Lucene search

K

JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE Security Vulnerabilities

osv
osv

WhatsApp able to use microphone even after permissions revoked & app force stop in Android 13 Pixel 6

In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for...

3.1CVSS

6.6AI Score

0.001EPSS

2023-07-01 12:00 AM
5
nuclei
nuclei

Cisco ASA/FTD Software - Cross-Site Scripting

Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software are vulnerable to cross-site scripting and could allow an unauthenticated, remote attacker to conduct attacks against a user of the web services interface of an affected device. The vulnerabilities...

6.1CVSS

6.4AI Score

0.971EPSS

2021-06-24 03:34 PM
12
ibm
ibm

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to multiple vulnerabilities due to the use of IBM Db2

Summary IBM Virtualization Engine TS7700 is susceptible to the vulnerabilities listed below due to the embedded use of IBM Db2. IBM Db2 is used in TS7700 to store metadata about the data it manages. CVE-2023-30431, CVE-2023-29257, CVE-2023-26021, CVE-2023-25930, CVE-2023-27559, CVE-2023-40692....

8.4CVSS

10AI Score

0.003EPSS

2024-05-06 10:05 PM
3
osv
osv

Password brute force attack in github.com/IceWhaleTech/CasaOS-UserService

The CasaOS web application does not have protection against password brute force attacks. An attacker can use a password brute force attack to find and gain full access to the server. This vulnerability allows attackers to get super user-level access over the...

9.1CVSS

7.3AI Score

0.0004EPSS

2024-03-18 05:35 PM
2
metasploit
metasploit

Chef Web UI Brute Force Utility

This module attempts to login to Chef Web UI server instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. It will also test for the default login...

7.5AI Score

2015-02-18 05:49 AM
11
nessus
nessus

Cisco Firepower Threat Defense Software SSL/TLS DoS (cisco-sa-asaftd-ssl-dos-uu7mV5p6)

A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to...

8.6CVSS

7.3AI Score

0.001EPSS

2024-06-11 12:00 AM
2
veracode
veracode

XML Entity Expansion (XEE)

symfony/dependency-injection is vulnerable to XML Entity Expansion (XEE) . The vulnerability is due to XML Entity Expansion (XEE) attacks, where the use of libxml2 lacks defense against XEE Quadratic Blowup Attacks (QBA), allowing long entities to create a memory sink for Denial of Service attacks....

7AI Score

2024-05-30 06:01 AM
githubexploit
githubexploit

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

CVE-2024-30088 Bug: Bug is inside function...

7CVSS

7.4AI Score

0.0004EPSS

2024-06-24 10:37 AM
45
veracode
veracode

XML Entity Expansion

symfony/symfony is vulnerable to XML Entity Expansion. The vulnerability is due to all extensions that use libxml2 having no defense against Quadratic Blowup Attacks, which involve defining a long entity that is repeatedly referenced within the XML document, thus creating a potential memory sink...

7AI Score

2024-05-31 06:39 AM
1
hackerone
hackerone

U.S. Dept Of Defense: [HTAF4-213] [Pre-submission] XSS via arbitrary cookie name at the https://www2.██████/nssi/core/dot_stu_reg/Registration.aspx

Description We identified XSS via cookie name on the https://www2.███████/nssi/core/dot_stu_reg/Registration.aspx endpoint. The first cookie name is getting reflected on the page without sanitization: █████ POC (you can use Chrome Incognito mode for clear experiment) To trigger XSS on the...

5.6AI Score

2019-11-02 08:23 PM
2
githubexploit
githubexploit

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

ThemeBleed Proof-of-Concept for CVE-2023-38146 ("ThemeBleed")...

8.9AI Score

2023-09-13 04:00 AM
546
osv
osv

Brute force protection bypass in github.com/argoproj/argo-cd/v2

An attacker can effectively bypass the rate limit and brute force protections in Argo CD by exploiting the application's weak cache-based mechanism. The application's brute force protection relies on a cache mechanism that tracks login attempts for each user. An attacker can overflow this cache by....

9.8CVSS

7AI Score

0.002EPSS

2024-03-22 05:31 PM
6
trendmicroblog
trendmicroblog

ISPM + ITDR: Proactive Cyber Defense in the AI Era

In the ever-evolving landscape of cybersecurity, staying ahead of malicious actors requires a multifaceted...

7.3AI Score

2024-05-22 12:00 AM
5
veracode
veracode

Denial Of Service

JSON-Java is vulnerable to Denial of Service. The vulnerability is due to chars with value \0 being parsed incorrectly, which can results in an input string of modest size causing indefinite amounts of memory...

7.5CVSS

6.8AI Score

0.001EPSS

2023-10-13 05:14 AM
12
cve
cve

CVE-2018-25084

A vulnerability, which was classified as problematic, has been found in Ping Identity Self-Service Account Manager 1.1.2. Affected by this issue is some unknown functionality of the file src/main/java/com/unboundid/webapp/ssam/SSAMController.java. The manipulation leads to cross site scripting....

6.1CVSS

6AI Score

0.001EPSS

2023-04-10 06:15 PM
15
osv
osv

Granting access of protected ContentProviders on behalf of Launcher

In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

7.8CVSS

7.1AI Score

0.0004EPSS

2023-12-01 12:00 AM
5
nessus
nessus

Cisco Firepower Threat Defense Software Privilege Escalation (cisco-sa-asaftd-persist-rce-FLsNXF4h)

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level...

6CVSS

6.8AI Score

0.001EPSS

2024-04-25 12:00 AM
44
veracode
veracode

Denial Of Service

libexpat is vulnerable of Denial of service. The vulnerability due to many full reparsings are required in the case of a large token for which multiple buffer fills are needed. It leads to the exhaustion of available...

7.5CVSS

6.8AI Score

0.001EPSS

2024-02-11 08:46 AM
11
openvas
openvas

PQI Air Pen Express Remote Detection

Detection of installed version of PQI Air Pen Express. This script sends an HTTP GET request and tries to get the version from the ...

7.2AI Score

2016-02-18 12:00 AM
12
veracode
veracode

Denial Of Service

rack is vulnerable to a Denial of service. The vulnerability is due to header parsing routines being susceptible to carefully crafted headers, which can cause the parsing process to take longer than expected, leading to a possible denial of service issue. This specifically impacts the Accept and...

5.3CVSS

6.5AI Score

0.0004EPSS

2024-02-29 05:37 AM
12
veracode
veracode

Out-Of-Bounds

chromium is vulnerable to Out-Of-Bounds. The vulnerability is due to improper handling of specific UI gestures via a crafted HTML page, potentially allowing a remote attacker to exploit heap...

5.9AI Score

0.0004EPSS

2024-06-03 04:51 PM
osv
osv

Symfony XXE security vulnerability

Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...

7.2AI Score

2024-05-30 12:49 AM
1
github
github

Symfony XXE security vulnerability

Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...

7.2AI Score

2024-05-30 12:49 AM
1
osv
osv

symfony/translation XML Entity Expansion vulnerability

Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...

7.2AI Score

2024-05-30 01:02 PM
5
openvas
openvas

SSL/TLS: Certificate - Self-Signed Certificate Detection

The SSL/TLS certificate on this port is...

7.3AI Score

2011-04-27 12:00 AM
11
openvas
openvas

F5 BIG-IP - BIG-IP ASM Proactive Bot Defense vulnerability CVE-2016-7472

When Proactive Bot Defense is configured, BIG-IP ASM 12.1.0 and 12.1.1 systems may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP header....

7.5CVSS

7.4AI Score

0.002EPSS

2016-11-14 12:00 AM
24
osv
osv

Symfony XML Entity Expansion security vulnerability

Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...

7.2AI Score

2024-05-30 12:21 PM
4
osv
osv

Symfony XML Entity Expansion security vulnerability

Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...

7.2AI Score

2024-05-29 07:59 PM
1
osv
osv

Mattermost leaks details of AD/LDAP groups of a teams

Mattermost fails to properly authorize the requests fetching team associated AD/LDAP groups, allowing a user to fetch details of AD/LDAP groups of a team that they are not a member...

4.3CVSS

7AI Score

0.0004EPSS

2024-02-29 09:30 AM
5
veracode
veracode

Denial Of Service (DoS)

eventlet and dnspython are vulnerable to Denial Of Service (DoS). The vulnerability is due to a lack of enforcing the preferred behavior of waiting for a valid packet during DNS name resolution, allowing remote attackers to interfere with the resolution process by quickly sending an invalid packet....

6.4AI Score

0.0004EPSS

2024-04-15 12:06 PM
11
veracode
veracode

Denial Of Service (DoS)

io.netty: netty-codec-http is vulnerable to Denial Of Service (DoS). The vulnerability is due to missing form field restrictions within the HttpPostRequestDecoder class. An attacker can send a chunked POST request with many small form fields, possibly resulting in Denial of Service...

5.3CVSS

6.7AI Score

0.0004EPSS

2024-03-28 03:09 AM
13
veracode
veracode

Denial Of Service (DoS)

nodejs is vulnerable to Denial Of Service (DoS). The vulnerability exists when an invalid public key is used to create an x509 certificate using the crypto.X509Certificate() API. A non-expected termination occurs, making it susceptible to Denial of Service (DoS) attacks. In this scenario, an...

5.3CVSS

6.8AI Score

0.001EPSS

2023-11-29 05:49 AM
13
veracode
veracode

Denial Of Service

dnsmasq is vulnerable to Denial of Service. The vulnerability due to KeyTrap issue when dealing with a zone that contains numerous DNSKEY (DNS Key) and RRSIG (Resource Record Signature) records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG....

7.5CVSS

6.6AI Score

0.05EPSS

2024-02-18 06:35 AM
17
veracode
veracode

Denial Of Service

dnsmasq is vulnerable to Denial Of Service. The attacker can exploit this vulnerability by sending crafted DNSSEC responses to the target system, causing it to consume excessive CPU...

6.5AI Score

0.0005EPSS

2024-02-15 02:59 AM
8
github
github

Symfony XML Entity Expansion security vulnerability

Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...

7.2AI Score

2024-05-29 07:59 PM
3
cve
cve

CVE-2023-1740

A vulnerability was found in SourceCodester Air Cargo Management System 1.0. It has been classified as critical. Affected is an unknown function of the file admin/user/manage_user.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible....

9.8CVSS

9.7AI Score

0.001EPSS

2023-03-30 09:15 PM
22
osv
osv

symfony/validator XML Entity Expansion vulnerability

Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...

7.2AI Score

2024-05-30 01:10 PM
4
cve
cve

CVE-2023-2155

A vulnerability was found in SourceCodester Air Cargo Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file classes/Master.php?f=save_cargo_type. The manipulation of the argument name leads to cross site scripting. The attack can be...

4.8CVSS

5AI Score

0.001EPSS

2023-04-18 03:15 PM
22
github
github

Symfony XML Entity Expansion security vulnerability

Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...

7.2AI Score

2024-05-30 12:21 PM
veracode
veracode

Denial Of Service (DoS)

socket.io is vulnerable to Denial Of Service (DoS). The vulnerability is due to a specially crafted Socket.IO packet triggering an uncaught exception, which kills the Node.js process, allowing an attacker to crash the server by sending a malicious...

7.3CVSS

6.6AI Score

0.0004EPSS

2024-06-20 05:58 AM
1
veracode
veracode

Denial Of Service (DoS)

org.apache.tomcat: tomcat-websocket is vulnerable to Denial of Service (DoS). The vulnerability is due to improper cleanup of WebSocket connections during a session timeout. If a client fails to send a close message within the timeout period, the websocket connection will continue to hold...

6.5AI Score

0.0004EPSS

2024-03-15 06:11 AM
16
github
github

symfony/translation XML Entity Expansion vulnerability

Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...

7.2AI Score

2024-05-30 01:02 PM
1
veracode
veracode

Denial Of Service (DoS)

Apache Avro is vulnerable to Buffer Overflow. The vulnerability is due to improper handling of deserialization when processing untrusted or corrupted data. This can result in a reader consuming memory beyond the allowed constraints, potentially leading to an out-of-memory condition on the...

7.5CVSS

6.5AI Score

0.008EPSS

2023-10-05 06:04 AM
1
githubexploit
githubexploit

Exploit for Race Condition in Microsoft

CVE-2023-36884: MS Office HTML RCE with crafted documents On...

7.5CVSS

8.2AI Score

0.227EPSS

2023-09-28 11:53 AM
479
veracode
veracode

Deserialization Of Untrusted Data

mlflow is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to improper handling of untrusted data in the _load_model_from_local_file function within the sklearn/init .py. The vulnerability allows an attacker to inject a malicious pickle object into a model file on...

8.8CVSS

7.3AI Score

0.0004EPSS

2024-06-17 04:59 AM
1
veracode
veracode

Denial Of Service (DoS)

samba is vulnerable to Denial of Service (DoS) attacks. This vulnerability occurs when Samba parses a specially crafted RPC request. If the request is valid, Samba will enter an infinite loop. This could cause Samba to consume excessive CPU resources and eventually...

7.5CVSS

6.7AI Score

0.033EPSS

2023-08-06 10:02 AM
12
hackerone
hackerone

U.S. Dept Of Defense: [HTAF4-213] [Pre-submission] Unsafe AMF deserialization (CVE-2017-5641) in Apache Flex BlazeDS at the https://www.███████/daip/messagebroker/amf

Description We identified potential unsafe deserialization vulnerability on the https://www.█████/daip/messagebroker/amf endpoint. POC To exclude false-positive reaction and show that pingback is result of AMF deserialization, and not a reaction to the external host in the POST body, first run...

9.8CVSS

7.1AI Score

0.098EPSS

2019-11-04 04:12 AM
4
veracode
veracode

Denial Of Service (DoS)

langchain is vulnerable to a Denial-of-Service (DoS). The vulnerability is due to infinite recursion in the parse_sitemap method, which results in an infinite loop that exceeds the maximum recursion depth in...

4.2CVSS

6.7AI Score

0.0004EPSS

2024-06-11 08:54 AM
1
veracode
veracode

Deserialization Of Untrusted Data

mlflow is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to unsafe deserialization in the function _load_model_from_local_file within sklearn/init.py. An attacker can inject a malicious pickle object into a model file on upload, which will be deserialized resulting in...

8.8CVSS

7.1AI Score

0.0004EPSS

2024-06-17 06:19 AM
1
veracode
veracode

Denial Of Service (DoS)

org.apache.tomcat, tomcat-coyote is vulnerable to Denial of Service (DoS). The vulnerability is due to improper request handling when processing an HTTP/2 request that exceeds any of the configured limits for headers, leading to the associated HTTP/2 stream not being reset until after all of the...

6.6AI Score

0.0004EPSS

2024-03-16 08:57 PM
9
Total number of security vulnerabilities2372154