tenable/poc

tenable/poc

Releases0

Stars1.25K

Proof of Concepts

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-1160 ↗	Dec 20, 2018Thursday, 20 December 2018, 21:29	9.8 CRITICAL	10 HIGH
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
CVE-2018-15716 ↗	Nov 30, 2018Friday, 30 November 2018, 20:29	—	9 HIGH
NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root.
CVE-2018-1149 ↗	Sep 19, 2018Wednesday, 19 September 2018, 15:29	—	10 HIGH
cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests.