In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for...
3.1CVSS
6.6AI Score
0.001EPSS
Cisco ASA/FTD Software - Cross-Site Scripting
Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software are vulnerable to cross-site scripting and could allow an unauthenticated, remote attacker to conduct attacks against a user of the web services interface of an affected device. The vulnerabilities...
6.1CVSS
6.4AI Score
0.971EPSS
Summary IBM Virtualization Engine TS7700 is susceptible to the vulnerabilities listed below due to the embedded use of IBM Db2. IBM Db2 is used in TS7700 to store metadata about the data it manages. CVE-2023-30431, CVE-2023-29257, CVE-2023-26021, CVE-2023-25930, CVE-2023-27559, CVE-2023-40692....
8.4CVSS
10AI Score
0.003EPSS
Password brute force attack in github.com/IceWhaleTech/CasaOS-UserService
The CasaOS web application does not have protection against password brute force attacks. An attacker can use a password brute force attack to find and gain full access to the server. This vulnerability allows attackers to get super user-level access over the...
9.1CVSS
7.3AI Score
0.0004EPSS
Chef Web UI Brute Force Utility
This module attempts to login to Chef Web UI server instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. It will also test for the default login...
7.5AI Score
Cisco Firepower Threat Defense Software SSL/TLS DoS (cisco-sa-asaftd-ssl-dos-uu7mV5p6)
A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to...
8.6CVSS
7.3AI Score
0.001EPSS
symfony/dependency-injection is vulnerable to XML Entity Expansion (XEE) . The vulnerability is due to XML Entity Expansion (XEE) attacks, where the use of libxml2 lacks defense against XEE Quadratic Blowup Attacks (QBA), allowing long entities to create a memory sink for Denial of Service attacks....
7AI Score
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft
CVE-2024-30088 Bug: Bug is inside function...
7CVSS
7.4AI Score
0.0004EPSS
symfony/symfony is vulnerable to XML Entity Expansion. The vulnerability is due to all extensions that use libxml2 having no defense against Quadratic Blowup Attacks, which involve defining a long entity that is repeatedly referenced within the XML document, thus creating a potential memory sink...
7AI Score
Description We identified XSS via cookie name on the https://www2.███████/nssi/core/dot_stu_reg/Registration.aspx endpoint. The first cookie name is getting reflected on the page without sanitization: █████ POC (you can use Chrome Incognito mode for clear experiment) To trigger XSS on the...
5.6AI Score
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft
ThemeBleed Proof-of-Concept for CVE-2023-38146 ("ThemeBleed")...
8.9AI Score
Brute force protection bypass in github.com/argoproj/argo-cd/v2
An attacker can effectively bypass the rate limit and brute force protections in Argo CD by exploiting the application's weak cache-based mechanism. The application's brute force protection relies on a cache mechanism that tracks login attempts for each user. An attacker can overflow this cache by....
9.8CVSS
7AI Score
0.002EPSS
ISPM + ITDR: Proactive Cyber Defense in the AI Era
In the ever-evolving landscape of cybersecurity, staying ahead of malicious actors requires a multifaceted...
7.3AI Score
JSON-Java is vulnerable to Denial of Service. The vulnerability is due to chars with value \0 being parsed incorrectly, which can results in an input string of modest size causing indefinite amounts of memory...
7.5CVSS
6.8AI Score
0.001EPSS
A vulnerability, which was classified as problematic, has been found in Ping Identity Self-Service Account Manager 1.1.2. Affected by this issue is some unknown functionality of the file src/main/java/com/unboundid/webapp/ssam/SSAMController.java. The manipulation leads to cross site scripting....
6.1CVSS
6AI Score
0.001EPSS
Granting access of protected ContentProviders on behalf of Launcher
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
Cisco Firepower Threat Defense Software Privilege Escalation (cisco-sa-asaftd-persist-rce-FLsNXF4h)
A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level...
6CVSS
6.8AI Score
0.001EPSS
libexpat is vulnerable of Denial of service. The vulnerability due to many full reparsings are required in the case of a large token for which multiple buffer fills are needed. It leads to the exhaustion of available...
7.5CVSS
6.8AI Score
0.001EPSS
PQI Air Pen Express Remote Detection
Detection of installed version of PQI Air Pen Express. This script sends an HTTP GET request and tries to get the version from the ...
7.2AI Score
rack is vulnerable to a Denial of service. The vulnerability is due to header parsing routines being susceptible to carefully crafted headers, which can cause the parsing process to take longer than expected, leading to a possible denial of service issue. This specifically impacts the Accept and...
5.3CVSS
6.5AI Score
0.0004EPSS
chromium is vulnerable to Out-Of-Bounds. The vulnerability is due to improper handling of specific UI gestures via a crafted HTML page, potentially allowing a remote attacker to exploit heap...
5.9AI Score
0.0004EPSS
Symfony XXE security vulnerability
Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...
7.2AI Score
Symfony XXE security vulnerability
Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...
7.2AI Score
symfony/translation XML Entity Expansion vulnerability
Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...
7.2AI Score
SSL/TLS: Certificate - Self-Signed Certificate Detection
The SSL/TLS certificate on this port is...
7.3AI Score
F5 BIG-IP - BIG-IP ASM Proactive Bot Defense vulnerability CVE-2016-7472
When Proactive Bot Defense is configured, BIG-IP ASM 12.1.0 and 12.1.1 systems may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP header....
7.5CVSS
7.4AI Score
0.002EPSS
Symfony XML Entity Expansion security vulnerability
Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...
7.2AI Score
Symfony XML Entity Expansion security vulnerability
Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...
7.2AI Score
Mattermost leaks details of AD/LDAP groups of a teams
Mattermost fails to properly authorize the requests fetching team associated AD/LDAP groups, allowing a user to fetch details of AD/LDAP groups of a team that they are not a member...
4.3CVSS
7AI Score
0.0004EPSS
eventlet and dnspython are vulnerable to Denial Of Service (DoS). The vulnerability is due to a lack of enforcing the preferred behavior of waiting for a valid packet during DNS name resolution, allowing remote attackers to interfere with the resolution process by quickly sending an invalid packet....
6.4AI Score
0.0004EPSS
io.netty: netty-codec-http is vulnerable to Denial Of Service (DoS). The vulnerability is due to missing form field restrictions within the HttpPostRequestDecoder class. An attacker can send a chunked POST request with many small form fields, possibly resulting in Denial of Service...
5.3CVSS
6.7AI Score
0.0004EPSS
nodejs is vulnerable to Denial Of Service (DoS). The vulnerability exists when an invalid public key is used to create an x509 certificate using the crypto.X509Certificate() API. A non-expected termination occurs, making it susceptible to Denial of Service (DoS) attacks. In this scenario, an...
5.3CVSS
6.8AI Score
0.001EPSS
dnsmasq is vulnerable to Denial of Service. The vulnerability due to KeyTrap issue when dealing with a zone that contains numerous DNSKEY (DNS Key) and RRSIG (Resource Record Signature) records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG....
7.5CVSS
6.6AI Score
0.05EPSS
dnsmasq is vulnerable to Denial Of Service. The attacker can exploit this vulnerability by sending crafted DNSSEC responses to the target system, causing it to consume excessive CPU...
6.5AI Score
0.0005EPSS
Symfony XML Entity Expansion security vulnerability
Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...
7.2AI Score
A vulnerability was found in SourceCodester Air Cargo Management System 1.0. It has been classified as critical. Affected is an unknown function of the file admin/user/manage_user.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible....
9.8CVSS
9.7AI Score
0.001EPSS
symfony/validator XML Entity Expansion vulnerability
Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...
7.2AI Score
A vulnerability was found in SourceCodester Air Cargo Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file classes/Master.php?f=save_cargo_type. The manipulation of the argument name leads to cross site scripting. The attack can be...
4.8CVSS
5AI Score
0.001EPSS
Symfony XML Entity Expansion security vulnerability
Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...
7.2AI Score
socket.io is vulnerable to Denial Of Service (DoS). The vulnerability is due to a specially crafted Socket.IO packet triggering an uncaught exception, which kills the Node.js process, allowing an attacker to crash the server by sending a malicious...
7.3CVSS
6.6AI Score
0.0004EPSS
org.apache.tomcat: tomcat-websocket is vulnerable to Denial of Service (DoS). The vulnerability is due to improper cleanup of WebSocket connections during a session timeout. If a client fails to send a close message within the timeout period, the websocket connection will continue to hold...
6.5AI Score
0.0004EPSS
symfony/translation XML Entity Expansion vulnerability
Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...
7.2AI Score
Apache Avro is vulnerable to Buffer Overflow. The vulnerability is due to improper handling of deserialization when processing untrusted or corrupted data. This can result in a reader consuming memory beyond the allowed constraints, potentially leading to an out-of-memory condition on the...
7.5CVSS
6.5AI Score
0.008EPSS
Exploit for Race Condition in Microsoft
CVE-2023-36884: MS Office HTML RCE with crafted documents On...
7.5CVSS
8.2AI Score
0.227EPSS
Deserialization Of Untrusted Data
mlflow is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to improper handling of untrusted data in the _load_model_from_local_file function within the sklearn/init .py. The vulnerability allows an attacker to inject a malicious pickle object into a model file on...
8.8CVSS
7.3AI Score
0.0004EPSS
samba is vulnerable to Denial of Service (DoS) attacks. This vulnerability occurs when Samba parses a specially crafted RPC request. If the request is valid, Samba will enter an infinite loop. This could cause Samba to consume excessive CPU resources and eventually...
7.5CVSS
6.7AI Score
0.033EPSS
Description We identified potential unsafe deserialization vulnerability on the https://www.█████/daip/messagebroker/amf endpoint. POC To exclude false-positive reaction and show that pingback is result of AMF deserialization, and not a reaction to the external host in the POST body, first run...
9.8CVSS
7.1AI Score
0.098EPSS
langchain is vulnerable to a Denial-of-Service (DoS). The vulnerability is due to infinite recursion in the parse_sitemap method, which results in an infinite loop that exceeds the maximum recursion depth in...
4.2CVSS
6.7AI Score
0.0004EPSS
Deserialization Of Untrusted Data
mlflow is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to unsafe deserialization in the function _load_model_from_local_file within sklearn/init.py. An attacker can inject a malicious pickle object into a model file on upload, which will be deserialized resulting in...
8.8CVSS
7.1AI Score
0.0004EPSS
org.apache.tomcat, tomcat-coyote is vulnerable to Denial of Service (DoS). The vulnerability is due to improper request handling when processing an HTTP/2 request that exceeds any of the configured limits for headers, leading to the associated HTTP/2 stream not being reset until after all of the...
6.6AI Score
0.0004EPSS