CVE-2021-31159

Zoho ManageEngine ServiceDesk Plus MSP - Active Directory User Enumeration (CVE-2021-31159) This script takes advantage of ServiceDesk Plus before build 10519 having different output in the password recovery functionality: if the user exists it returns a message claiming an email has been sent but if it does not exist the message is always the same Knowing this it is possible

CVE-2021-3115 Go before 11414 and 115x before 1157 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download) authentication complexity vector NONE HIGH NETWORK confidentiality integrity availabi

主流供应商的一些攻击性漏洞汇总 网络安全专家 @Alexander Knorr 在推特上分享的一些有关于供应商的一些 CVE 严重漏洞，详情，仅列出了 CVE 编号，无相关漏洞详情。所以在分享的图片基础上进行新增了漏洞 Title，官方公告，漏洞分析，利用代码，概念证明以及新增或删减了多个CVE等，另外

PoC in GitHub 2022 CVE-2022-0185 (2022-02-11) A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a f

PoC in GitHub 2021 CVE-2021-1056 (2021-01-07) NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidiako) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure pokerfaceSad/CVE-2021-1056 CVE-2021-

PoC in GitHub 2022 CVE-2022-0185 (2022-02-11) A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a f

PoC in GitHub 2022 CVE-2022-0185 (2022-02-11) A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a f