渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36123
#CVE_2022
创建者:Live-Hack-CVE
项目描述:The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36123
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36123: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:An issue was discovered in the Arm Mali GPU Kernel Driver (Valhall r29p0 through r38p0). A non-privileged user can make improper GPU processing operations to gain access to already freed memory. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-33917
#CVE_2022
创建者:Live-Hack-CVE
项目描述:An issue was discovered in the Arm Mali GPU Kernel Driver (Valhall r29p0 through r38p0). A non-privileged user can make improper GPU processing operations to gain access to already freed memory. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-33917
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-33917: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the setValidationInfo administrative function. Removin CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36116
#CVE_2022
创建者:Live-Hack-CVE
项目描述:An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the setValidationInfo administrative function. Removin CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36116
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36116: An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment…
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for unintended functionality. An attacker can abuse the Cr CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36115
#CVE_2022
创建者:Live-Hack-CVE
项目描述:An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for unintended functionality. An attacker can abuse the Cr CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36115
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36115: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 8.9.3. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-3072
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 8.9.3. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-3072
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-3072: This repository contains a collection of data files on known Common Vulnerabilities and Exposures…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain multiple hard-coded passcodes for root. Attackers are able to access the passcodes at /etc/srapi/config/system.conf and /usr/sbin/ssol-sshd.sh. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36560
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain multiple hard-coded passcodes for root. Attackers are able to access the passcodes at /etc/srapi/config/system.conf and /usr/sbin/ssol-sshd.sh. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36560
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36560: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain a command injection vulnerability via the Ping parameter at ping_exec.cgi. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36559
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain a command injection vulnerability via the Ping parameter at ping_exec.cgi. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36559
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36559: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36558
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36558
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36558: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36537
#CVE_2022
创建者:Live-Hack-CVE
项目描述:ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36537
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36537: ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive…
ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader. CVE project by @Sn0wAlice - ...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-2915
#CVE_2022
创建者:Live-Hack-CVE
项目描述:A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-2915
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-2915: This repository contains a collection of data files on known Common Vulnerabilities and Exposures…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the SetProcessAttributes administrative function. Abus CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36118
#CVE_2022
创建者:Live-Hack-CVE
项目描述:An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the SetProcessAttributes administrative function. Abus CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36118
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36118: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:The exotel (aka exotel-py) package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-38792
#CVE_2022
创建者:Live-Hack-CVE
项目描述:The exotel (aka exotel-py) package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-38792
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-38792: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Zaver through 2020-12-15 allows directory traversal via the GET /.. substring. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-38794
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Zaver through 2020-12-15 allows directory traversal via the GET /.. substring. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-38794
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-38794: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 0.10.38. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-3017
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 0.10.38. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-3017
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-3017: This repository contains a collection of data files on known Common Vulnerabilities and Exposures…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:uuid2com33
项目描述:现任明教教主 乾颐盾系列Python网络安全编程开篇之作 秦轲老师Python安全实战视频
项目链接:https://github.com/uuid2com33/78_19227
#网络安全
创建者:uuid2com33
项目描述:现任明教教主 乾颐盾系列Python网络安全编程开篇之作 秦轲老师Python安全实战视频
项目链接:https://github.com/uuid2com33/78_19227
#网络安全
GitHub
GitHub - uuid2com33/78_19227: 现任明教教主 乾颐盾系列Python网络安全编程开篇之作 秦轲老师Python安全实战视频
现任明教教主 乾颐盾系列Python网络安全编程开篇之作 秦轲老师Python安全实战视频. Contribute to uuid2com33/78_19227 development by creating an account on GitHub.
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with root privileges. This affe CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-24552
#CVE_2022
创建者:Live-Hack-CVE
项目描述:A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with root privileges. This affe CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-24552
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-24552: A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual…
A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password (including system/administrator user) using any available user This affects StarWind SAN and NAS v0.2 build 1633. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-24551
#CVE_2022
创建者:Live-Hack-CVE
项目描述:A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password (including system/administrator user) using any available user This affects StarWind SAN and NAS v0.2 build 1633. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-24551
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-24551: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:PrinterLogic Windows Client through 25.0.0.676 allows attackers to execute directory traversal. Authenticated users with prior knowledge of the driver filename could exploit this to escalate privileges or distribute malicious content. This issue has been resolved in PrinterLogic Windows Client 25.0.0688 and all affecte CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-32427
#CVE_2022
创建者:Live-Hack-CVE
项目描述:PrinterLogic Windows Client through 25.0.0.676 allows attackers to execute directory traversal. Authenticated users with prior knowledge of the driver filename could exploit this to escalate privileges or distribute malicious content. This issue has been resolved in PrinterLogic Windows Client 25.0.0688 and all affecte CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-32427
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-32427: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36521
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36521
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36521: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Kensite CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities via the name and oldname parameters at /framework/mod/db/DBMapper.xml. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36529
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Kensite CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities via the name and oldname parameters at /framework/mod/db/DBMapper.xml. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36529
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36529: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Cross Site Scripting (XSS) in Admin Panel of Subrion CMS 4.2.1 allows attacker to inject arbitrary code via Login Field CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-37059
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Cross Site Scripting (XSS) in Admin Panel of Subrion CMS 4.2.1 allows attacker to inject arbitrary code via Login Field CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-37059
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-37059: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...