渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-25812
#rce
创建者:Live-Hack-CVE
项目描述:The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-25812
#rce
GitHub
GitHub - Live-Hack-CVE/CVE-2022-25812: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:The Yotpo Reviews for WooCommerce WordPress plugin through 2.0.4 lacks nonce check when updating its settings, which could allow attacker to make a logged in admin change them via a CSRF attack. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-2555
#CVE_2022
创建者:Live-Hack-CVE
项目描述:The Yotpo Reviews for WooCommerce WordPress plugin through 2.0.4 lacks nonce check when updating its settings, which could allow attacker to make a logged in admin change them via a CSRF attack. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-2555
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-2555: The Yotpo Reviews for WooCommerce WordPress plugin through 2.0.4 lacks nonce check when updating…
The Yotpo Reviews for WooCommerce WordPress plugin through 2.0.4 lacks nonce check when updating its settings, which could allow attacker to make a logged in admin change them via a CSRF attack. CV...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:The Simple Job Board WordPress plugin before 2.10.0 is susceptible to Directory Listing which allows the public listing of uploaded resumes in certain configurations. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-2558
#CVE_2022
创建者:Live-Hack-CVE
项目描述:The Simple Job Board WordPress plugin before 2.10.0 is susceptible to Directory Listing which allows the public listing of uploaded resumes in certain configurations. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-2558
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-2558: This repository contains a collection of data files on known Common Vulnerabilities and Exposures…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:The Team WordPress plugin before 4.1.2 contains a file which could allow any authenticated users to download arbitrary files from the server via a path traversal vector. Furthermore, the file will also be deleted after its content is returned to the user CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-2557
#CVE_2022
创建者:Live-Hack-CVE
项目描述:The Team WordPress plugin before 4.1.2 contains a file which could allow any authenticated users to download arbitrary files from the server via a path traversal vector. Furthermore, the file will also be deleted after its content is returned to the user CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-2557
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-2557: This repository contains a collection of data files on known Common Vulnerabilities and Exposures…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration (so PHP is not possible) if there is a frontend form available. This vulnerability was introduced in the 5.0 rewrite and CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-2594
#CVE_2022
创建者:Live-Hack-CVE
项目描述:The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration (so PHP is not possible) if there is a frontend form available. This vulnerability was introduced in the 5.0 rewrite and CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-2594
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-2594: This repository contains a collection of data files on known Common Vulnerabilities and Exposures…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Improper access control in the firmware for some Intel(R) E810 Ethernet Controllers before version 1.6.1.9 may allow a privileged user to potentially enable denial of service via local access. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-28709
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Improper access control in the firmware for some Intel(R) E810 Ethernet Controllers before version 1.6.1.9 may allow a privileged user to potentially enable denial of service via local access. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-28709
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-28709: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.6 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-28757
#CVE_2022
创建者:Live-Hack-CVE
项目描述:The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.6 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-28757
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-28757: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-1901
#CVE_2022
创建者:Live-Hack-CVE
项目描述:In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-1901
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-1901: In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using…
In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview. CVE project by @Sn0wAlice - GitHub - Live-Hack-CVE/CVE-2022-1901: In affected versions...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Unsafe Parsing of a PNG tRNS chunk in FastStone Image Viewer through 7.5 results in a stack buffer overflow. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36947
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Unsafe Parsing of a PNG tRNS chunk in FastStone Image Viewer through 7.5 results in a stack buffer overflow. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36947
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36947: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity. They utilize the BSAP-IP protocol to transmit firmware updates. Firmware updates are supplied as CAB archive files containing a binary firmware image. In all cases, firmware images were found to have no authentication (in th CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-30262
#CVE_2022
创建者:Live-Hack-CVE
项目描述:The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity. They utilize the BSAP-IP protocol to transmit firmware updates. Firmware updates are supplied as CAB archive files containing a binary firmware image. In all cases, firmware images were found to have no authentication (in th CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-30262
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-30262: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36233
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36233
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36233: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:libjpeg commit 281daa9 was discovered to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-37769
#CVE_2022
创建者:Live-Hack-CVE
项目描述:libjpeg commit 281daa9 was discovered to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-37769
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-37769: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable information disclosure via local access. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-21140
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable information disclosure via local access. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-21140
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-21140: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-35201
#rce
创建者:Live-Hack-CVE
项目描述:Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-35201
#rce
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:DedeCMS v5.7.93 - v5.7.96 was discovered to contain a remote code execution vulnerability in login.php. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-35516
#CVE_2022
创建者:Live-Hack-CVE
项目描述:DedeCMS v5.7.93 - v5.7.96 was discovered to contain a remote code execution vulnerability in login.php. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-35516
#CVE_2022
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:DedeBIZ v6 was discovered to contain a remote code execution vulnerability in sys_info.php. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36215
#CVE_2022
创建者:Live-Hack-CVE
项目描述:DedeBIZ v6 was discovered to contain a remote code execution vulnerability in sys_info.php. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36215
#CVE_2022
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:DedeCMS v5.7.94 - v5.7.97 was discovered to contain a remote code execution vulnerability in member_toadmin.php. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36216
#CVE_2022
创建者:Live-Hack-CVE
项目描述:DedeCMS v5.7.94 - v5.7.97 was discovered to contain a remote code execution vulnerability in member_toadmin.php. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36216
#CVE_2022
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-29487
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-29487
#CVE_2022
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-28715
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-28715
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-28715: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Browse restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Scheduler. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-25986
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Browse restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Scheduler. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-25986
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-25986: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:SWFTools commit 772e55a2 was discovered to contain a segmentation violation via extractFrame at /readers/swf.c. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-35114
#CVE_2022
创建者:Live-Hack-CVE
项目描述:SWFTools commit 772e55a2 was discovered to contain a segmentation violation via extractFrame at /readers/swf.c. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-35114
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-35114: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...