Lucene search
+L

186 matches found

NVD
NVD
added 2023/10/11 1:15 a.m.29 views

CVE-2023-44689

e-Gov Client Application Windows version versions prior to 2.1.1.0 and e-Gov Client Application macOS version versions prior to 1.1.1.0 are vulnerable to improper authorization in handler for custom URL scheme. A crafted URL may direct the product to access an arbitrary website. As a result, the...

4.3CVSS4.7AI score0.00355EPSS
Exploits0References2
Prion
Prion
added 2023/10/11 1:15 a.m.26 views

Authorization

e-Gov Client Application Windows version versions prior to 2.1.1.0 and e-Gov Client Application macOS version versions prior to 1.1.1.0 are vulnerable to improper authorization in handler for custom URL scheme. A crafted URL may direct the product to access an arbitrary website. As a result, the...

4.3CVSS4.7AI score0.00355EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/11 12:6 a.m.18 views

CVE-2023-44689

e-Gov Client Application Windows version versions prior to 2.1.1.0 and e-Gov Client Application macOS version versions prior to 1.1.1.0 are vulnerable to improper authorization in handler for custom URL scheme. A crafted URL may direct the product to access an arbitrary website. As a result, the...

6.9AI score0.00355EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/10/11 12:6 a.m.29 views

CVE-2023-44689

e-Gov Client Application Windows version versions prior to 2.1.1.0 and e-Gov Client Application macOS version versions prior to 1.1.1.0 are vulnerable to improper authorization in handler for custom URL scheme. A crafted URL may direct the product to access an arbitrary website. As a result, the...

5AI score0.00355EPSS
Exploits0References2
CVE
CVE
added 2023/10/11 12:6 a.m.65 views

CVE-2023-44689

CVE-2023-44689 affects e-Gov Client Application: Windows prior to 2.1.1.0 and macOS prior to 1.1.1.0 are vulnerable to improper authorization in the handler for the custom URL scheme. A crafted URL can direct the application to access an arbitrary website, enabling phishing scenarios. Publicly do...

4.3CVSS4.7AI score0.00355EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/10/06 12:0 a.m.46 views

JVN#15808274: e-Gov Client Application fails to restrict custom URL schemes properly

e-Gov Client Application is installed, a Custom URL Scheme is configured on the system to enable invoking the product through a web browser. This custom URL contains the information about the website which the product should access, and a crafted URL may direct the application to access an...

4.3CVSS4.5AI score0.00355EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2023/09/23 3:32 p.m.9 views

creative.gov.au Cross Site Scripting vulnerability OBB-3704322

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/09/01 3:7 p.m.14 views

antigo.mctic.gov.br Cross Site Scripting vulnerability OBB-3631019

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Code423n4
Code423n4
added 2023/08/10 12:0 a.m.9 views

If gov use removeGauge users who use votingPower for that gauge will lose their votingPower infinetly.

Lines of code Vulnerability details Impact When gov use removeGauge gauge's power changed to the 0, however there is no reset for user votePower which stored in voteuserpower mapping. Because of that users will lose their voting power. For example if a user give his 1000 votingPower to removedGau...

6.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/08/02 11:7 p.m.10 views

vinhedo.sp.gov.br Cross Site Scripting vulnerability OBB-3566253

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/06/25 8:30 a.m.5 views

servicos.anchieta.sc.gov.br Cross Site Scripting vulnerability OBB-3468160

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/06/25 7:35 a.m.13 views

servicos.capinzal.sc.gov.br Cross Site Scripting vulnerability OBB-3467919

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/06/13 2:38 p.m.14 views

ssodev.sharedservices.dir.texas.gov Cross Site Scripting vulnerability OBB-3424513

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/04/14 2:48 p.m.8 views

servicos.seara.sc.gov.br Cross Site Scripting vulnerability OBB-3261702

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/04/13 12:2 p.m.13 views

servicos.xanxere.sc.gov.br Cross Site Scripting vulnerability OBB-3259911

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/11/28 9:56 a.m.10 views

labour.tn.gov.in Cross Site Scripting vulnerability OBB-3076111

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Openbugbounty
Openbugbounty
added 2022/08/02 8:22 a.m.15 views

covid.setequedas.ms.gov.br Cross Site Scripting vulnerability OBB-2823799

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/07/21 10:55 a.m.3 views

Malicious code in analytics.usa.gov (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1a33363f19a2f8802327fdc87bafbb52ff7966afefd35a4a378d19651da0132 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/07/21 10:55 a.m.4 views

MAL-2022-5990 Malicious code in search-gov-website (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 451bca5bdb635f0f47d70d754081dd0ca0a128b60a2c3fb3821b252695738d9b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Openbugbounty
Openbugbounty
added 2022/07/05 4:36 p.m.8 views

egov2.miamigov.com Open Redirect vulnerability OBB-2726691

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

0.1AI score
Exploits0
Rows per page
Query Builder