GHSA-JRM8-XGF3-FWQR MobSF Partial Denial of Service (DoS)

Partial Denial of Service DoS Product: MobSF Version: v4.2.9 CWE-ID: CWE-1287: Improper Validation of Specified Type of Input CVSS vector v.4.0: 6.9 AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVSS vector v.3.1: 6.5 AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Description: DoS in the Scans...

MobSF Partial Denial of Service (DoS)

Partial Denial of Service DoS Product: MobSF Version: v4.2.9 CWE-ID: CWE-1287: Improper Validation of Specified Type of Input CVSS vector v.4.0: 6.9 AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVSS vector v.3.1: 6.5 AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Description: DoS in the Scans...

GHSA-CXQQ-W3X5-7PH3 MobSF Stored Cross-Site Scripting (XSS)

Product: MobSF Version: CFBundleIdentifier value. In the dynamicanalysis.html file you do not sanitize...

PT-2025-5745

Name of the Vulnerable Software and Affected Versions: Mobile Security Framework MobSF versions prior to 4.3.1 Description: The issue concerns a stored cross-site scripting XSS vulnerability in the iOS Dynamic Analyzer functionality of the Mobile Security Framework MobSF. According to Apple's...

The vulnerability of the dynamic analyzer for XML files in the wsisapi.dll library of the enterprise automation system 1C:Enterprise allows a perpetrator to cause service failures and gain access to internal network resources.

The vulnerability of the dynamic analyzer for XML files in the wsisapi.dll library of the enterprise automation system 1C:Enterprise is related to the implementation of XML. Exploiting this vulnerability can allow a malicious actor to cause service failures and gain access to internal network...