emanueldosreis

4 exploits Active since Feb 2023
CVE-2024-24919 NOMISEC HIGH WORKING POC
Check Point Quantum Gateway - Information Disclosure
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
5 stars
CVSS 8.6
CVE-2023-23333 NOMISEC CRITICAL SUSPICIOUS
SolarView Compact Firmware <= 6.00 - Remote Command Execution via downloader.php
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
2 stars
CVSS 9.8
CVE-2024-38856 NOMISEC CRITICAL SCANNER
Apache OFBiz forgotPassword/ProgramExport RCE
Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through 18.12.14. Users are recommended to upgrade to version 18.12.15, which fixes the issue. Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don't explicitly check user's permissions because they rely on the configuration of their endpoints).
1 stars
CVSS 9.8
CVE-2023-35078 NOMISEC CRITICAL STUB
Ivanti Endpoint Manager Mobile < 11.8.1.1 - Unauthenticated Authentication Bypass
An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.
1 stars
CVSS 9.8