U.S. Dept Of Defense: Reflected Cross-site Scripting via search query on ██████
Hi team I found a reflected xss via search query on ████████ that allows an attacker to execute Javascript code into victim's browser. PoC 1- Doing subdomain enumeration of ██████████, i found the following one: ████████ 2- On the search query i saw that is injecting inside an h6 html tag:...
7.4AI Score
Denial of service of Minder Server from maliciously crafted GitHub attestations in...
5.3CVSS
5.2AI Score
0.0004EPSS
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Fit2Cloud Jumpserver
CVE-2023-42820 CVE-2023-42820 漏洞说明 JumpServer 密码重置漏洞...
8.2CVSS
8.3AI Score
0.0005EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Log4Pot A honeypot for the Log4Shell vulnerability...
8.7AI Score
Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Putty
CVE-2024-31497 POC This vulnerability exploits the biased...
5.9CVSS
5.6AI Score
0.002EPSS
Out-of-bounds write in ChakraCore
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195,....
8.8CVSS
6AI Score
0.038EPSS
Exploit for Deserialization of Untrusted Data in Apache Activemq
honeypot.rs Honeypot that scopes [CVE-2023-46604 (Apache...
7.3AI Score
In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for...
6.5AI Score
0.0004EPSS
securenvoy-cve-2024-37393 RESPONSIBLE DISCLOSURE...
7.5CVSS
7.7AI Score
0.013EPSS
7.8CVSS
8.2AI Score
0.001EPSS
CVE-2023-41805 Broken Access Control vulnerability in multiple Brainstorm Force plugins
Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5; Starter Templates: from n/a through...
6.5CVSS
0.0004EPSS
PyMongo Out-of-bounds Read in the bson module
Versions of the package pymongo before 4.6.3 are vulnerable to Out-of-bounds Read in the bson module. Using the crafted payload the attacker could force the parser to deserialize unmanaged memory. The parser tries to interpret bytes next to buffer and throws an exception with string. If the...
8.1CVSS
4.7AI Score
0.001EPSS
Exploit for Deserialization of Untrusted Data in Apache Activemq
Resumen Técnico del Ataque: CVE-2023-46604 El script explota...
10CVSS
6.9AI Score
0.931EPSS
VMware Carbon Black Cloud Endpoint Standard Installed (macOS)
VMware Carbon Black Cloud Endpoint Standard, formerly Cb Defense and Confer, is installed on the remote macOS...
1.3AI Score
Deserialization Of Untrusted Data
illuminate/cookie is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to insecure cookie encryption and serialization logic, which allows attackers to potentially decrypt or manipulate cookie data, resulting in arbitrary code...
7.5AI Score
Exploit for Out-of-bounds Write in Linux Linux Kernel
CVE-2021-22555 This repo hosts TUKRU's Linux Privilege...
8.3CVSS
7.7AI Score
0.002EPSS
libxpm is vulnerable to Out-of-bounds Read. The vulnerability is due to insufficient validation, incorrect handling of input data of buffer sizes within XpmCreateXpmImageFromBuffer function. This flaw allows an attacker to trigger an out-of-bounds read error via specially crafted input and read...
5.5CVSS
6.4AI Score
0.0004EPSS
grub2 is vulnerable to Out-of-Bounds Write. The vulnerability allows an attacker to execute arbitrary code or bypass secure boot protection by presenting a specially crafted NTFS filesystem...
7.8CVSS
7.8AI Score
0.0004EPSS
xwayland is vulnerable to Out-of-Bounds Write. An attacker could exploit this vulnerability by crafting a malicious X11 message that would cause the Xorg X11 server to write data outside of the bounds of a buffer which would allow the attacker to crash the server or escalate...
7.8CVSS
7.4AI Score
0.001EPSS
qemu is vulnerable to Out-of-bounds Write. The vulnerability is due to there is no proper bounds checking in the virtio_net_flush_tx function of QEMU's virtio-net device when certain guest features are enabled. This oversight allows for a stack-based buffer overflow, enabling a malicious user to...
5.3CVSS
7AI Score
0.0004EPSS
Exploit for Unrestricted Upload of File with Dangerous Type in Elementor Website Builder
WordPress Plugin - Elementor 3.6.0 3.6.1 3.6.2 Thực thi mã từ...
8.8CVSS
7AI Score
0.96EPSS
Regular Expression Denial Of Service (ReDoS)
micromatch is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability is due a regex expression with inefficient complexity within the micromatch.braces() method. An attacker can submit a large payload without a closing bracket, which results in Regular Expression Denial of...
5.3CVSS
6.7AI Score
0.0004EPSS
[Out of Bounds Write in attp_build_value_cmd in libbt-stack]
In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
7.8AI Score
0.0004EPSS
Potential Intent Redirection issue in SettingsActivity of Settings app
In launchDeepLinkIntentToRight of SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
8.8CVSS
6.9AI Score
0.001EPSS
Can access comments and attachments of deleted cards
Description Impact A user with access to a deck board was able to access comments and attachments of already deleted cards. Patches It is recommended that the Nextcloud Deck app is upgraded to 1.6.6 or 1.7.5 or 1.8.7 or 1.9.6 or 1.11.3 or 1.12.1 Workarounds Disable Deck app References HackerOne...
4.3CVSS
6.6AI Score
0.0004EPSS
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Python Requests
POC for CVE-2023-32681 This is a Python 3 implementation of...
6.1CVSS
7.4AI Score
0.001EPSS
Index-out-of-bounds in LibRaw::apply_tiff
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55722 Crash type: Index-out-of-bounds Crash state: LibRaw::apply_tiff LibRaw::parse_jpeg...
6.9AI Score
github.com/stacklok/minder is vulnerable to Denial Of Service (DoS). The vulnerability is due to the engines lack of template size limits, which allows an attacker to execute a Denial of Service (DoS) attack by submitting maliciously crafted large...
5.3CVSS
7.2AI Score
0.0004EPSS
TCPDF vulnerable to Regular Expression Denial of Service
TCPDF version <= 6.7.4 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted...
5.9AI Score
0.0004EPSS
libxpm.so is vulnerable to Out-of-bounds Read. The vulnerability is due to a boundary condition, allowing a local user to trigger an out of bounds read error and read memory contents from the...
5.5CVSS
6.7AI Score
0.0004EPSS
jwcrypto is vulnerable to Denial Of Service (DoS). The vulnerability is due to a missing upper bound check in the p2c header value (PBES2 count) which contains the PBKDF2 iteration count used in the PBKDF2 cryptographic key derivation function. The unbounded value can be exploited by an attacker...
5.3CVSS
6.9AI Score
0.0004EPSS
This module will test a SMB login on a range of machines and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your...
7.2AI Score
Regular Expression Denial Of Service (ReDoS)
tecnickcom/tcpdf is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability is due to a regular expression with inefficient complexity utilized when parsing a SVG file. This allows an attacker to cause a denial of service by crafting a malicious svg...
6.7AI Score
EPSS
Exploit for Insertion of Sensitive Information into Log File in Milesight Ur5X Firmware
CVE-2023-43261 - PoC Critical Vulnerability Exposes...
7.5CVSS
7.9AI Score
0.007EPSS
github.com/stacklok/minder is vulnerable to a Denial of Service (DoS). The vulnerability is due to missing request size limits by the REST ingester when processing responses from remote REST endpoints, which allows an attacker to execute a Denial of Service attack by controlling a remote REST...
5.3CVSS
7AI Score
0.0004EPSS
read&write private files of apps without any permission
In multiple locations, there is a possible way to access screenshots due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
3.3CVSS
6.5AI Score
0.0004EPSS
[Auto] [Bluetooth] Heap OOB write of 0x00 in SDP_AddAttribute
In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
7.6AI Score
0.002EPSS
ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability
Impact There is a vulnerability in Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability. References CVE-2024-35255 Patches https://github.com/traefik/traefik/releases/tag/v2.11.5 https://github.com/traefik/traefik/releases/tag/v3.0.3 Workarounds No...
5.5CVSS
6.7AI Score
0.0004EPSS
5.5CVSS
6.6AI Score
0.0004EPSS
libXpm is vulnerable to Out-of-bounds Read. The vulnerability is caused due to a boundary condition that can be exploited to read contents of memory of the system. An attacker can trigger this out-of-bounds read error compromising confidentiality of the...
5.5CVSS
6.8AI Score
0.0004EPSS
X.Org server is vulnerable to Out-of-bounds Write. The vulnerability is caused due to the cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX...
7.8CVSS
6.7AI Score
0.0004EPSS
word-wrap vulnerable to Regular Expression Denial of Service
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result...
7.5CVSS
6.4AI Score
0.001EPSS
ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability
Impact There is a vulnerability in Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability. References CVE-2024-35255 Patches https://github.com/traefik/traefik/releases/tag/v2.11.5 https://github.com/traefik/traefik/releases/tag/v3.0.3 Workarounds No...
5.5CVSS
7.1AI Score
0.0004EPSS
rexml is vulnerable to Denial Of Service (DoS). The vulnerability is due to improper parsing of XML with many <characters in an attribute value, which allows an attacker to cause Denial of...
5.3CVSS
6.2AI Score
0.0004EPSS
Maintenance Server, in Cybellum's QCOW air-gapped distribution (China Edition), versions 2.15.5 through 2.27, was compiled with a hard-coded private cryptographic key. An attacker with administrative privileges & access to the air-gapped server could potentially use this key to run commands on the....
3.8CVSS
4.8AI Score
0.0004EPSS
Out-of-bounds write in Microsoft.ChakraCore
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1195, CVE-2019-1196,....
8.8CVSS
6AI Score
0.038EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
pkexec-exploit Local Privilege Escalation in polkit's pkexec...
8.2AI Score
In BNEP_ConnectResp of bnep_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for...
6.5CVSS
6.2AI Score
0.0004EPSS
Reading contacts of other users using emergency contact settings
In onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts belonging to other users due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
3.3CVSS
6.9AI Score
0.0004EPSS
Bypass of device carrier restrictions (OS Version = android 12)
In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS