JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE Security Vulnerabilities
Mattermost Desktop App Remote Code Execution
Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI...
4.7CVSS
7AI Score
0.0004EPSS
CVE-2024-24919 Checker A simple bash script to check for the...
8.6CVSS
6.2AI Score
0.945EPSS
CVE-2023-52463 efivarfs: force RO when remounting if SetVariable is not supported
In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as RO so no one can...
6.7AI Score
0.0004EPSS
kkFileView 4.1.0 - Server-Side Request Forgery
kkFileView 4.1.0 is susceptible to server-side request forgery via the component cn.keking.web.controller.OnlinePreviewController#getCorsFile. An attacker can force the application to make arbitrary requests via injection of crafted URLs into the url parameter and thereby potentially obtain...
7.5CVSS
7.9AI Score
0.009EPSS
Regular Expression Denial Of Service (ReDoS)
@lambda-middleware/json-deserializer is vulnerable to Regular Expression Denial Of Service (ReDoS). The vulnerability is due to inefficient regular expression used to identify a JSON mime-type in function isJsonMimeType in the file JsonDeserializer.ts . An attacker can exploit this complexity in...
3.5CVSS
6.7AI Score
0.0004EPSS
Man-in-the-middle attacker can compromise integrity of secure channel in golang.org/x/crypto
A protocol weakness allows a MITM attacker to compromise the integrity of the secure channel before it is established, allowing the attacker to prevent transmission of a number of messages immediately after the secure channel is established without either side being aware. The impact of this...
5.9CVSS
7AI Score
0.963EPSS
7.1AI Score
7.1AI Score
7.1AI Score
Security Bulletin: AIX is affected by a denial of service due to Python (CVE-2024-0450)
Summary Vulnerability in Python could allow a remote attacker to cause a denial of service (CVE-2024-0450). Python is used by AIX as part of Ansible node management automation. Vulnerability Details ** CVEID: CVE-2024-0450 DESCRIPTION: **Python CPython is vulnerable to a denial of service, caused.....
6.2CVSS
7.3AI Score
0.0005EPSS
Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5; Starter Templates: from n/a through...
6.5CVSS
6.5AI Score
0.0004EPSS
In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.1AI Score
0.0004EPSS
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that.....
9.8CVSS
7.4AI Score
0.038EPSS
Denial of Service in rack-contrib via "profiler_runs" parameter
rack-contrib prior to version 2.5.0 is vulnerable to a Denial of Service via the profiler_runs HTTP request parameter. Versions Affected: < 2.5.0 Fixed Versions: >= 2.5.0 Impact An attacker can trigger a Denial of Service by sending an HTTP request with an overly large profiler_runs parameter...
6.9AI Score
EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
log4shell-finder - Fastest file system scanner for log4j...
8AI Score
Improper Neutralization Of Null Byte Or NUL Character
X.Org server is vulnerable to Improper Neutralization Of Null Byte Or NUL Character. The vulnerability is caused due to GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client tries to access the buffer , the XSELINUX code will try to use an...
5.5CVSS
7.4AI Score
0.0004EPSS
Exploit for Allocation of Resources Without Limits or Throttling in Redhat Enterprise Linux
The DNS infrastructure used for this PoC was the one suggested...
7.2AI Score
Inappropriate implementation in in Permission prompts in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to force acceptance of a permission prompt via a crafted HTML page. (Chromium security severity:...
6.5CVSS
5.2AI Score
0.002EPSS
Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node’s IPv6 interface due to the node accepting route...
6CVSS
4.5AI Score
0.001EPSS
Improper Neutralization of Special Elements in Output in helm.sh/helm/v3
Since Helm 2 was released, a well-documented aspect of Helm is that the Helm chart's version number MUST follow the SemVer2 specification. In the past, Helm would not permit charts with malformed versions. At some point, a patch was merged that changed this - On a version parse error, the version.....
6.8CVSS
0.3AI Score
0.001EPSS
Django Regex Algorithmic Complexity Causes Denial of Service
Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a crafted (1) EmailField (email address) or (2) URLField (URL) that triggers a large amount of backtracking in a...
6.1AI Score
0.061EPSS
Security Bulletin: IBM MQ Appliance is vulnerable to a denial of service attack (CVE-2024-35116)
Summary IBM MQ Appliance has addressed a denial of service vulnerability. Vulnerability Details CVEID: CVE-2024-35116 DESCRIPTION: IBM MQ is vulnerable to a denial of service attack caused by an error applying configuration changes. CVSS Base score: 5.9 CVSS Temporal Score: See: ...
5.9CVSS
6.5AI Score
EPSS
Passbolt Api Retrieval of HTTP-only cookies
Passbolt uses three cookies: a session cookie, a CSRF protection cookie and a cookie to keep track of the multiple-factor authentication process. Both the session cookie and the mfa cookie are properly set HTTP-only to prevent an attacker from retrieving the content of those cookies if they...
6.4AI Score
New Attack Against Self-Driving Car AI
This is another attack that convinces the AI to ignore road signs: Due to the way CMOS cameras operate, rapidly changing light from fast flashing diodes can be used to vary the color. For example, the shade of red on a stop sign could look different on each line depending on the time between the...
7AI Score
Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft
Follina Proof of Concept (CVE-2022-30190) Quick and easy...
7.8CVSS
8.6AI Score
0.962EPSS
Exploit for Out-of-bounds Write in Microsoft
CVE-2022-21882 Win32k Elevation Of Privileges...
7.8CVSS
8.2AI Score
0.001EPSS
APM Server vulnerable to Insertion of Sensitive Information into Log File in...
7.5CVSS
6.7AI Score
0.001EPSS
ADP Grant - Detecting low resolution pictures of other users’ by StatusHints shown in in-call UI
In multiple functions of StatusHints.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for...
5.5CVSS
5.8AI Score
0.0004EPSS
In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
8.1AI Score
0.002EPSS
CVE-2024-24919 Usage Usage: ./CVE-2024-24919.sh -i ...
8.6CVSS
6.3AI Score
0.945EPSS
CVE-2024-24919 Usage Usage: ./CVE-2024-24919.sh -i ...
8.6CVSS
6.3AI Score
0.945EPSS
Microsoft Warns of New 'FalseFont' Backdoor Targeting the Defense Sector
Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker...
9.8CVSS
9.6AI Score
0.972EPSS
Exploit for Out-of-bounds Write in Gnu Glibc
LooneyPwner Exploit tool for CVE-2023-4911, targeting the...
8.2AI Score
snipe/snipe-it is vulnerable to Missing Authorization. The vulnerability is due to the lack of authorization checks in the API endpoint, allowing users with "User" and "Self" permissions to modify group memberships without verifying if they are...
7.6CVSS
6.7AI Score
0.0004EPSS
Laravel Risk of mass-assignment vulnerabilities
Laravel 4.1.29 improves the column quoting for all database drivers. This protects your application from some mass assignment vulnerabilities when not using the fillable property on models. If you are using the fillable property on your models to protect against mass assignment, your application...
7.2AI Score
Laravel Risk of mass-assignment vulnerabilities
Laravel 4.1.29 improves the column quoting for all database drivers. This protects your application from some mass assignment vulnerabilities when not using the fillable property on models. If you are using the fillable property on your models to protect against mass assignment, your application...
7.2AI Score
CVE-2024-24919 Exploit script for...
8.6CVSS
6.3AI Score
0.945EPSS
Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC
An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory...
8.2CVSS
8.1AI Score
0.001EPSS
6.4AI Score
0.0004EPSS
Cisco IOS XE Software Unified Threat Defense DoS (cisco-sa-snort-dos-s2R7W9UU)
According to its self-reported version, Cisco UTD Software is affected by a denial of service vulnerability. A denial of service (DoS) vulnerability exists in the way the Snort detection engine processes ICMP traffic. An unauthenticated, remote attacker can exploit this issue by sending a series...
7.5CVSS
7.5AI Score
0.004EPSS
Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edit.This issue affects Astra Bulk Edit: from n/a through...
5.4CVSS
5.5AI Score
0.0004EPSS
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
Important: ipa security update
AlmaLinux Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): freeipa: delegation rules allow a proxy service to impersonate any user to access another target...
8.1CVSS
7.2AI Score
0.0005EPSS
[4.11.0-15.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] - Add bind to ipa-server-common Requires [Orabug: 36518596] [4.11.0-15] - Resolves: RHEL-32231 CVE-2024-3183 ipa: freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute...
8.1CVSS
6.5AI Score
0.0005EPSS
A JSON Injection vulnerability exists in the mintplex-labs/anything-llm application, specifically within the username parameter during the login process at the /api/request-token endpoint. The vulnerability arises from improper handling of values, allowing attackers to perform brute force attacks.....
5.3CVSS
7.3AI Score
0.0004EPSS
Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through...
7.1CVSS
6.9AI Score
0.0004EPSS