JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE Security Vulnerabilities

OpenSSL -- Denial of Service vulnerability

The OpenSSL project reports: Excessive time spent checking DSA keys and parameters (Low) Checking excessively long DSA keys or parameters may be very ...

Exploit for Out-of-bounds Read in Polkit Project Polkit

CVE-2021-4034 One day for the polkit privilege escalation...

Drupal core Denial of Service

A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are...

Exploit for Out-of-bounds Read in Polkit Project Polkit

Python3 code to exploit...

Exploit for Out-of-bounds Read in Polkit Project Polkit

CVE-2021-4034 PoC for PwnKit: Local Privilege Escalation...

Exploit for Out-of-bounds Read in Polkit Project Polkit

PwnKit-Exploit CVE-2021-4034 ...

Exploit for Out-of-bounds Read in Polkit Project Polkit

██████╗ ██╗ ██╗██╗ ██╗███╗ ██╗███████╗██████╗ ██╔══██...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Wordpress

CVE-2022-3590 WordPress Vulnerability Scanner This Python...

Drupal core Denial of Service

A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are...

Insufficient Verification Of Data Authenticity

sshpiper is vulnerable to Insufficient Verification of Data Authenticity. The vulnerability is due to the proxy protocol listener which does specify a specific listener, allowing an attacker forage the proxy source...

Denial Of Service (DoS)

putty is vulnerable to Denial Of Service (DoS). The vulnerability is due to remote SSH-1 servers accessing freed memory locations via an SSH1_MSG_DISCONNECT message in PuTTY, allows remote SSH-1 servers to trigger a denial of service...

Denial Of Service (DoS)

github.com/golang/go is vulnerable to Denial Of Service (DoS). The vulnerability is due to improper corruption checks which causes the lookup function to get stuck in an infinite loop, which allows an attacker to cause Denial of Service (DoS) by submitting a malformed DNS...

Denial Of Service (DoS)

pdns-recursor is vulnerable to a Denial of Service(DoS). The vulnerability is due to the Recursor's improper handling of crafted responses received from upstream servers during recursive forwarding, allows attackers to trigger a Denial of...

Denial Of Service (DoS)

github.com/vitessio/vitess is vulnerable to Denial Of Service (DoS). The vulnerability is caused by an endless loop triggered by a specific query in the vtgate component. This loop leads to continuous memory consumption, eventually resulting in Denial of Service...

Drupal core Denial of Service

A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are...

Exploit for Insecure Default Initialization of Resource in Apache Superset

CVE-2023-27524: Apache Superset Auth Bypass Script to check...

Deserialization Of Untrusted Data

org.apache.inlong: manager-pojo is vulnerable to Deserialization of Untrusted Data. The vulnerability is caused by improper query parameters sanitization within the filterSensitive method, which allows an attackers to bypass JDBC security...

Exploit for Out-of-bounds Read in Polkit Project Polkit

pkexec-exploit Local Privilege Escalation in polkit's pkexec...

Exploit for Improper Handling of Exceptional Conditions in Google Android

CVE-2021-0928, writeToParcel/createFromParcel serialization...

Exploit for Out-of-bounds Read in Polkit Project Polkit

b0VIM...

Exploit for Out-of-bounds Write in Linux Linux Kernel

io_uring_LPE-CVE-2023-2598 LPE exploit for CVE-2023-2598....

Exploit for Out-of-bounds Read in Linux Linux Kernel

Linux_LPE_eBPF_CVE-2021-3490 LPE exploit for CVE-2021-3490....

Exploit for Out-of-bounds Write in Microsoft

CVE-2022-21882 Win32k Elevation Of Privileges...

Exploit for Out-of-bounds Read in Polkit Project Polkit

PwnKit Self-contained exploit for CVE-2021-4034 - Pkexec...

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

CVE-2024-21762 Check Safely detect whether a FortiGate SSL...

Deserialization Of Untrusted Data

spatie/image-optimizer is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to a lack of file protocol checks before it's passed to the file_exists() function. This allows attackers to use the phar:// protocol to deserialize a malicious script, which results in Remote Code.....

Exploit for Deserialization of Untrusted Data in Apache Activemq

ActiveMQ-RCE ActiveMQ RCE (CVE-2023-46604) exploit, written...

Exploit for Out-of-bounds Read in Polkit Project Polkit

CVE-2021-4034 Precompiled builds for CVE-2021-4034. Of...

OpenStack Glance Denial of service by creating a large number of images

OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them, a different...

Drupal core Denial of Service

A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are...

Bouncy Castle Denial of Service (DoS)

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has...

Denial Of Service (DOS)

ibm.mq is vulnerable to a Denial of service. The vulnerability is due to insufficient handling of HTTP requests, which allows an attacker to craft requests that cause excessive resource consumption. This can potentially leads to Denial of...

Out Of Bounds Read

Chrome is vulnerable to Out Of Bounds Read. The vulnerability due to improper handling of out-of-bounds reads, allows a remote attacker to leak cross-site data via a crafted HTML...

Exploit for Out-of-bounds Write in Fortinet Fortios-6K7K

Usage: python3 cve-2022-42475.py rhost rport lhost 'command'...

Exploit for Out-of-bounds Write in Linux Linux Kernel

CVE-2022-1015 This repository contains a PoC for local...

Denial Of Service (DoS)

github.com/stacklok/minder is vulnerable to Denial Of Service (DoS). The vulnerability is due to improper validation of HTTP requests before processing them in server.go, allowing untrusted requests to crash the Minder control plane, denying service to other...

OpenStack Identity (Keystone) Denial of Service

OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) via multiple long...

CVE-2024-20358

A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with...

Bouncy Castle Denial of Service (DoS)

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has...

Denial Of Service

Bind9 is vulnerable to denial of service. The vulnerability is due to asynchronous processes of named running as a recursive resolver component of BIND, when attempting to clean up its cache database which enables the list of queued cleanup events to grow infinitely large over time, allowing the...

Exploit for Insecure Default Initialization of Resource in Apache Superset

...

OpenStack Glance Denial of service by creating a large number of images

OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them before the...

Denial Of Service (DoS)

XNIO API is vulnerable to Denial of Service (DoS). The vulnerability is caused due to the problematic accumulation of notifier states within the chain. When this chain grows to be excessively large, it can lead to a StackOverflowException, overwhelming the stack and potentially causing Denial of...

Denial Of Service (DoS)

ryu is vulnerable to Denial Of Service (DoS). The vulnerability is due to inadequate input validation within the OFPFlowStats function in parser.py, which allows an attackers to trigger an infinite loop by setting the length of the inst parameter to...

Denial Of Service (DoS)

ryu is vulnerable to Denial Of Service (DoS). The vulnerability is due to inadequate input validation when the OFPQueueProp length is 0 within the OFPPacketQueue function in parser.py, which allows an attacker to trigger an infinite loop by setting the length parameter to...

Denial Of Service (DoS)

ryu is vulnerable to Denial of service. The vulnerability is due to inadequate input validation when the length=0 within the OFPHello function in parser.py, which results in an infinite...

Exploit for Out-of-bounds Read in Polkit Project Polkit

CVE-2021-4034-PwnKit PwnKit PoC for Polkit pkexec...

Denial Of Service (DoS)

ryu is vulnerable to Denial of Service (DoS). The vulnerability is due to the OFPBucket function in parser.py when processing an OpenFlow action with a length of zero, which results an infinite...

Denial Of Service (DoS)

ryu is vulnerable to Denial of Service (DoS). The vulnerability is due to improper handling of OFPGroupDescStats in ofproto_v1_3_parser.py, where setting the length of OFPBucket to 0 causes the offset and length to remain unchanged, leading to an infinite loop during...

INSTALL_DONT_KILL_APP can be used to force a mismatch between running code and a parsed APK

In validateApkInstallLocked of PackageInstallerSession.java, there is a way to force a mismatch between running code and a parsed APK . This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...