JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE Security Vulnerabilities

Microsoft Warns of New 'FalseFont' Backdoor Targeting the Defense Sector

Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker...

less: Fix of CVE-2024-32487

CVE-2024-32487: filename.c: quoting...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

CVE-2024-24919 Exploit script for...

Exploit for Out-of-bounds Write in Gnu Binutils

CVE-2021-20294-POC Jan 21 2023, Altin (tin-z),...

Missing Authorization

snipe/snipe-it is vulnerable to Missing Authorization. The vulnerability is due to the lack of authorization checks in the API endpoint, allowing users with "User" and "Self" permissions to modify group memberships without verifying if they are...

Malicious code in pyportfoliopt (PyPI)

-= Per source details. Do not edit below this...

Malicious code in clowpy (PyPI)

-= Per source details. Do not edit below this...

CVE-2023-25718

In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (different) attacker-controlled executable file. It.....

CVE-2023-25718

In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (different) attacker-controlled executable file. It.....

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

Mass Auto Scanner for CVE-2024-24919 This script is designed to...

Django Regex Algorithmic Complexity Causes Denial of Service

Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a crafted (1) EmailField (email address) or (2) URLField (URL) that triggers a large amount of backtracking in a...

Malicious code in pipcryptographylibraryv2 (PyPI)

-= Per source details. Do not edit below this...

Malicious code in pipcolorlibv3 (PyPI)

-= Per source details. Do not edit below this...

CVE-2024-20353

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.....

CVE-2023-25718

In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (different) attacker-controlled executable file. It.....

CVE-2023-44148

Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edit.This issue affects Astra Bulk Edit: from n/a through...

APM Server vulnerable to Insertion of Sensitive Information into Log File in github.com/elastic/apm-server

APM Server vulnerable to Insertion of Sensitive Information into Log File in...

ADP Grant - Detecting low resolution pictures of other users’ by StatusHints shown in in-call UI

In multiple functions of StatusHints.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for...

Bypass fix of CVE-2022-20347: Making bluetooth discoverable via SettingsIntelligence#SliceDeepLinkTrampoline to start Settings#BluetoothDashboardFragment

In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for...

Exploit for Out-of-bounds Write in Microsoft

CVE-2022-21882 Win32k Elevation Of Privileges...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

CVE-2024-24919 Checker A simple bash script to check for the...

Cisco IOS XE Software Unified Threat Defense DoS (cisco-sa-snort-dos-s2R7W9UU)

According to its self-reported version, Cisco UTD Software is affected by a denial of service vulnerability. A denial of service (DoS) vulnerability exists in the way the Snort detection engine processes ICMP traffic. An unauthenticated, remote attacker can exploit this issue by sending a series...

CVE-2024-20353

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.....

Exploit for Deserialization of Untrusted Data in Apache Log4J

<......

Malicious code in sparkk (PyPI)

-= Per source details. Do not edit below this...

Malicious code in scappy (PyPI)

-= Per source details. Do not edit below this...

Malicious code in chromeselenium (PyPI)

-= Per source details. Do not edit below this...

Malicious code in win23crypt (PyPI)

-= Per source details. Do not edit below this...

Malicious code in pylopenssl (PyPI)

-= Per source details. Do not edit below this...

Malicious code in proxieshexler (PyPI)

-= Per source details. Do not edit below this...

Malicious code in discord-scrapper (PyPI)

-= Per source details. Do not edit below this...

Malicious code in devide04 (PyPI)

-= Per source details. Do not edit below this...

ipa security update

[4.11.0-15.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] - Add bind to ipa-server-common Requires [Orabug: 36518596] [4.11.0-15] - Resolves: RHEL-32231 CVE-2024-3183 ipa: freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute...

CVE-2023-36684

Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through...

matrix-sdk-crypto contains a log exposure of private key of the server-side key backup

Introduction In Matrix, the server-side key backup stores encrypted copies of Matrix message keys. This facilitates key sharing between a user's devices and provides a redundant copy in case all devices are lost. The key backup uses asymmetric cryptography, with each server-side key backup...

Improper Restriction of XML External Entity Reference Jenkins Token Macro Plugin

An XML external entities (XXE) vulnerability in Jenkins Token Macro Plugin 2.7 and earlier allowed attackers able to control a the content of the input file for the "XML" macro to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side...

Vyper's raw_call `value=` kwargs not disabled for static and delegate calls

Summary Vyper compiler allows passing a value in builtin raw_call even if the call is a delegatecall or a staticcall. But in the context of delegatecall and staticcall the handling of value is not possible due to the semantics of the respective opcodes, and vyper will silently ignore the value=...

Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress. This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the...

Exploit for Allocation of Resources Without Limits or Throttling in Redhat Enterprise Linux

The DNS infrastructure used for this PoC was the one suggested...

Exploit for Deserialization of Untrusted Data in Apache Log4J

log4j-scan-turbo (Multi-threaded scanner) Test for the log4j...

CVE-2022-48704 drm/radeon: add a force flush to delay work when radeon

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: add a force flush to delay work when radeon Although radeon card fence and wait for gpu to finish processing current batch rings, there is still a corner case that radeon lockup work queue may not be fully flushed, and....

Malicious code in sclite (PyPI)

-= Per source details. Do not edit below this...

Malicious code in proxyscrapertool (PyPI)

-= Per source details. Do not edit below this...

Malicious code in hypixel-networth-api (PyPI)

-= Per source details. Do not edit below this...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

Intro Simple POC Python script that check & leverage Check...

BIT-gitlab-2024-4597

An issue has been discovered in GitLab EE affecting all versions from 16.7 before 16.9.7, all versions starting from 16.10 before 16.10.5, all versions starting from 16.11 before 16.11.2. An attacker could force a user with an active SAML session to approve an MR via...

IBM Operational Decision Manager - Java Deserialization

IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, an attacker could exploit this vulnerability to...

CVE-2024-3102

A JSON Injection vulnerability exists in the mintplex-labs/anything-llm application, specifically within the username parameter during the login process at the /api/request-token endpoint. The vulnerability arises from improper handling of values, allowing attackers to perform brute force attacks.....

Symfony allows direct access of ESI URLs behind a trusted proxy

All 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony HttpKernel component are affected by this security issue. Your application is vulnerable only if the ESI feature is enabled and there is a proxy in front of the web application. This issue has been fixed in Symfony 2.3.19, 2.4.9, and...

Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND

Summary UPDATED: (Corrected the affected fileset levels to reflect that bind.rte 7.1.916.2604 and 7.3.916.2601 are vulnerable) Multiple vulnerabilities in ISC BIND could allow a remote attacker to cause a denial of service. AIX uses ISC BIND as part of its DNS functions. Vulnerability Details **...