@aydinnyunus
Who am I ?
Overview
5
total CVE
Latest CVEs
5.5
CVE-2024-29409 -
File Upload vulnerability in nestjs nest v.10.3.2 allows a remote attacker to execute arbitrary code via the Content-Type header.
5.3
CVE-2024-27763 -
XPixelGroup BasicSR through 1.4.2 might locally allow code execution in contrived situations where "scontrol show hostname" is executed in the presence of a crafted SLURM_NODELIST environment variable.
7.5
CVE-2024-54000 - Mobile Security Framework (MobSF) bypass of SSRF fix
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In versions prior to 3.9.7, the requests.get() request in the _check_url method is specified as allow_redirects=True, which allows a server-side β¦
7.5
CVE-2024-29190 - MobSF SSRF Vulnerability on assetlinks_check(act_name, well_knowns)
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In version 3.9.5 Beta and prior, MobSF does not perform any input validation when extracting the hostnames in `android:host`, so requests can alsβ¦
4.8
CVE-2015-5521 -
Cross-site scripting (XSS) vulnerability in BlackCat CMS 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the name in a new group to backend/groups/index.php.