passwa11

12 exploits Active since Apr 2023
CVE-2024-26026 NOMISEC HIGH WORKING POC
F5 BIG-IP Next Central Manager 20.0.1-20.1.x - SQL Injection via API URI
An SQL injection vulnerability exists in the BIG-IP Next Central Manager API (URI).  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
5 stars
CVSS 7.5
CVE-2023-20562 NOMISEC HIGH WORKING POC
AMD uProf < 4.1.396 - Authenticated Arbitrary Kernel Execution via IOCTL Input Buffer
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.
4 stars
CVSS 7.8
CVE-2024-27198 NOMISEC CRITICAL WORKING POC
TeamCity < 2023.11.4 - Authentication Bypass
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
3 stars
CVSS 9.8
CVE-2024-6387 NOMISEC HIGH WORKING POC
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
1 stars
CVSS 8.1
CVE-2023-3519 NOMISEC CRITICAL WORKING POC
Citrix NetScaler ADC and Gateway - Unauthenticated Remote Code Execution
Unauthenticated remote code execution
1 stars
CVSS 9.8
CVE-2026-49952 GITHUB CRITICAL WORKING POC
Discuz! X5.0 Authentication Bypass via dbbak.php Encryption Oracle
Discuz! X5.0 releases 20260320 through 20260501 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to gain unauthorized access to database backup and restore functionality by exploiting a shared cryptographic key between UCenter integration and the database backup API exposed by dbbak.php. Attackers can inject a crafted payload through the username parameter during login to abuse the encryption oracle in logging_ctl::logging_more(), obtain a legitimately signed token, and use it to bypass authorization for database export and import operations, with the additional ability to trigger a race condition to impersonate arbitrary users.
CVSS 9.1
CVE-2026-10187 GITHUB CRITICAL WRITEUP
Totolink N300RH Web Management wireless.so setWiFiBasicConfig stack-based overflow
A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.
CVSS 9.8
CVE-2025-22912 NOMISEC CRITICAL WORKING POC
Edimax RE11S v1.11 - OS Command Injection via formAccept Component
RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform/formAccept.
CVSS 9.8
CVE-2023-38646 NOMISEC CRITICAL WORKING POC
Metabase < 0.46.6.1 and < 1.46.6.1 - Unauthenticated Remote Code Execution
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.
CVSS 9.8
CVE-2023-4357 NOMISEC HIGH TROJAN
Google Chrome <116.0.5845.96 - Auth Bypass
Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVSS 8.8
CVE-2023-47218 NOMISEC MEDIUM WORKING POC
QNAP QTS 5.1.0-5.1.5.2645 and QuTS hero h5.1.0-h5.1.5.2647 and QuTScloud c5.0.0.1919-c5.1.5.2651 - OS Command Injection
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later
CVSS 5.8
CVE-2023-29017 NOMISEC CRITICAL WORKING POC
vm2 <3.9.15 - Remote Code Execution
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Prior to version 3.9.15, vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors. A threat actor could bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.15 of vm2. There are no known workarounds.
CVSS 10.0