Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to.....
7.5CVSS
7.1AI Score
0.006EPSS
Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to.....
6.8AI Score
0.006EPSS
Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to.....
7.5CVSS
7.3AI Score
0.006EPSS
Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown...
7.8CVSS
7.3AI Score
0.001EPSS
Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown...
7.8CVSS
7.5AI Score
0.001EPSS
Cosmos packet-forward-middleware vulnerable to chain-halt
The Cosmos SDK is used for Inter-Blockchain Communication Protocol (IBC) applications and middleware. The packet-forward-middleware module is an IBC middleware module built for Cosmos blockchains utilizing the IBC protocol allowing routing of incoming IBC packets from a source chain to a...
6.8AI Score
Cosmos packet-forward-middleware vulnerable to chain-halt
The Cosmos SDK is used for Inter-Blockchain Communication Protocol (IBC) applications and middleware. The packet-forward-middleware module is an IBC middleware module built for Cosmos blockchains utilizing the IBC protocol allowing routing of incoming IBC packets from a source chain to a...
6.8AI Score
Security Bulletin: IBM Integration Bus is vulnerable to a denial of service due to Eclipse Mosquitto
Summary IBM Integration Bus is vulnerable to a denial of service due to Eclipse Mosquitto (CVE-2023-28366, CVE-2023-3592, CVE-2023-0809). Vulnerability Details ** CVEID: CVE-2023-28366 DESCRIPTION: **Eclipse Mosquitto is vulnerable to a denial of service, caused by a memory leak flaw in the...
6.6AI Score
0.001EPSS
JustSystems Corporation Ichitaro "Figure" stream use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1758 JustSystems Corporation Ichitaro "Figure" stream use-after-free vulnerability October 19, 2023 CVE Number CVE-2023-34366 SUMMARY A use-after-free vulnerability exists in the Figure stream parsing functionality of Ichitaro 2023 1.0.1.59372. A specially...
7.4AI Score
0.004EPSS
JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1809 JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser out-of-bounds write vulnerability October 19, 2023 CVE Number CVE-2023-38128 SUMMARY An out-of-bounds write vulnerability exists in the “HyperLinkFrame” stream parser of Ichitaro 2023...
7.6AI Score
0.002EPSS
JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1808 JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser integer overflow vulnerability October 19, 2023 CVE Number CVE-2023-38127 SUMMARY An integer overflow exists in the “HyperLinkFrame” stream parser of Ichitaro 2023 1.0.1.59372. A specially...
7.8AI Score
0.001EPSS
Security Bulletin: IBM Aspera Faspex has addressed an IP address restriction bypass vulnerability
Summary IBM Aspera Faspex could allow a malicious actor to bypass the whitelist IP check at user log in. This is not an unauthorized user access exploit. Vulnerability Details ** CVEID: CVE-2023-30995 DESCRIPTION: **IBM Aspera Faspex 4.0 through 4.4.2 and 5.0 through 5.0.5 could allow a...
6.9AI Score
0.001EPSS
Achieving DORA Compliance with Qualys: A Comprehensive Approach
In the ever-changing landscape of finance and technology, it is crucial to have robust operational resilience and compliance frameworks. The Digital Operational Resilience Act (DORA) framework is a significant step in this direction, as it is intended to strengthen the resilience of financial...
6.7AI Score
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property...
7.5CVSS
6AI Score
0.0004EPSS
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property...
7.4AI Score
0.0004EPSS
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property...
7.3AI Score
0.0004EPSS
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property...
7.1AI Score
0.0004EPSS
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property...
7.5CVSS
7.3AI Score
0.0004EPSS
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property...
6.1AI Score
0.0004EPSS
Debian DSA-5511-1 : mosquitto - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5511 advisory. In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is...
7.9AI Score
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property...
7.2AI Score
0.0004EPSS
6.5AI Score
0.002EPSS
[SECURITY] [DSA 5511-1] mosquitto security update
Debian Security Advisory DSA-5511-1 [email protected] https://www.debian.org/security/ Markus Koschany October 01, 2023 https://www.debian.org/security/faq Package : mosquitto CVE ID : CVE-2021-34434 CVE-2023-0809...
5.3CVSS
7.1AI Score
0.001EPSS
9.8CVSS
7.1AI Score
0.002EPSS
TOTOLINK Wireless Routers Remote Command Execution Exploit
Multiple TOTOLINK network products contain a command injection vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the command parameter. After exploitation, an attacker will have full access with the same user privileges under...
8.2AI Score
0.96EPSS
Analyzing a Modern In-the-wild Android Exploit
By Seth Jenkins, Project Zero Introduction In December 2022, Google’s Threat Analysis Group (TAG) discovered an in-the-wild exploit chain targeting Samsung Android devices. TAG’s blog post covers the targeting and the actor behind the campaign. This is a technical analysis of the final stage of...
8.7AI Score
0.712EPSS
A command injection vulnerability exists in RTS VLink Virtual Matrix Software Versions v5 (< 5.7.6) and v6 (< 6.5.0) that allows an attacker to perform arbitrary code execution via the admin web...
7.2CVSS
8AI Score
0.001EPSS
A command injection vulnerability exists in RTS VLink Virtual Matrix Software Versions v5 (< 5.7.6) and v6 (< 6.5.0) that allows an attacker to perform arbitrary code execution via the admin web...
7.2CVSS
7.5AI Score
0.001EPSS
A command injection vulnerability exists in RTS VLink Virtual Matrix Software Versions v5 (< 5.7.6) and v6 (< 6.5.0) that allows an attacker to perform arbitrary code execution via the admin web...
8.1AI Score
0.001EPSS
An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged users, because of directly assigning log_addrs with a hole in the...
3.3CVSS
3.6AI Score
0.0004EPSS
An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged users, because of directly assigning log_addrs with a hole in the...
3.3CVSS
3.6AI Score
0.0004EPSS
An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged users, because of directly assigning log_addrs with a hole in the...
6.6AI Score
0.0004EPSS
TOTOLINK Wireless Routers unauthenticated remote command execution vulnerability.
Multiple TOTOLINK network products contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter. After exploitation, an attacker will have full access with the same user privileges under...
10AI Score
0.96EPSS
Siemens RUGGEDCOM ROS Buffer Copy Without Checking Size of Input (CVE-2021-31895)
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V4.3.7), RUGGEDCOM ROS M2200 (All versions < V4.3.7), RUGGEDCOM ROS M969 (All versions < V4.3.7), RUGGEDCOM ROS RMC (All versions < V4.3.7), RUGGEDCOM ROS RMC20 (All versions < V4.3.7), RUGGEDCOM ROS RMC30 (Al...
9.6AI Score
Exploit for Vulnerability in Apple Macos
%PDF-1.5 %���� 16 0 obj << /Length 972 /Filter...
7.1AI Score
0.001EPSS
VMware vRealize Log Insight Unauthenticated Remote Code Execution Exploit
VMware vRealize Log Insights versions 8.x contain multiple vulnerabilities, such as directory traversal, broken access control, deserialization, and information disclosure. When chained together, these vulnerabilities allow a remote, unauthenticated attacker to execute arbitrary commands on the...
8.8AI Score
0.007EPSS
9.8CVSS
7.1AI Score
0.002EPSS
Oracle Linux 8 : kernel (ELSA-2020-4431)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4431 advisory. drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference....
8.5AI Score
A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But...
8.8CVSS
9AI Score
0.001EPSS
A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But...
8.8CVSS
9.1AI Score
0.002EPSS
CVE-2023-4746 TOTOLINK N200RE V5 Validity_check format string
A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But...
9.2AI Score
0.002EPSS
Fedora 38 : libwebsockets / mosquitto (2023-6a87c003c4)
The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-6a87c003c4 advisory. In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. (CVE-2023-0809) In...
6.8AI Score
Fedora 37 : mosquitto (2023-e7ed15ab9e)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-e7ed15ab9e advisory. In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. (CVE-2023-0809) In...
6.9AI Score
FetLife: fetlife.com/signup_step_profile expose access_token of mapbox.com
Hi fetlife, I'm investigate on registration step on your site, in registration step at https://fetlife.com/signup_step_profile when user type in field "private_location_name" {F2652527} it use frontend call to api.mapbox.com directly thus expose access_token, I was able to call it directly via...
7.2AI Score
software: mosquitto 2.0.15 WASP: ROSA-CHROME package_evr_string: mosquitto-2.0.15-2.src.rpm CVE-ID: CVE-2021-34431 BDU-ID: 2022-01775 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Mosquitto message broker is related to incorrect processing of a CONNECT packet without will topic, will message.....
6.7AI Score
0.001EPSS
Lines of code Vulnerability details Comments The underlying yield vaults used by the V5 vaults usually round down shares received when depositing. As a result, if the Vault deposits to an underlying yield vault that has already issued shares, it is possible that a deposit could be rounded down to.....
6.7AI Score
Claiming prizes will be bricked if prize periods are not aligned with twab periods
Lines of code https://github.com/GenerationSoftware/pt-v5-twab-controller/blob/main/src/libraries/TwabLib.sol#L244-L251 https://github.com/GenerationSoftware/pt-v5-twab-controller/blob/main/src/libraries/TwabLib.sol#L650-L658 Vulnerability details Comments The previous implementation allowed a...
6.5AI Score
Number of prize tiers may never scale due to aggressive new algorithm
Lines of code https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/main/src/PrizePool.sol#L807-L811 https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/main/src/abstract/TieredLiquidityDistributor.sol#L602-L619...
6.7AI Score
Loss of precision in the YieldVault causes DoS when depositing from the Vault
Lines of code Vulnerability details Title Loss of precision in the YieldVault causes DoS when depositing from the Vault Original Issue M-22 - Loss of precision leads to undercollateralized Details The original demonstrates how the Vault could fall into undercollateralization mode if the YieldVault....
6.6AI Score
7.4AI Score
0.002EPSS