Nomisec Exploits

22,019 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-12489 NOMISEC CRITICAL
Fastweb Askey RTV1907VW Firmware 0.00.81_FW_200_Askey - OS Command Injection via USB Remove Service Mount Parameter
An issue was discovered on Fastweb Askey RTV1907VW 0.00.81_FW_200_Askey 2018-10-02 18:08:18 devices. By using the usb_remove service through an HTTP request, it is possible to inject and execute a command between two & characters in the mount parameter.
by garis
2 stars
CVSS 9.8
CVE-2020-0601 NOMISEC HIGH
Windows 10 and Windows Server - Certificate Spoofing via ECC Certificate Validation
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
by IIICTECH
3 stars
CVSS 8.1
CVE-2019-19781 NOMISEC CRITICAL
Citrix ADC (NetScaler) Directory Traversal Scanner
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
by mekhalleh
CVSS 9.8
CVE-2020-0601 NOMISEC HIGH
Windows 10 and Windows Server - Certificate Spoofing via ECC Certificate Validation
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
by thimelp
CVSS 8.1
CVE-2018-6574 NOMISEC HIGH
GO < 1.8.6 - Code Injection
Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.
by No1zy
CVSS 7.8
CVE-2020-2551 NOMISEC CRITICAL
Oracle WebLogic Server <12.2.1.4 - RCE
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
by jas502n
80 stars
CVSS 9.8
CVE-2019-19781 NOMISEC CRITICAL
Citrix ADC (NetScaler) Directory Traversal Scanner
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
by projectzeroindia
370 stars
CVSS 9.8
CVE-2019-19781 NOMISEC CRITICAL
Citrix ADC (NetScaler) Directory Traversal Scanner
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
by redscan
1 stars
CVSS 9.8
CVE-2020-0601 NOMISEC HIGH
Windows 10 and Windows Server - Certificate Spoofing via ECC Certificate Validation
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
by MarkusZehnle
CVSS 8.1
CVE-2020-0601 NOMISEC HIGH
Windows 10 and Windows Server - Certificate Spoofing via ECC Certificate Validation
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
by JPurrier
CVSS 8.1
CVE-2019-2198 NOMISEC MEDIUM
Android 8.0-10 - SQL Injection in Download Provider
In Download Provider, there is a possible SQL injection vulnerability. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-135270103
by IOActive
35 stars
CVSS 5.5
CVE-2019-2196 NOMISEC MEDIUM
Android -8.0, -8.1, -9, -10 - SQL Injection
In Download Provider, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-135269143
by IOActive
2 stars
CVSS 5.5
CVE-2019-19781 NOMISEC CRITICAL
Citrix ADC (NetScaler) Directory Traversal Scanner
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
by b510
CVSS 9.8
CVE-2019-17221 NOMISEC HIGH
PhantomJS < 2.1.1 - Arbitrary File Read via XMLHttpRequest for file:// URI
PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HTML file, as user input, that allows reading arbitrary files on the filesystem. For example, if page.render() is the function callback, this generates a PDF or an image of the targeted file. NOTE: this product is no longer developed.
by h4ckologic
8 stars
CVSS 7.5
CVE-2019-19781 NOMISEC CRITICAL
Citrix ADC (NetScaler) Directory Traversal Scanner
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
by Castaldio86
CVSS 9.8
CVE-2019-19781 NOMISEC CRITICAL
Citrix ADC (NetScaler) Directory Traversal Scanner
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
by awesome-security
CVSS 9.8
CVE-2019-19781 NOMISEC CRITICAL
Citrix ADC (NetScaler) Directory Traversal Scanner
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
by digitalshadows
CVSS 9.8
CVE-2020-0601 NOMISEC HIGH
Windows 10 and Windows Server - Certificate Spoofing via ECC Certificate Validation
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
by SherlockSec
1 stars
CVSS 8.1
CVE-2019-11510 NOMISEC CRITICAL
Pulse Secure PCS <9.0R3.4 - Info Disclosure
In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability .
by BishopFox
135 stars
CVSS 10.0
CVE-2019-19781 NOMISEC CRITICAL
Citrix ADC (NetScaler) Directory Traversal Scanner
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
by MalwareTech
118 stars
CVSS 9.8
CVE-2018-9468 NOMISEC HIGH
Android - Arbitrary File Read and Write via DownloadManager Permissions Bypass
In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation.
by IOActive
20 stars
CVSS 7.1
CVE-2018-9493 NOMISEC MEDIUM
Android 7.0-9.0 - SQL Injection in Download Manager Content Provider
In the content provider of the download manager, there is a possible SQL injection due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111085900
by IOActive
8 stars
CVSS 5.5
CVE-2019-19781 NOMISEC CRITICAL
Citrix ADC (NetScaler) Directory Traversal Scanner
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
by zgelici
CVSS 9.8
CVE-2019-7238 NOMISEC CRITICAL
Sonatype Nexus Repository Manager <3.15.0 - Privilege Escalation
Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control.
by magicming200
25 stars
CVSS 9.8
CVE-2020-0601 NOMISEC HIGH
Windows 10 and Windows Server - Certificate Spoofing via ECC Certificate Validation
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
by nissan-sudo
2 stars
CVSS 8.1
By Source
All 22,019 Writeup 60,754 Exploitdb 50,023 Nomisec 22,019 Metasploit 3,235 Github 3,041 Vulncheck_xdb 909 Inthewild 514 Gitlab 461 Gitee 415 Patchapalooza 312
By Language
text 31,351 python 6,258 ruby 5,925 c 3,601 perl 2,849 html 2,057 php 1,327 bash 460 java 364 c++ 253 javascript 221 shell 106 go 65 postscript 25 xml 24