8CVSS
5.6AI Score
EPSS
7.4AI Score
6.5CVSS
5.7AI Score
0.001EPSS
Possible loss of funds when withdrawing from L2 to L1
Lines of code https://github.com/code-423n4/2023-03-zksync/blob/main/contracts/libraries/SystemContractHelper.sol#L48 Vulnerability details Impact Context To initiate a withdrawal from L2 to L1, a user can call L2EthToken.withdraw method, then funds will be available to calim on L1 via...
6.9AI Score
Threat Advisory: Microsoft Outlook privilege escalation vulnerability being exploited in the wild
Update March 21, 2023: To aid defenders trying to detect and mitigate this vulnerability, we are providing a couple of additional resources. First, we are providing a ClamAV signature that detects this threat -- the rule can be found on our GitHub here and can be leveraged anywhere ClamAV...
9.8CVSS
9.8AI Score
0.915EPSS
When Dave Liebenberg started his first day at Talos, he had never even opened Terminal on a Mac before -- let alone written a Snort rule or infiltrated a dark web forum. He jokes that he was a trendsetter at Talos, becoming the first of many to break into security without having any prior...
6.4AI Score
SugarCRM 12.x Remote Code Execution / Shell Upload Exploit
This Metasploit module exploits CVE-2023-22952, a remote code execution vulnerability in SugarCRM 11.0 Enterprise, Professional, Sell, Serve, and Ultimate versions prior to 11.0.5 and SugarCRM 12.0 Enterprise, Sell, and Serve versions prior to...
8.8CVSS
9AI Score
0.537EPSS
7.5CVSS
7AI Score
0.001EPSS
TD Bank: Server-Status leads to exposure information
Summary Hi team i hope you are well t is a pleasure to work in your program. I will begin to present the vulnerability that I found it: Server-status leads to disclosure information Steps Vulnerable subdomain : 1.https://cred.sit.td.com/ Example POC: https://cred.sit.td.com/server-status Path:...
-0.3AI Score
Optimize images ALT Text (alt tag) & names for SEO using AI < 2.0.8 - Settings Update via CSRF
The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF...
6.5CVSS
0.3AI Score
0.001EPSS
OpenImageIO TIFF tile pels decoding heap-based buffer overflow
Talos Vulnerability Report TALOS-2022-1633 OpenImageIO TIFF tile pels decoding heap-based buffer overflow December 22, 2022 CVE Number CVE-2022-41639 SUMMARY A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and...
9.8CVSS
-0.3AI Score
0.004EPSS
Cross Site Scripting (XSS) Reflected
Description Reflected cross-site scripting (or XSS) arises when an application receives data in an HTTP request and includes that data within the immediate response in an unsafe way. # Proof of Concept ``` https://github.com/phpipam/phpipam/blob/master/app/subnets/mail-notify-subnet.php look in...
6.1CVSS
5.9AI Score
0.001EPSS
Unauthenticated stored XSS via username & name parameters
There is a stored XSS vulnerability due to improper sanitization of usernames. Vulnerable code User.php line 532: ```php public function isValidLogin(string $login): bool { $login = (string)$login; if (strlen($login) < $this->loginMinLength || !preg_match($this->validUsername,...
-0.6AI Score
tagDiv Composer < 3.5 - Unauthenticated Account Takeover
The plugin, required by the themes, does not properly implement the Facebook login feature, allowing unauthenticated attackers to login as any user by just knowing their email address PoC Run the below command in the developer console of the web browser while being on the blog as an...
9.8CVSS
2.3AI Score
0.003EPSS
zoneminder is vulnerable to cross-site scripting. The vulnerability is possible by backing out of the current "tr" "td" brackets which allows an attacker to inject and execute code that will execute when a user views the specific log on the "view=log"...
5.4CVSS
5.6AI Score
0.001EPSS
Member Hero <=1.0.9 - Remote Code Execution
WordPress Member Hero plugin through 1.0.9 is susceptible to remote code execution. The plugin lacks authorization checks and does not validate the a request parameter in an AJAX action, allowing an attacker to call arbitrary PHP functions with no arguments. An attacker can thus execute malware,...
9.8CVSS
10AI Score
0.284EPSS
-0.1AI Score
-0.3AI Score
AI Score