JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE Security Vulnerabilities
Cisco Firepower Threat Defense Software Encrypted Archive File Policy Bypass Vulnerability
A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a.....
7.3AI Score
0.0004EPSS
Multiple Cisco Products Snort 3 HTTP Intrusion Prevention System Rule Bypass Vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker...
7.2AI Score
0.0004EPSS
Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentry API incorrectly returns the access-control-allow-credentials: true HTTP header if the Origin request header ends with the system.base-hostname option of Sentry...
6.8CVSS
6.9AI Score
0.001EPSS
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana (OnPrem) build 275. Vulnerability Details ** CVEID: CVE-2023-43804 DESCRIPTION: **urllib3 could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw with cookie request header not.....
8.8CVSS
9.9AI Score
0.732EPSS
A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to...
6.6AI Score
0.001EPSS
A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected...
7.2AI Score
0.0004EPSS
A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an...
7.2AI Score
0.0004EPSS
A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of...
1.5AI Score
0.001EPSS
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential.....
ezsystems/ezplatform-user is vulnerable to Brute Force Attack. The vulnerability is due to the password reset functionality not having sufficient protections against brute force attacks, allowing attackers to repeatedly attempt different passwords to gain unauthorized access to user...
7.5AI Score
An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary...
9.8CVSS
7.6AI Score
0.002EPSS
Summary IBM Virtualization Engine TS7700 is vulnerable to two potential denial of service conditions (CVE-2023-44487, CVE-2024-25026) and two instances of weaker than expected security (CVE-2023-50312, CVE-2023-46158) due to WebSphere Application Server Liberty. WebSphere Application Server...
9.8CVSS
7.8AI Score
0.732EPSS
Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion
Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software is vulnerable to local file inclusion due to directory traversal attacks that can read sensitive files on a targeted system because of a lack of proper input validation of URLs in HTTP requests...
7.5CVSS
7.2AI Score
0.974EPSS
Cisco Firepower Management Center Software Object Group Access Control List Bypass Vulnerability
A vulnerability in the Object Groups for Access Control Lists (ACLs) feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense (FTD) Software....
7.3AI Score
0.0004EPSS
silverstripe/framework is vulnerable to Brute Force attacks. The vulnerability is due to the default Administrator accounts not being subject to the same brute force protection as other Member accounts, allowing unlimited login...
7AI Score
U.S. Dept Of Defense: Out-Of-Bounds Memory Read on ███
Vulnerability Identifier: OOB Memory Read (CVE-ID Pending) Affected System: Netscaler ADC and Gateway deployed at https://███████/nf/auth/doAuthentication.do Overview: An out-of-bounds (OOB) memory read vulnerability has been identified in Netscaler ADC (Application Delivery Controller) and...
9.4CVSS
7.8AI Score
0.971EPSS
ezsystems/ezplatform-admin-ui is vulnerable to a Brute Force Attack. The vulnerability is due to a weakness in the forgotten password reset functionality, which allows excessive attempts without sufficient lockout...
7.1AI Score
In isBluetoothShareUri of BluetoothOppUtility.java, there is a possible incorrect file read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for...
5.5CVSS
5.7AI Score
0.0004EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
CloudArmor · Runtime Application Self-Protection Module -...
9.1AI Score
Tokenizer vulnerable to client brute-force of token secrets
Impact Authorized clients, having an inject_processor secret, could brute-force the secret token value by abusing the fmt parameter to the Proxy-Tokenizer header. Patches This was fixed in https://github.com/superfly/tokenizer/pull/8 and further mitigated in...
6.8AI Score
Tokenizer vulnerable to client brute-force of token secrets
Impact Authorized clients, having an inject_processor secret, could brute-force the secret token value by abusing the fmt parameter to the Proxy-Tokenizer header. Patches This was fixed in https://github.com/superfly/tokenizer/pull/8 and further mitigated in...
6.8AI Score
7.1AI Score
U.S. Dept Of Defense: Subdomain Takeover via Host Header Injection on www.█████
Vulnerability Overview Reported By: Ezequiel [@ezequielpuig] Reported Date: 01/October/2023 Reported To: U.S. Department Of Defense Vulnerability Type: Subdomain Takeover Affected URL: www.███████ Hello U.S. Department Of Defense Security Team, I hope this report finds you well. I want to bring...
6.5AI Score
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.....
7.4AI Score
0.002EPSS
A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with...
7.4AI Score
0.0004EPSS
Download Manager < 3.2.87 - Authenticated (Subscriber+) Stored Self-Based Cross-Site Scripting
Description The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's Display Name in all versions up to, and including, 3.2.86 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
4.4CVSS
5.7AI Score
0.0004EPSS
Why Security Awareness Training is Your Best Defense
Cybercriminals are constantly on the lookout for ways to infiltrate our devices and steal our personal information....
7.4AI Score
A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary...
7.5AI Score
0.001EPSS
U.S. Dept Of Defense: CVE-2021-39226 Discovered on endpoint https://██████/api/snapshots
Description: CVE-2021-39226 Discovered on endpoint https://███████/api/snapshots/:key where this issue poses a significant risk to the confidentiality and integrity of snapshot data, allowing both authenticated and unauthenticated users unauthorized access and deletion capabilities. References...
9.8CVSS
6.6AI Score
0.971EPSS
TYPO3 Brute Force Protection Bypass in backend login
The backend login has a basic brute force protection implementation which pauses for 5 seconds if wrong credentials are given. This pause however could be bypassed by forging a special request, making brute force attacks on backend editor credentials more...
7.1AI Score
TYPO3 Brute Force Protection Bypass in backend login
The backend login has a basic brute force protection implementation which pauses for 5 seconds if wrong credentials are given. This pause however could be bypassed by forging a special request, making brute force attacks on backend editor credentials more...
7.1AI Score
U.S. Dept Of Defense: [CVE-2018-0296] Cisco VPN path traversal on the https://██████████
Description I discovered previously unidentified instance https://████████ in DOD network, vulnerable to the CVE-2018-0296 (https://vulners.com/cve/CVE-2018-0296) It also accepts username and password for login flow instead secure cert auth. POC curl -i -k...
7.5CVSS
7AI Score
0.974EPSS
Description I discovered previously unidentified instance https://█████████ (████.██████.mil) in █████████ network, vulnerable to the CVE-2018-0296 (https://vulners.com/cve/CVE-2018-0296) POC curl -i -k "https://████/+CSCOU+/../+CSCOE+/files/file_list.json" --path-as-is █████████ We can disclose...
7.5CVSS
6.7AI Score
0.974EPSS
Description I discovered previously unidentified instance https://████/ (██████.mil) in ███ network, vulnerable to the CVE-2018-0296 (https://vulners.com/cve/CVE-2018-0296) POC curl -i -k "https://█████████/+CSCOU+/../+CSCOE+/files/file_list.json" --path-as-is ██████ We can disclose user sessions.....
7.5CVSS
6.7AI Score
0.974EPSS
Silverstripe Brute force bypass on default admin
Default Administrator accounts were not subject to the same brute force protection afforded to other Member accounts. Failed login counts were not logged for default admins resulting in unlimited attempts on the default admin username and...
7.2AI Score
Silverstripe Brute force bypass on default admin
Default Administrator accounts were not subject to the same brute force protection afforded to other Member accounts. Failed login counts were not logged for default admins resulting in unlimited attempts on the default admin username and...
7.2AI Score
How to Configure an Air-Gapped Veeam Kasten for Kubernetes Deployment Using JFrog Artifactory
This article provides a step-by-step approach to configuring a JFrog Artifactory server and installing Veeam Kasten for Kubernetes. This allows for creating an air-gapped installation using a private container registry to install Veeam Kasten for Kubernetes. While this can always be done manually,....
7AI Score
Description We were able to identify endpoint which prints request headers into the page. This included sensitive HTTPOnly session cookies which shouldn't be accessible in the DOM. POC https://█████████/csstest ███████ There will be JSESSIONID cookie reflected. Suggested fix Remove the page, it's.....
6.4AI Score
defense-and-society.org Cross Site Scripting vulnerability OBB-3864950
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting
WordPress Anti-Malware Security and Brute-Force Firewall plugin before 4.21.83 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape some parameters before outputting them back in an admin...
6.1CVSS
6AI Score
0.001EPSS
WP Force SSL & HTTPS SSL Redirect < 1.67 - Missing Authorization to Settings Update
Description The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_save_setting' function in versions up to, and including, 1.66. This makes it possible for authenticated attackers,...
4.2CVSS
6.4AI Score
0.001EPSS
Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable SQL Injection via login.php. This vulnerability stems from inadequate validation of user inputs for the email and password parameters, allowing attackers to inject malicious SQL...
9.8CVSS
7.8AI Score
EPSS
This module attempts to login to GlassFish instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. It will also try to do an authentication bypass against older versions of GlassFish. Note: by default, GlassFish 4.0 requires HTTPS, which.....
7.6AI Score
Cisco Firepower Threat Defense Software Authorization Bypass (cisco-sa-asaftd-saml-bypass-KkNvXyKW)
A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an...
5CVSS
5.2AI Score
0.0004EPSS
Description Hello. Some time ago, researcher Orange Tsai from DEVCORE team had a talk on Defcon/BlackHat regarding Pulse Secure SSL VPN vulnerabilities fixed on 2019/4/25: CVE-2019-11510 - Pre-auth Arbitrary File Reading CVE-2019-11542 - Post-auth Stack Buffer Overflow CVE-2019-11539 - Post-auth...
10CVSS
8AI Score
0.974EPSS
Zabbix Server Brute Force Utility
This module attempts to login to Zabbix server instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. It will also test for the Zabbix default login (Admin:zabbix) and guest...
7.5AI Score
Apache Axis2 Brute Force Utility
This module attempts to login to an Apache Axis2 instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. It has been verified to work on at least versions 1.4.1 and...
7.5AI Score
DB2 Authentication Brute Force Utility
This module attempts to authenticate against a DB2 instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE...
7.4AI Score
Cisco ASA - Local File Inclusion
Cisco Adaptive Security Appliances (ASA) web interfaces could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an...
7.5CVSS
7.9AI Score
0.974EPSS
A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is...
7.1CVSS
7AI Score
0.0004EPSS