Inthewild Exploits
518 exploits tracked across all sources.
Ollama <0.1.47 - Path Traversal
extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory.
CVSS 7.5
Hex-rays Ida Pro < 8.4 - Resource Allocation Without Limits
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue.
CVSS 7.5
Microsoft Windows 10 1809 < 10.0.17763.6414 - Use After Free
Remote Desktop Protocol Server Remote Code Execution Vulnerability
CVSS 8.1
Remote Registry Service - Privilege Escalation
Remote Registry Service Elevation of Privilege Vulnerability
CVSS 8.8
Remote Registry Service - Privilege Escalation
Remote Registry Service Elevation of Privilege Vulnerability
CVSS 8.8
Remote Registry Service - Privilege Escalation
Remote Registry Service Elevation of Privilege Vulnerability
CVSS 8.8
Java - Privilege Escalation
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVSS 7.3
CVE-2024-42992
INTHEWILD
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Rejetto HTTP File Server < 0.52.10 - Improper Access Control
rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js).
CVSS 9.9
Windows Ancillary Function Driver - Privilege Escalation
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVSS 7.8
Microsoft Project < - RCE
Microsoft Project Remote Code Execution Vulnerability
CVSS 8.8
Windows File Explorer - Privilege Escalation
Windows File Explorer Elevation of Privilege Vulnerability
CVSS 7.8
Porto theme for WordPress <7.1.0 - Local File Inclusion
The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via the 'porto_ajax_posts' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included.
CVSS 9.8
Windows Kernel - Info Disclosure
Windows Kernel Information Disclosure Vulnerability
CVSS 5.5
Vmware Esxi < 5.2 - Authentication Bypass
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.
CVSS 6.8
Vmware Spring Cloud Data Flow < 2.11.4 - Code Injection
In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server
CVSS 9.8
Palo Alto Networks PAN-OS - DoS
A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
CVSS 7.5
Plechev Andrey WP-Recall <16.26.5 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5.
CVSS 9.3
EverPress Mailster <4.0.6 - Path Traversal
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in EverPress Mailster mailster.This issue affects Mailster: from n/a through <= 4.0.6.
CVSS 8.1
PuTTY <0.81 - Info Disclosure
In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.
CVSS 5.9
Sukhchain Singh Auto Poster <1.2 - Unrestricted Upload
Unrestricted Upload of File with Dangerous Type vulnerability in Sukhchain Singh Auto Poster.This issue affects Auto Poster: from n/a through 1.2.
CVSS 9.1
J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus <8.6.03.005 - Unr...
Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a before 8.6.03.005.
CVSS 9.9
Windows Wi-Fi Driver - RCE
Windows Wi-Fi Driver Remote Code Execution Vulnerability
CVSS 8.8
SolarWinds Web Help Desk - Hardcoded Credential
The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
CVSS 9.1
SolarWinds Web Help Desk - Hardcoded Credential
The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
CVSS 9.1
By Source