CVE-2020-27216
Summary: In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the...
exploit
CVE-2020-27216
Summary: In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the...
CVE-2020-10364
Summary: The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of...
CVE-2021-30145
Summary: A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted...
CVE-2021-24188
Summary: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Content Copy Protection & No Right Click...
CVE-2021-24195
Summary: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login as User or Customer (User Switching) WordPress...
Exploit to SYSTEM for CVE-2021-21551
SpoolPrinter Privesc using SeImpersonatePrivileges was made thanks to @_ForrestOrr https://github.com/forrest-orr/DoubleStar/tree/main/Payloads/Source/Stage3_SpoolPotato I basically just tossed the exploit function in his code and altered...
CVE-2021-24190
Summary: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WooCommerce Conditional Marketing Mailer WordPress plugin before 1.5.2,...
CVE-2021-24193
Summary: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Visitor Traffic Real Time Statistics WordPress plugin before...
CVE-2021-24190
Summary: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WooCommerce Conditional Marketing Mailer WordPress plugin before 1.5.2,...
CVE-2020-18964
Summary: Cross Site Request Forgery (CSRF) Vulnerability in ForestBlog latest version via the website Management background, which could let a...
CVE-2021-29457
Summary: Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files....
CVE-2021-29457
Summary: Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files....
CVE-2021-25314
Summary: A Creation of Temporary File With Insecure Permissions vulnerability in hawk2 of SUSE Linux Enterprise High Availability 12-SP3, SUSE...
CVE-2020-21990
Summary: Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway 0.2.40 is affected by an information disclosure vulnerability due...
CVE-2020-22000
Summary: HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. This can be exploited...
CVE-2020-21989
Summary: HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF). The application interface allows users to perform certain actions...
CVE-2019-19648
Summary: In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially...
CVE-2020-7226
Summary: CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation...
CVE-2020-14295
Summary: A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter....
CVE-2021-31540
Summary: Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/...
CVE-2021-31540
Summary: Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/...
CVE-2021-20088
Summary: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in mootools-more 1.6.0 allows a malicious user to inject properties...
CVE-2021-20088
Summary: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in mootools-more 1.6.0 allows a malicious user to inject properties...
