722 matches found
Mobile Security Framework 安全漏洞
Mobile Security Framework MobSF is an automated all-in-one mobile application open-sourced by Mobile Security Framework. Used for penetration testing, malware analysis and security assessments, it is capable of performing both static and dynamic analysis. A security vulnerability exists in Mobile...
PT-2024-2891 · Unknown · Mobile Security Framework
Name of the Vulnerable Software and Affected Versions: Mobile Security Framework MobSF versions prior to 3.9.8 Description: A Server-Side Request Forgery SSRF vulnerability exists in the firebase database check logic of the Mobile Security Framework MobSF. This allows an attacker to cause the...
PT-2024-23: Server-Side Request Forgery (SSRF) in Mobile Security Framework (MobSF)
The vulnerability was identified in Mobile Security Framework MobSF, versions =3.9.7. The discovered SSRF vulnerability in Firebase Database Check can be exploited by an attacker to make server connect to internal-only services. It is possible to make internal requests in case a malicious app is...
PYSEC-2024-257
Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In version 3.9.5 Beta and prior, MobSF does not perform any input validation when extracting the hostnames in android:host, so requests can also ...
PYSEC-2024-257
Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In version 3.9.5 Beta and prior, MobSF does not perform any input validation when extracting the hostnames in android:host, so requests can also ...
CVE-2024-29190 MobSF SSRF Vulnerability on assetlinks_check(act_name, well_knowns)
Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In version 3.9.5 Beta and prior, MobSF does not perform any input validation when extracting the hostnames in android:host, so requests can also ...
Mobile Security Framework 安全漏洞
Mobile Security Framework MobSF is Mobile Security Framework open source an automated all-in-one mobile application . Used for penetration testing, malware analysis and security assessments, it is capable of performing both static and dynamic analysis. A security vulnerability exists in Mobile...
PT-2024-22794 · Unknown · Mobile Security Framework
Name of the Vulnerable Software and Affected Versions: Mobile Security Framework MobSF versions 3.9.5 Beta and prior Description: The issue arises from the lack of input validation when extracting hostnames in android:host, allowing requests to be sent to local hostnames. This can lead to...
publinmuebles.com Cross Site Scripting vulnerability OBB-3870309
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
SuiteCRM Code Issue Vulnerability (CNVD-2024-28186)
SuiteCRM is a customer relationship management system from the SuiteCRM team. SuiteCRM 7.14.2 suffers from a code issue vulnerability that stems from the presence of a local file inclusion vulnerability. No detailed vulnerability details are provided at this time...
gflexonline.nl Improper Access Control vulnerability OBB-3866454
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
zelfenergieproduceren.nl Cross Site Scripting vulnerability OBB-3865206
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
kinotv.info Cross Site Scripting vulnerability OBB-3858769
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
itpcc.net Improper Access Control vulnerability OBB-3858419
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
atomretro.com Cross Site Scripting vulnerability OBB-3857739
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bd-products.com Cross Site Scripting vulnerability OBB-3852498
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CISA and OpenSSF Release Framework for Package Repository Security
The U.S. Cybersecurity and Infrastructure Security Agency CISA announced that it's partnering with the Open Source Security Foundation OpenSSF Securing Software Repositories Working Group to publish a new framework to secure package repositories. Called the Principles for Package Repository...
hainescentre.com Cross Site Scripting vulnerability OBB-3851488
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
sapbsi.ipn.mx Cross Site Scripting vulnerability OBB-3849751
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bluearuba.com Cross Site Scripting vulnerability OBB-3849170
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...