HM Courts & Tribunals ccd-data-store-api before 2019-06-10 allows SQL injection, related to SearchQueryFactoryOperation.java and SortDirection.java.
9.8CVSS
9.5AI Score
0.001EPSS
The COVIDSafe (Australia) app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufacturer data that is too short. This occurs because of an erroneous OpenTrace manuData.subdata call. T...
6.5CVSS
6.2AI Score
0.001EPSS
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
3.7CVSS
4.3AI Score
0.001EPSS