Lucene search
K

16 matches found

Circl
Circl
added 2025/05/28 12:14 p.m.28 views

CVE-2025-40673

creationtimestamp| type| source ---|---|--- 2025-05-28 12:14:01+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqa6ilhy6pc2 2025-05-28 13:42:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqadgi5exb2m...

5.3CVSS7AI score0.0027EPSS
Exploits0References2
CVE
CVE
added 2025/05/28 10:54 a.m.40 views

CVE-2025-40673

CVE-2025-40673 describes a Missing Authorization vulnerability in DinoRANK, enabling access to any user’s invoices via the endpoint /facturas/YYYY-MM/SDRYYMM-XXXXX.pdf due to absent access control. The PDF filename can be learned through OSINT, insecure traffic, or brute force. Documented impact ...

5.3CVSS6.5AI score0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:31 a.m.6 views

CVE-2024-40673

In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...

6.5CVSS8.4AI score0.00281EPSS
Exploits0
NVD
NVD
added 2025/01/28 8:15 p.m.20 views

CVE-2024-40673

In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...

6.5CVSS0.00281EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/01/28 8:15 p.m.8 views

CVE-2024-40673

In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...

6.5CVSS6.6AI score0.00281EPSS
Exploits0References3
OSV
OSV
added 2025/01/28 8:15 p.m.5 views

UBUNTU-CVE-2024-40673

In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...

6.5CVSS6.7AI score0.00281EPSS
Exploits0References4
Circl
Circl
added 2025/01/28 7:46 p.m.6 views

CVE-2024-40673

creationtimestamp| type| source ---|---|--- 2025-01-28 19:46:30+00:00| seen| https://infosec.exchange/users/cve/statuses/113907701524268534 2025-01-28 20:16:19+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgtbiu4cir2r 2025-01-28 22:09:30+00:00|...

6.5CVSS5.7AI score0.00281EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/01/28 7:13 p.m.16 views

CVE-2024-40673

In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...

0.00281EPSS
Exploits0References2
CVE
CVE
added 2025/01/28 7:13 p.m.330 views

CVE-2024-40673

CVE-2024-40673 affects Google Android (System component via ZipFile.java) with improper input validation of dynamic code loading, enabling remote code execution without privileges or user interaction. Public details confirm the issue and reference Android security bulletin guidance indicating pat...

6.5CVSS8.7AI score0.00281EPSS
Exploits0References2Affected Software1
NCSC
NCSC
added 2024/10/08 1:55 p.m.10 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. Samsung has fixed vulnerabilities relevant to Samsung mobile devices in Samsung Mobile. A malicious person could exploit the vulnerabilities to cause a denial-of-service, grant themselves elevated privileges or execute arbitrary code. The most serious...

9.8CVSS7.5AI score0.0146EPSS
Exploits18References2
CVE
CVE
added 2024/06/04 7:21 a.m.24 views

CVE-2023-40673

CVE-2023-40673 : WordPress plugin Cartpauj Register Captcha contains an improper control of interaction frequency that allows a bypass vulnerability in versions ≤ 1.0.02. The issue enables unauthenticated users to misuse the captcha functionality, described as a bypass vulnerability with low seve...

6.5CVSS6.5AI score0.00397EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/04 7:21 a.m.26 views

CVE-2023-40673 WordPress Cartpauj Register Captcha plugin <= 1.0.02 - Captcha Bypass vulnerability

: Improper Control of Interaction Frequency vulnerability in cartpauj Cartpauj Register Captcha allows Functionality Misuse.This issue affects Cartpauj Register Captcha: from n/a through 1.0.02...

6.5CVSS6.5AI score0.00397EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/08/21 12:0 a.m.17 views

WordPress Cartpauj Register Captcha Plugin <= 1.0.02 is vulnerable to Bypass Vulnerability

Software Cartpauj Register Captcha Type Plugin Vulnerable versions = 1.0.02 Fixed in 2.0.0 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2023-40673 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2347148519cf Credits qilin99 Require...

6.5CVSS6.6AI score0.00397EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2022/09/14 2:26 p.m.8 views

CVE-2022-40673

creationtimestamp| type| source ---|---|--- 2022-09-14 14:26:34+00:00| seen| https://t.me/cibsecurity/49768...

7.8CVSS7.5AI score0.00355EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/09/14 11:15 a.m.4 views

CVE-2022-40673

KDiskMark before 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache...

7.8CVSS5.8AI score0.00355EPSS
Exploits1References7
CVE
CVE
added 2022/09/14 5:12 a.m.65 views

CVE-2022-40673

KDiskMark before 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache, exposing a local-privilege impact (CVE-2022-40673). Affected versions are pre-3.1.0; remediation is to upgrade to 3.1.0 or newer, or apply access restrictions to the D-Bus methods until a patch i...

7.8CVSS7.6AI score0.00355EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder