Логотип exploitDog
source:"github"
Консоль
Логотип exploitDog

exploitDog

source:"github"

Количество 314 375

Количество 314 375

github логотип

GHSA-2rpv-px67-6xcc

почти 2 года назад

Rejected reason: This is unused.

EPSS: Низкий
github логотип

GHSA-2rpv-m9vg-g7g3

10 месяцев назад

Rejected reason: Not used

EPSS: Низкий
github логотип

GHSA-2rpv-jjj3-r2m2

больше 3 лет назад

A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. MuJS before 8c805b4eb19cf2af689c860b77e6111d2ee439d5. A successful exploitation of this issue can lead to code execution or denial of service condition.

CVSS3: 9.8
EPSS: Низкий
github логотип

GHSA-2rpv-5gq5-8p5q

больше 3 лет назад

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, a.k.a. "Internet Explorer Memory Corruption Vulnerability."

CVSS3: 7.5
EPSS: Средний
github логотип

GHSA-2rpv-42c9-4hgr

больше 3 лет назад

A Remote Code Execution vulnerability exists in PRTG Network Monitor before 19.4.54.1506 that allows attackers to execute code due to insufficient sanitization when passing arguments to the HttpTransactionSensor.exe binary. In order to exploit the vulnerability, remote authenticated administrators need to create a new HTTP Transaction Sensor and set specific settings when the sensor is executed.

EPSS: Средний
github логотип

GHSA-2rpv-33qg-3xg6

около 2 лет назад

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Side Menu Lite – add sticky fixed buttons plugin <= 4.0 versions.

CVSS3: 4.3
EPSS: Низкий
github логотип

GHSA-2rpr-pf46-4w2m

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in the Ubercart Webform Integration module before 6.x-1.8 and 7.x before 7.x-2.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.

EPSS: Низкий
github логотип

GHSA-2rpr-g8wh-pgw8

больше 3 лет назад

An issue was discovered in the Sales component in webERP 4.15. SalesInquiry.php has SQL Injection via the SortBy parameter.

CVSS3: 7.2
EPSS: Низкий
github логотип

GHSA-2rpq-p6fh-7mx6

почти 2 года назад

An issue was discovered in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the postProcess() method.

CVSS3: 9.8
EPSS: Низкий
github логотип

GHSA-2rpq-3585-p54f

больше 3 лет назад

Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server for Java, versions - 7.11,7.20,7.30,7.31,7.40 and 7.50 allows attackers to access restricted information by entering malicious server name.

CVSS3: 4.9
EPSS: Низкий
github логотип

GHSA-2rpp-5f7j-m472

больше 3 лет назад

Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.

CVSS3: 2.3
EPSS: Низкий
github логотип

GHSA-2rpp-4gcg-qm8x

8 месяцев назад

A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations.

CVSS3: 9.8
EPSS: Низкий
github логотип

GHSA-2rpm-6c5g-j32f

больше 3 лет назад

SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arbitrary SQL commands via the authorID parameter.

EPSS: Низкий
github логотип

GHSA-2rpm-4x8c-pvqg

больше 3 лет назад

Improper Limitation of a Pathname to a Restricted Directory in Zip4j

CVSS3: 6.5
EPSS: Низкий
github логотип

GHSA-2rpj-wp8m-5xgx

больше 3 лет назад

On ASUS RT-AC58U 3.0.0.4.380_6516 devices, remote attackers can discover hostnames and IP addresses by reading dhcpLeaseInfo data in the HTML source code of the Main_Login.asp page.

CVSS3: 5.3
EPSS: Низкий
github логотип

GHSA-2rpj-3g7q-6cpj

около 1 года назад

The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.4.8 in inc/Widgets/accordion/output/content.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.

CVSS3: 4.3
EPSS: Низкий
github логотип

GHSA-2rph-qjxq-ggpw

больше 3 лет назад

In processMessagePart of InboundSmsHandler.java, there is a possible remote denial of service due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-72298611.

CVSS3: 7.5
EPSS: Низкий
github логотип

GHSA-2rpg-qc85-4c9v

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in Atmail Webmail Server 6.6.x before 6.6.3 and 7.0.x before 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php/mail/viewmessage/getattachment/folder/INBOX/uniqueId/<MessageID>/filenameOriginal/.

EPSS: Низкий
github логотип

GHSA-2rpf-w4m3-hpq2

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editing feature, as demonstrated by /?/admin/page/edit/3.

CVSS3: 4.8
EPSS: Низкий
github логотип

GHSA-2rpf-552f-x2xx

больше 3 лет назад

An issue was discovered in WAVM before 2018-09-16. The loadModule function in Include/Inline/CLI.h lacks checking of the file length before a file magic comparison, allowing attackers to cause a Denial of Service (application crash caused by out-of-bounds read) by crafting a file that has fewer than 4 bytes.

CVSS3: 6.5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
github логотип
GHSA-2rpv-px67-6xcc

Rejected reason: This is unused.

почти 2 года назад
github логотип
GHSA-2rpv-m9vg-g7g3

Rejected reason: Not used

10 месяцев назад
github логотип
GHSA-2rpv-jjj3-r2m2

A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. MuJS before 8c805b4eb19cf2af689c860b77e6111d2ee439d5. A successful exploitation of this issue can lead to code execution or denial of service condition.

CVSS3: 9.8
1%
Низкий
больше 3 лет назад
github логотип
GHSA-2rpv-5gq5-8p5q

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, a.k.a. "Internet Explorer Memory Corruption Vulnerability."

CVSS3: 7.5
62%
Средний
больше 3 лет назад
github логотип
GHSA-2rpv-42c9-4hgr

A Remote Code Execution vulnerability exists in PRTG Network Monitor before 19.4.54.1506 that allows attackers to execute code due to insufficient sanitization when passing arguments to the HttpTransactionSensor.exe binary. In order to exploit the vulnerability, remote authenticated administrators need to create a new HTTP Transaction Sensor and set specific settings when the sensor is executed.

13%
Средний
больше 3 лет назад
github логотип
GHSA-2rpv-33qg-3xg6

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Side Menu Lite – add sticky fixed buttons plugin <= 4.0 versions.

CVSS3: 4.3
0%
Низкий
около 2 лет назад
github логотип
GHSA-2rpr-pf46-4w2m

Cross-site scripting (XSS) vulnerability in the Ubercart Webform Integration module before 6.x-1.8 and 7.x before 7.x-2.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.

0%
Низкий
больше 3 лет назад
github логотип
GHSA-2rpr-g8wh-pgw8

An issue was discovered in the Sales component in webERP 4.15. SalesInquiry.php has SQL Injection via the SortBy parameter.

CVSS3: 7.2
0%
Низкий
больше 3 лет назад
github логотип
GHSA-2rpq-p6fh-7mx6

An issue was discovered in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the postProcess() method.

CVSS3: 9.8
2%
Низкий
почти 2 года назад
github логотип
GHSA-2rpq-3585-p54f

Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server for Java, versions - 7.11,7.20,7.30,7.31,7.40 and 7.50 allows attackers to access restricted information by entering malicious server name.

CVSS3: 4.9
0%
Низкий
больше 3 лет назад
github логотип
GHSA-2rpp-5f7j-m472

Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.

CVSS3: 2.3
0%
Низкий
больше 3 лет назад
github логотип
GHSA-2rpp-4gcg-qm8x

A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations.

CVSS3: 9.8
0%
Низкий
8 месяцев назад
github логотип
GHSA-2rpm-6c5g-j32f

SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arbitrary SQL commands via the authorID parameter.

0%
Низкий
больше 3 лет назад
github логотип
GHSA-2rpm-4x8c-pvqg

Improper Limitation of a Pathname to a Restricted Directory in Zip4j

CVSS3: 6.5
4%
Низкий
больше 3 лет назад
github логотип
GHSA-2rpj-wp8m-5xgx

On ASUS RT-AC58U 3.0.0.4.380_6516 devices, remote attackers can discover hostnames and IP addresses by reading dhcpLeaseInfo data in the HTML source code of the Main_Login.asp page.

CVSS3: 5.3
0%
Низкий
больше 3 лет назад
github логотип
GHSA-2rpj-3g7q-6cpj

The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.4.8 in inc/Widgets/accordion/output/content.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.

CVSS3: 4.3
0%
Низкий
около 1 года назад
github логотип
GHSA-2rph-qjxq-ggpw

In processMessagePart of InboundSmsHandler.java, there is a possible remote denial of service due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-72298611.

CVSS3: 7.5
3%
Низкий
больше 3 лет назад
github логотип
GHSA-2rpg-qc85-4c9v

Cross-site scripting (XSS) vulnerability in Atmail Webmail Server 6.6.x before 6.6.3 and 7.0.x before 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php/mail/viewmessage/getattachment/folder/INBOX/uniqueId/<MessageID>/filenameOriginal/.

0%
Низкий
больше 3 лет назад
github логотип
GHSA-2rpf-w4m3-hpq2

Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editing feature, as demonstrated by /?/admin/page/edit/3.

CVSS3: 4.8
0%
Низкий
больше 3 лет назад
github логотип
GHSA-2rpf-552f-x2xx

An issue was discovered in WAVM before 2018-09-16. The loadModule function in Include/Inline/CLI.h lacks checking of the file length before a file magic comparison, allowing attackers to cause a Denial of Service (application crash caused by out-of-bounds read) by crafting a file that has fewer than 4 bytes.

CVSS3: 6.5
0%
Низкий
больше 3 лет назад

Уязвимостей на страницу