Bishop Fox

6 exploits Active since Mar 2019
CVE-2025-6980 NOMISEC HIGH SCANNER
Arista Next Generation Firewall < 17.3.1 - Sensitive Information Exposure via Captive Portal
Captive Portal can expose sensitive information
3 stars
CVSS 7.5
CVE-2023-3519 NOMISEC CRITICAL WORKING POC
Citrix NetScaler ADC and Gateway - Unauthenticated Remote Code Execution
Unauthenticated remote code execution
1 stars
CVSS 9.8
CVE-2026-22557 GITHUB CRITICAL python SCANNER
UniFi Network Application 9.0.118-10.1.89, 10.2.97 - Path Traversal
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network Application to access files on the underlying system that could be manipulated to access an underlying account.
CVSS 10.0
CVE-2026-35616 NOMISEC CRITICAL SCANNER
Fortinet FortiClientEMS 7.4.5-7.4.6 - Command Injection
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
CVSS 9.8
CVE-2018-19276 EXPLOITDB CRITICAL text WORKING POC
OpenMRS Java Deserialization RCE
OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerability that allows an unauthenticated user to execute arbitrary commands on the targeted system via crafted XML data in a request body.
CVSS 9.8
CVE-2019-18935 EXPLOITDB CRITICAL text WORKING POC
Telerik UI ASP.NET AJAX RadAsyncUpload Deserialization
Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote code execution. (As of 2020.1.114, a default setting prevents the exploit. In 2019.3.1023, but not earlier versions, a non-default setting can prevent exploitation.)
CVSS 9.8