Nomisec Exploits

22,720 exploits tracked across all sources.

Sort: Activity Stars
CVE-2024-6387 NOMISEC HIGH
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by turbobit
1 stars
CVSS 8.1
CVE-2024-6387 NOMISEC HIGH
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by JackSparrowhk
CVSS 8.1
CVE-2024-39203 NOMISEC MEDIUM
Z-BlogPHP < 1.7.3.3230 - Cross-Site Scripting in Backend Theme Management
A cross-site scripting (XSS) vulnerability in the Backend Theme Management module of Z-BlogPHP v1.7.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
by 5r1an
CVSS 6.1
CVE-2024-6387 NOMISEC HIGH
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by AiGptCode
11 stars
CVSS 8.1
CVE-2024-39844 NOMISEC CRITICAL
ZNC < 1.9.1 - Remote Code Execution via modtcl KICK Command
In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK.
by ph1ns
1 stars
CVSS 9.8
CVE-2016-10956 NOMISEC HIGH
mail-masta 1.0 - Local File Inclusion in count_of_send.php and csvexport.php
The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php.
by Hackhoven
1 stars
CVSS 7.5
CVE-2024-4577 NOMISEC CRITICAL
PHP CGI Argument Injection Remote Code Execution
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
by charis3306
CVSS 9.8
CVE-2024-6387 NOMISEC HIGH
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by t3rry327
CVSS 8.1
CVE-2017-1000251 NOMISEC HIGH
Linux Kernel 2.6.32-4.13.1 - Remote Code Execution via Bluetooth L2CAP Configuration Response
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.
by sgxgsx
6 stars
CVSS 8.0
CVE-2024-6387 NOMISEC HIGH
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by CognisysGroup
CVSS 8.1
CVE-2024-21413 NOMISEC CRITICAL
Microsoft 365 Apps and Office 2016-2019 - Remote Code Execution via Moniker Link
Microsoft Outlook Remote Code Execution Vulnerability
by Redfox-Security
CVSS 9.8
CVE-2023-3881 NOMISEC MEDIUM
Campcodes Beauty Salon Management System 1.0 - SQL Injection
A vulnerability classified as critical was found in Campcodes Beauty Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument contactno leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235243.
by AnugiArrawwala
CVSS 6.3
CVE-2017-0144 NOMISEC HIGH
Microsoft Windows SMBv1 - Remote Code Execution via Crafted Packets
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
by AnugiArrawwala
CVSS 8.8
CVE-2011-2523 NOMISEC CRITICAL
vsftpd 2.3.4 - Backdoor Command Execution
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
by AnugiArrawwala
CVSS 9.8
CVE-2024-6387 NOMISEC HIGH
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by sxlmnwb
18 stars
CVSS 8.1
CVE-2024-5084 NOMISEC CRITICAL
Hash Form - Drag & Drop Form Builder <= 1.1.0 - Unauthenticated Arbitrary File Upload via file_upload_action Function
The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'file_upload_action' function in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
by WOOOOONG
CVSS 9.8
CVE-2024-26144 NOMISEC MEDIUM
Rails 5.2.0-6.1.7.6 - Sensitive Session Information Leak via Active Storage Blob Set-Cookie Header
Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user's session cookie when serving blobs. It also sets Cache-Control to public. Certain proxies may cache the Set-Cookie, leading to an information leak. The vulnerability is fixed in 7.0.8.1 and 6.1.7.7.
by gmo-ierae
CVSS 5.3
CVE-2023-2375 NOMISEC HIGH
Ubiquiti EdgeRouter X <2.0.9-hotfix.6 - Command Injection
A weakness has been identified in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. Impacted is an unknown function of the component Web Management Interface. Executing a manipulation of the argument src can lead to command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The presence of this vulnerability remains uncertain at this time. The vendor position is that post-authentication issues are not accepted as vulnerabilities.
by 0x0jr
CVSS 7.2
CVE-2024-6387 NOMISEC HIGH
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by grupooruss
1 stars
CVSS 8.1
CVE-2024-6387 NOMISEC HIGH
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by edsonjt81
CVSS 8.1
CVE-2024-6387 NOMISEC HIGH
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by RickGeex
CVSS 8.1
CVE-2024-6387 NOMISEC HIGH
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by BrandonLynch2402
3 stars
CVSS 8.1
CVE-2024-6387 NOMISEC HIGH
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by xonoxitron
10 stars
CVSS 8.1
CVE-2024-6387 NOMISEC HIGH
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by n1cks0n
1 stars
CVSS 8.1
CVE-2014-6271 NOMISEC CRITICAL
Apache mod_cgi Bash Environment Variable Code Injection (Shellshock)
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
by AlissonFaoli
CVSS 9.8