Nomisec Exploits
21,834 exploits tracked across all sources.
Cisco Expressway Series/VCS - Command Injection
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to establish a remote shell with root privileges.
by peter5he1by
CVSS 6.5
Microsoft Windows 10 - Incorrect Authorization
Secure Boot Security Feature Bypass Vulnerability
by Wack0
Microsoft Windows 10 - Incorrect Authorization
Secure Boot Security Feature Bypass Vulnerability
by ASkyeye
Planno Planning Biblio - XSS
A vulnerability was found in Planno 23.04.04. It has been classified as problematic. This affects an unknown part of the component Comment Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239865 was assigned to this vulnerability.
by PH03N1XSP
CVSS 3.5
ImageMagick - RCE
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.
by overgrowncarrot1
Sharepoint Dynamic Proxy Generator Unauth RCE
Microsoft SharePoint Server Elevation of Privilege Vulnerability
by Chocapikk
Cassianetworks Access Controller - CSRF
An issue was discovered in Cassia Access Controller 2.1.1.2303271039. Establishing a web SSH session to gateways is vulnerable to Cross Site Request Forgery (CSRF) attacks.
by Dodge-MPTC
mooSocial <3.1.8 - XSS
A reflected cross-site scripting (XSS) vulnerability exisits in multiple url of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL.
by ahrixia
CVSS 6.1
mooSocial 3.1.8 - SSRF
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, data[wall_photo], data[userShareVideo] and data[userShareLink].
by ahrixia
macOS Ventura <13.5 - Privilege Escalation
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.5. A sandboxed process may be able to circumvent sandbox restrictions.
by gergelykalman
Google Android - Improper Input Validation
In readFrom of Uri.java, there is a possible bad URI permission grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
by Trinadh465
CVSS 7.8
Sophos Sfos < 18.5.3 - Authentication Bypass
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
by Cyb3rEnthusiast
Microsoft Windows 10 - Incorrect Authorization
Secure Boot Security Feature Bypass Vulnerability
by nova-master
Microsoft Windows 10 1507 < 1.12.16 - Improper Certificate Validation
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
by tyj956413282
CVSS 8.1
Google Chrome <116.0.5845.187 - Buffer Overflow
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
by talbeerysec
Concretecms Concrete Cms - Unrestricted File Upload
Concrete CMS v9.2.1 is affected by an Arbitrary File Upload vulnerability via a Thumbnail file upload, which allows Cross-Site Scripting (XSS). NOTE: the vendor's position is that a customer is supposed to know that "pdf" should be excluded from the allowed file types, even though pdf is one of the allowed file types in the default configuration.
by sromanhu
CVSS 5.4
Concretecms Concrete Cms - XSS
A Cross Site Scripting (XSS) vulnerability in Concrete CMS before 9.2.3 exists via the Name parameter during installation (aka Site of Installation or Settings).
by sromanhu
CVSS 5.4
Concretecms Concrete Cms - XSS
A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings. NOTE: the vendor disputes this because this SEO-related header change can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature.
by sromanhu
CVSS 4.8
Concretecms Concrete Cms - XSS
A Cross Site Scripting (XSS) vulnerability in Concrete CMS from versions 9.2.0 to 9.2.2 allows an attacker to execute arbitrary code via a crafted script to the Tags from Settings - Tags.
by sromanhu
CVSS 5.4
Concretecms Concrete Cms < 9.2.2 - XSS
Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS versions affected to 8.5.13 and below, and 9.0.0 through 9.2.1 allow a local attacker to execute arbitrary code via a crafted script to the Forms of the Data objects.
by sromanhu
CVSS 5.4
Concretecms Concrete Cms < 9.2.2 - XSS
A Cross Site Scripting (XSS) vulnerability in Concrete CMS versions 8.5.12 and below, and 9.0 through 9.2.1 allows an attacker to execute arbitrary code via a crafted script to Plural Handle of the Data Objects from System & Settings.
by sromanhu
CVSS 5.4
Ivanti Avalanche < 6.4.1 - Out-of-Bounds Write
An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution.
Thanks to a Researcher at Tenable for finding and reporting.
Fixed in version 6.4.1.
by x0rb3l
CVSS 9.8
Concretecms Concrete Cms - XSS
Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics. NOTE: the vendor disputes this because these header/footer changes can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature. Also, the exploitation method claimed by "sromanhu" does not provide any access to a Concrete CMS session, because the Concrete CMS session cookie is configured as HttpOnly.
by sromanhu
CVSS 4.8
Gdidees Cms - XSS
GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title.
by sromanhu
CVSS 5.4
android-gif-drawable <1.2.18 - RCE
A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of service when the library is used to parse a specially crafted GIF image.
by tucommenceapousser
By Source