Inthewild Exploits

518 exploits tracked across all sources.

Sort: Activity Stars

CVE-2021-22893 INTHEWILD CRITICAL

Pulse Connect Secure >=9.0R3/9.1R1 - Auth Bypass

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild.

CVSS 10.0

View

CVE-2021-22893 INTHEWILD CRITICAL

Pulse Connect Secure >=9.0R3/9.1R1 - Auth Bypass

CVSS 10.0

View

CVE-2021-22893 INTHEWILD CRITICAL

Pulse Connect Secure >=9.0R3/9.1R1 - Auth Bypass

CVSS 10.0

View

CVE-2021-22893 INTHEWILD CRITICAL

Pulse Connect Secure >=9.0R3/9.1R1 - Auth Bypass

CVSS 10.0

View

CVE-2021-22893 INTHEWILD CRITICAL

Pulse Connect Secure >=9.0R3/9.1R1 - Auth Bypass

CVSS 10.0

View

CVE-2021-22214 INTHEWILD MEDIUM

Gitlab < 13.10.5 - SSRF

When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab CE/EE affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is limited

CVSS 6.8

View

CVE-2021-22192 INTHEWILD CRITICAL

GitLab CE/EE <13.2 - Authenticated RCE

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 allowing unauthorized authenticated users to execute arbitrary code on the server.

CVSS 9.9

View

CVE-2021-21983 INTHEWILD MEDIUM

vRealize Operations Manager <8.4 - Privilege Escalation

Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.

CVSS 6.5

View

CVE-2021-21380 INTHEWILD HIGH

Xwiki < 12.8 - SQL Injection

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of XWiki Platform (and only those with the Ratings API installed), the Rating Script Service expose an API to perform SQL requests without escaping the from and where search arguments. This might lead to an SQL script injection quite easily for any user having Script rights on XWiki. The problem has been patched in XWiki 12.9RC1. The only workaround besides upgrading XWiki would be to uninstall the Ratings API in XWiki from the Extension Manager.

CVSS 7.7

View

CVE-2021-21311 INTHEWILD HIGH

Adminer < 4.7.9 - SSRF

Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9.

CVSS 7.2

View

CVE-2021-1965 INTHEWILD CRITICAL

Qualcomm Aqt1000 Firmware - Improper Input Validation

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

CVSS 9.8

View

CVE-2020-9461 INTHEWILD MEDIUM

Octech Oempro < 4.11 - XSS

Octech Oempro 4.7 through 4.11 allow stored XSS by an authenticated user. The FolderName parameter of the Media.CreateFolder command is vulnerable.

CVSS 5.4

View

CVE-2020-9460 INTHEWILD MEDIUM

Octech Oempro < 4.11 - XSS

Octech Oempro 4.7 through 4.11 allow XSS by an authenticated user. The parameter CampaignName in Campaign.Create is vulnerable.

CVSS 5.4

View

CVE-2020-8437 INTHEWILD HIGH

BitTorrent uTorrent <3.5.5 - DoS

The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505) misparses nested bencoded dictionaries, which allows a remote attacker to cause a denial of service.

CVSS 7.5

View

CVE-2020-8163 INTHEWILD HIGH

Rails <5.0.1 - Code Injection

The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE.

CVSS 8.8

View

CVE-2020-6514 INTHEWILD MEDIUM

Google Chrome < 84.0.4147.89 - Information Disclosure

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.

CVSS 6.5

View

CVE-2020-6514 INTHEWILD MEDIUM

Google Chrome < 84.0.4147.89 - Information Disclosure

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.

CVSS 6.5

View

CVE-2020-6514 INTHEWILD MEDIUM

Google Chrome < 84.0.4147.89 - Information Disclosure

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.

CVSS 6.5

View

CVE-2020-5248 INTHEWILD HIGH

Glpi < 9.4.6 - Hard-coded Credentials

GLPI before before version 9.4.6 has a vulnerability involving a default encryption key. GLPIKEY is public and is used on every instance. This means anyone can decrypt sensitive data stored using this key. It is possible to change the key before installing GLPI. But on existing instances, data must be reencrypted with the new key. Problem is we can not know which columns or rows in the database are using that; espcially from plugins. Changing the key without updating data would lend in bad password sent from glpi; but storing them again from the UI will work.

CVSS 7.2

View

CVE-2020-29669 INTHEWILD HIGH

Macally WIFISD2-2A82 Media and Travel Router 2.000.010 - Privilege Escalation

In the Macally WIFISD2-2A82 Media and Travel Router 2.000.010, the Guest user is able to reset its own password. This process has a vulnerability which can be used to take over the administrator account and results in shell access. As the admin user may read the /etc/shadow file, the password hashes of each user (including root) can be dumped. The root hash can be cracked easily which results in a complete system compromise.

CVSS 8.8

View

CVE-2020-29607 INTHEWILD HIGH

Pluck CMS <4.7.13 - RCE

A file upload restriction bypass vulnerability in Pluck CMS before 4.7.13 allows an admin privileged user to gain access in the host through the "manage files" functionality, which may result in remote code execution.

CVSS 7.2

View

CVE-2020-29607 INTHEWILD HIGH

Pluck CMS <4.7.13 - RCE

CVSS 7.2

View

CVE-2020-29134 INTHEWILD HIGH

Totvs Fluig - Path Traversal

The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4

CVSS 8.6

View

CVE-2020-29134 INTHEWILD HIGH

Totvs Fluig - Path Traversal

The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4

CVSS 8.6

View

CVE-2020-2021 INTHEWILD CRITICAL

Paloaltonetworks Pan-os < 8.0.20 - Signature Verification Bypass

When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. The attacker must have network access to the vulnerable server to exploit this vulnerability. This issue affects PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15, and all versions of PAN-OS 8.0 (EOL). This issue does not affect PAN-OS 7.1. This issue cannot be exploited if SAML is not used for authentication. This issue cannot be exploited if the 'Validate Identity Provider Certificate' option is enabled (checked) in the SAML Identity Provider Server Profile. Resources that can be protected by SAML-based single sign-on (SSO) authentication are: GlobalProtect Gateway, GlobalProtect Portal, GlobalProtect Clientless VPN, Authentication and Captive Portal, PAN-OS next-generation firewalls (PA-Series, VM-Series) and Panorama web interfaces, Prisma Access In the case of GlobalProtect Gateways, GlobalProtect Portal, Clientless VPN, Captive Portal, and Prisma Access, an unauthenticated attacker with network access to the affected servers can gain access to protected resources if allowed by configured authentication and Security policies. There is no impact on the integrity and availability of the gateway, portal or VPN server. An attacker cannot inspect or tamper with sessions of regular users. In the worst case, this is a critical severity vulnerability with a CVSS Base Score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N). In the case of PAN-OS and Panorama web interfaces, this issue allows an unauthenticated attacker with network access to the PAN-OS or Panorama web interfaces to log in as an administrator and perform administrative actions. In the worst-case scenario, this is a critical severity vulnerability with a CVSS Base Score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). If the web interfaces are only accessible to a restricted management network, then the issue is lowered to a CVSS Base Score of 9.6 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.

CVSS 10.0

View

By Source

Inthewild 518

By Language