LtmThink

2 exploits Active since Dec 2023

CVE-2024-21733 NOMISEC MEDIUM WORKING POC

Apache Tomcat < 8.5.64 - Error Information Exposure

Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Other, EOL versions may also be affected. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.

27 stars

CVSS 5.3

View Code

CVE-2023-51385 NOMISEC MEDIUM WORKING POC

OpenSSH <9.6 - Command Injection

In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

7 stars

CVSS 6.5

View Code