Lucene search
K

51 matches found

CVE
CVE
added 2025/06/13 7:0 a.m.66 views

CVE-2025-22239

CVE-2025-22239 – Salt Master event injection : The Salt Master’s _minion_event method can be abused by an authorized minion to push arbitrary events onto the master's event bus, enabling potential impact on integrity and confidentiality (I, C) with low availability impact. The advisory notes this...

8.1CVSS8.3AI score0.00159EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/13 7:0 a.m.5 views

CVE-2025-22239 CVE-2025-22239 salt advisory

Arbitrary event injection on Salt Master. The master's "minionevent" method can be used by and authorized minion to send arbitrary events onto the master's event bus...

8.1CVSS7.5AI score0.00159EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/13 12:0 a.m.3 views

PT-2025-25394 · Unknown +1 · Salt-Master +1

Name of the Vulnerable Software and Affected Versions: Salt Master affected versions not specified Description: The issue allows arbitrary event injection on the Salt Master. An authorized minion can use the master's minion event method to send arbitrary events onto the master's event bus...

9.6CVSS6.2AI score0.00959EPSS
Exploits0References27
Cvelist
Cvelist
added 2024/02/16 12:8 a.m.22 views

CVE-2024-0038

In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible arbitrary input event injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.4AI score0.00133EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/16 12:0 a.m.3 views

Google Android Security Vulnerability

Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in Google Android, which stems from a lack of permission checking in the injectInputEventToInputFilter method of the AccessibilityManagerService.java file, which cou...

8.4CVSS6.8AI score0.00133EPSS
Exploits0References4
OSV
OSV
added 2024/02/01 12:0 a.m.32 views

ASB-A-309426390

In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible arbitrary input event injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

8.4CVSS7.9AI score0.00133EPSS
Exploits0References2
n0where
n0where
added 2018/05/08 4:11 a.m.24 views

MITM RDP Connections: Seth

Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials. It was developed to raise awareness and educate about the importance of properly configured RDP connections in the context of pentests, workshops...

0.4AI score
Exploits0References2
Exploit DB
Exploit DB
added 2006/03/11 12:0 a.m.65 views

Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities

Jupiter CMS , to redirect the user to a page of your choice, to avoid suspicion and disclosure of your cookiestealer's location. This injections would allow an attacker to redirect users to a page of his choice, effectively defacing the page:...

7AI score
Exploits0
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.6 views

CVE-2026-47212: Twilio Notifier Webhook Parser Never Verifies the X-Twilio-Signature HMAC: Unauthenticated Webhook Event Injection

More info at https://symfony.com/cve-2026-47212...

5.8AI score0.00026EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.6 views

CVE-2026-45754: Mailjet Mailer and LOX24 Notifier Webhook Parsers Never Verify the Configured Secret: Unauthenticated Webhook Event Injection

More info at https://symfony.com/cve-2026-45754...

5.8AI score0.00103EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.4 views

CVE-2026-45754: Mailjet Mailer and LOX24 Notifier Webhook Parsers Never Verify the Configured Secret: Unauthenticated Webhook Event Injection

More info at https://symfony.com/cve-2026-45754...

5.8AI score0.00103EPSS
Exploits0Affected Software1
Rows per page
Query Builder