field CVE project by @Sn0wAlice
Create: 2023-01-01 00:41:17 +0000 UTC Push: 2023-01-01 00:41:19 +0000 UTC |
Live-Hack-CVE/CVE-2020-23226
Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php. CVE project by @Sn0wAlice
Create: 2023-01-01 00:37:42 +0000 UTC Push: 2023-01-01 00:37:44 +0000 UTC |
Vicki568/CVE-2022-21907
Poc exploit in CVE-2022-21907 . And testing the presence of cve
Create: 2022-12-31 17:58:28 +0000 UTC Push: 2022-12-31 17:58:29 +0000 UTC |
pmihsan/-Dirty-Pipe-CVE-2022-0847
Create: 2022-12-31 01:17:44 +0000 UTC Push: 2022-12-31 01:17:45 +0000 UTC |
Live-Hack-CVE/CVE-2022-38229
XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc. CVE project by @Sn0wAlice
Create: 2022-12-30 14:02:49 +0000 UTC Push: 2022-12-30 14:02:52 +0000 UTC |
Live-Hack-CVE/CVE-2021-0188
Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. CVE project by @Sn0wAlice
Create: 2022-12-30 13:21:21 +0000 UTC Push: 2022-12-30 13:21:23 +0000 UTC |
Live-Hack-CVE/CVE-2022-2568
A privilege escalation flaw was found in the Ansible Automation Platform. This flaw allows a remote authenticated user with 'change user' permissions to modify the account settings of the superuser account and also remove the superuser privileges. CVE project by @Sn0wAlice
Create: 2022-12-30 12:39:59 +0000 UTC Push: 2022-12-30 12:40:02 +0000 UTC |
Live-Hack-CVE/CVE-2022-29404
In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size. CVE project by @Sn0wAlice
Create: 2022-12-30 11:59:01 +0000 UTC Push: 2022-12-30 11:59:03 +0000 UTC |
Live-Hack-CVE/CVE-2022-21208
The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sendi CVE project by @Sn0wAlice
Create: 2022-12-30 11:17:22 +0000 UTC Push: 2022-12-30 11:17:24 +0000 UTC |
Nexolanta/log4j2_CVE-2021-44228
Create: 2022-12-30 10:46:33 +0000 UTC Push: 2022-12-30 10:46:48 +0000 UTC |
Previous
563
564
565
566
567
568
569
570
Next