Github Exploits
2,250 exploits tracked across all sources.
Ingress-Nginx - RCE
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
by hakaioffsec
Ollama <0.1.47 - Path Traversal
extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory.
by pankass
Ivanti Endpoint Manager Cloud Services Appliance - Path Traversal
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
by flyingllama87
Microsoft Defender < - Privilege Escalation
Microsoft Defender Security Feature Bypass Vulnerability
by ig-labs
Openbsd Openssh - Resource Allocation Without Limits
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.
by dolutech
Microsoft Edge Chromium < 133.0.3065.69 - Open Redirect
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
by toxy4ny
changedetection.io - RCE
changedetection.io is an open source web page change detection, website watcher, restock monitor and notification service. There is a Server Side Template Injection (SSTI) in Jinja2 that allows Remote Command Execution on the server host. Attackers can run any system command without any restriction and they could use a reverse shell. The impact is critical as the attacker can completely takeover the server machine. This can be reduced if changedetection is behind a login page, but this isn't required by the application (not by default and not enforced).
by TU-M
CVSS 10.0
Microsoft 365 Apps - Improper Input Validation
Microsoft Outlook Remote Code Execution Vulnerability
by Cyber-Trambon
CVSS 9.8
Idccms - CSRF
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/info_deal.php?mudi=rev&nohrefStr=close.
by phtcloud-dev
CVSS 5.4
WayOS IBR-7150 <17.06.23 - XSS
WayOS IBR-7150 <17.06.23 is vulnerable to Cross Site Scripting (XSS).
by WarmBrew
EQ Enterprise Management System <2.0.0 - Path Traversal
An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests.
by WarmBrew
Shenzhou News Union Enterprise Management System <18.8 - Incorrect Access Control
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allows attackers to access sensitive information regarding the server.
by WarmBrew
NUS-M9 ERP Mgmt <3.0.0 - Info Disclosure
An arbitrary file download vulnerability in the component /Doc/DownloadFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to download arbitrary files and access sensitive information via a crafted interface request.
by WarmBrew
NUS-M9 ERP Management Software <3.0.0 - Code Injection
An arbitrary file upload vulnerability in the component /Production/UploadFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to execute arbitrary code via uploading crafted files.
by WarmBrew
NUS-M9 ERP Mgmt <3.0.0 - Info Disclosure
An arbitrary file download vulnerability in the component /Basics/DownloadInpFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to download arbitrary files and access sensitive information via a crafted interface request.
by WarmBrew
NUS-M9 ERP Mgmt SW v3.0.0 - SQL Injection
NUS-M9 ERP Management Software v3.0.0 was discovered to contain a SQL injection vulnerability via the usercode parameter at /UserWH/checkLogin.
by WarmBrew
Super easy enterprise management system <1.0.0 - Info Disclosure
An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by entering a single quotation mark.
by WarmBrew
Super easy enterprise management system <1.0.0 - SQL Injection
SQL Injection vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the/ajax/Login.ashx component.
by WarmBrew
Super easy enterprise management system <1.0.0 - XSS
Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component.
by WarmBrew
Huizhi Enterprise Resource Management <1.0 - Info Disclosure
An issue in Huizhi enterprise resource management system v.1.0 and before allows a local attacker to obtain sensitive information via the /nssys/common/filehandle. Aspx component
by WarmBrew
Huizhi Enterprise Resource Management <1.0 - RCE
File Upload vulnerability in Huizhi enterprise resource management system v.1.0 and before allows a remote attacker to execute arbitrary code via the /nssys/common/Upload. Aspx? Action=DNPageAjaxPostBack component
by WarmBrew
MyPower vc8100 - Info Disclosure
MyPower vc8100 V100R001C00B030 was discovered to contain an arbitrary file read vulnerability via the component /tcpdump/tcpdump.php?menu_uuid.
by WarmBrew
Cloud based customer service management platform <1.0.0 - SQL Injec...
SQL Injection vulnerability in Cloud based customer service management platform v.1.0.0 allows a local attacker to execute arbitrary code via a crafted payload to Login.asp component.
by WarmBrew
Vehicle Management System <7.31.0.3 - Privilege Escalation
An issue in Vehicle Management System 7.31.0.3_20230412 allows an attacker to escalate privileges via the login.html component.
by WarmBrew
Roundcube Webmail 1.6.9 - XSS
Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail 1.6.9 allows remote authenticated users to upload a malicious file as an email attachment, leading to the triggering of the XSS by visiting the SENT session.
by riya98241
CVSS 6.1
By Source