raytheon0x21

3 exploits Active since Jul 2023
CVE-2023-35078 NOMISEC CRITICAL WORKING POC
Ivanti Endpoint Manager Mobile < 11.8.1.1 - Authentication Bypass
An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.
5 stars
CVSS 9.8
CVE-2023-38646 NOMISEC CRITICAL WORKING POC
Metabase <0.46.6.1-1.46.6.1 - RCE
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.
CVSS 9.8
CVE-2023-24488 NOMISEC MEDIUM SCANNER
Citrix ADC/Gateway - XSS
Cross site scripting vulnerability in Citrix ADC and Citrix Gateway  in allows and attacker to perform cross site scripting
CVSS 6.1