CVE-2024-24919 Esse projeto tem como objetivo criar uma...
8.6CVSS
6.3AI Score
0.945EPSS
Unrestricted Upload Of File With Dangerous Type
silverstripe/framework is vulnerable for Unrestricted Upload Of File With Dangerous Type. The vulnerability is due to the lack of proper validation and sanitization of uploaded file types, which allows an attacker to upload executable file...
7.1AI Score
Lack Of Salt Update On Password Change
silverstripe/framework is vulnerable to Lack of Salt Update On Password Change. The vulnerability is due to the internal salt not being reset when a password is changed. An attacker can potentially exploit this to reduce the effectiveness of password...
7.1AI Score
A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an...
5CVSS
5.2AI Score
0.0004EPSS
Rejetto HTTP File Server (HFS) Unauthenticated Remote Code Execution Exploit
The Rejetto HTTP File Server (HFS) version 2.x is vulnerable to an unauthenticated server side template injection (SSTI) vulnerability. A remote unauthenticated attacker can execute code with the privileges of the user account running the HFS.exe server process. This exploit has been tested to...
8.2AI Score
7.4AI Score
Summary The next ruby code is vulnerable to denial of service due to the fact that the user controlled data profiler_runs was not contrained to any limitation. Which would lead to allocating resources on the server side with no limitation (CWE-770). ruby runs =...
8.6CVSS
7AI Score
0.0004EPSS
CVE-2024-5295 D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability
D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw...
8.8CVSS
8AI Score
0.001EPSS
moby docker daemon crash during image pull of malicious image
Impact Pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Patches Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing. Credits Maintainers would like to thank Josh Larsen, Ian Coldwater, Duffie Cooley, Rory McCune for working on the....
6.5CVSS
6.6AI Score
0.006EPSS
Grafana Spoofing originalUrl of snapshots in github.com/grafana/grafana
Grafana Spoofing originalUrl of snapshots in...
6.7CVSS
4.1AI Score
0.001EPSS
lollms path traversal vulnerability allows overriding of config.yaml file, leading to RCE
A path traversal vulnerability in the /set_personality_config endpoint of parisneo/lollms version 9.4.0 allows an attacker to overwrite the configs/config.yaml file. This can lead to remote code execution by changing server configuration properties such as force_accept_remote_access and...
7.4CVSS
7.7AI Score
0.0004EPSS
Permanent device denial of service due to improper input validation in AppOpsService
In multiple functions of AppOpsService.java, there is a possible way to saturate the content of /data/system/appops_accesses.xml due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...
6.9AI Score
0.0004EPSS
Leak of cross-user contact data in FDN contact importation in Telephony
In multiple locations, there is a possible way to import contacts belonging to other users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.5AI Score
0.0004EPSS
In parseInputs of ShimPreparedModel.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.4AI Score
0.0004EPSS
[Out of Bounds Read and Write in configureProducer in C2BqBuffer.cpp in libcodec2_vndk]
In Import of C2SurfaceSyncObj.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for...
4.4CVSS
6.5AI Score
0.0004EPSS
Leak of sensitive information to log files in github.com/hashicorp/go-retryablehttp
URLs were not sanitized when writing them to log files. This could lead to writing sensitive HTTP basic auth credentials to the log...
7AI Score
glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path...
7.5CVSS
8.4AI Score
0.012EPSS
PyMongo Out-of-bounds Read in the bson module
Versions of the package pymongo before 4.6.3 are vulnerable to Out-of-bounds Read in the bson module. Using the crafted payload the attacker could force the parser to deserialize unmanaged memory. The parser tries to interpret bytes next to buffer and throws an exception with string. If the...
8.1CVSS
4.6AI Score
0.001EPSS
CVE-2024-24919-PoC ![Screenshot of the exploit...
8.6CVSS
8.8AI Score
0.945EPSS
Rejetto HTTP File Server (HFS) Unauthenticated Remote Code Execution
The Rejetto HTTP File Server (HFS) version 2.x is vulnerable to an unauthenticated server side template injection (SSTI) vulnerability. A remote unauthenticated attacker can execute code with the privileges of the user account running the HFS.exe server process. This exploit has been tested to...
8.2AI Score
App can read all notifications of the device without requiring any permission.
In multiple functions of ManagedServices.java, there is a possible way to hide an app with notification access in the Device & app notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User...
7AI Score
EPSS
App can read location requests of other users without requiring INTERACT_ACROSS_USERS permission.
In addProviderRequestListener of LocationManagerService.java, there is a possible way to learn which packages request location information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...
5.5CVSS
6.2AI Score
0.0004EPSS
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.....
CVE-2024-5295 D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability
D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw...
8.8CVSS
9.2AI Score
0.001EPSS
Mattermost Server doesn't limit the number of user preferences
Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 don't limit the number of user preferences which allows an attacker to send a large number of user preferences potentially causing denial of...
4.3CVSS
6.7AI Score
0.0004EPSS
moby docker daemon crash during image pull of malicious image
Impact Pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Patches Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing. Credits Maintainers would like to thank Josh Larsen, Ian Coldwater, Duffie Cooley, Rory McCune for working on the....
6.5CVSS
6.6AI Score
0.006EPSS
libtiff.so is vulnerable to Denial Of Service (DoS). The vulnerability is due to the TIFFRasterScanlineSize64 function returning excessively small or large sizes for certain TIFF inputs. This flaw allows a remote attacker to cause a Denial Of Service (DoS) via a crafted input with a size smaller...
7.5CVSS
6.8AI Score
0.001EPSS
Mattermost fails to properly restrict the access of files attached to posts
Mattermost fails to properly restrict the access of files attached to posts in an archived channel, resulting in members being able to access files of archived channels even if the “Allow users to view archived channels” option is...
3.1CVSS
7AI Score
0.0004EPSS
Permanent device denial of service due to bypassing snoozed notifications limit number
In multiple functions of SnoozeHelper.java, there is a possible way to cause a boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...
6.9AI Score
0.0004EPSS
Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is...
7.1AI Score
0.0004EPSS
WP-CVE-2023-5360 Royal Elementor Addons and Templates <=...
9.8CVSS
9.7AI Score
0.911EPSS
Cilium vulnerable to bypass of namespace restrictions in CiliumNetworkPolicy
Impact An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy enforcement in other namespaces. By using a crafted endpointSelector that uses the DoesNotExist operator....
8.1CVSS
8.1AI Score
0.0004EPSS
ReadToMyShoe - Generation of Error Message Containing Sensitive Information
ReadToMyShoe generates an error message containing sensitive information prior to commit 8533b01. If an error occurs when adding an article, the website shows the user an error message. If the error originates from the Google Cloud TTS request, it will include the full URL of the request, which...
7.4CVSS
6.3AI Score
0.172EPSS
Mattermost fails to limit the number of active sessions
Mattermost versions 8.1.x before 8.1.12, 9.6.x before 9.6.1, 9.5.x before 9.5.3, 9.4.x before 9.4.5 fail to limit the number of active sessions, which allows an authenticated attacker to crash the server via repeated requests to the getSessions API after flooding the sessions...
4.3CVSS
4.5AI Score
0.0004EPSS
**Check Point Security Gateway RCE Exploit Tool...
8.6CVSS
7.2AI Score
0.945EPSS
Check Point Security Gateways Information Disclosure -...
8.6CVSS
8.6AI Score
0.945EPSS
CVE-2023-5360 CVE-2023-5360 Auto...
9.8CVSS
7AI Score
0.911EPSS
[Out of Bounds Read and Write in onQueueFilled in outQueue in libstagefright_soft_mpeg4dec]
In onQueueFilled of SoftMPEG4.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.4AI Score
0.0004EPSS
In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
6.4AI Score
0.0004EPSS
ADP Grant - Starting arbitrary Activities via SettingsHomepageActivity on behalf of uid 1000
In SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities via Settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
7.8CVSS
7AI Score
0.0005EPSS
Denial of Service in jsonparser
jsonparser before 1.1.1 allows attackers to cause a denial of service via a GET...
7.5CVSS
7AI Score
0.002EPSS
Exploit for Deserialization of Untrusted Data in Microsoft
CVE-2022-41082-POC PoC for the CVE-2022-41082 NotProxyShell...
8CVSS
8.3AI Score
0.216EPSS
Microsoft Common Data Model SDK Denial of Service Vulnerability
Microsoft Common Data Model SDK Denial of Service...
6.5CVSS
7AI Score
0.001EPSS
Grafana Spoofing originalUrl of snapshots
To create a snapshot (and insert an arbitrary URL) the built-in role Viewer is sufficient. When a dashboard is shared as a local snapshot, the following three fields are offered in the web UI for a user to fill out: • Snapshotname • Expire • Timeout(seconds) After the user confirms creation of the....
6.7CVSS
6.6AI Score
0.001EPSS
DoS (Denial of Service) org.json:json Dependency in Bitbucket Data Center and Server
This High severity org.json:json Dependency vulnerability was introduced in versions 7.17.0, 7.21.15, 8.9.4, 8.13.0, 8.14.0, and 8.15.0 of Bitbucket Data Center and Server. This org.json:json Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
7.5CVSS
6.7AI Score
0.001EPSS
DNP3 Link Layer Brute Force Addressing Disclosure
The DNP3 protocol is a multi-layer protocol that begins with a link layer connection. The DNP3 link layer address is required to establish a link layer connection. The DNP3 link layer address for the host was easily guessed, and a valid DNP3 link layer connection was established. If a link...
1.2AI Score
Exploit for Deserialization of Untrusted Data in Microsoft
CVE-2022-41082-POC PoC for the CVE-2022-41082 NotProxyShell...
8CVSS
8.3AI Score
0.216EPSS
ZendFramework1 Potential SQL injection in the ORDER implementation of Zend_Db_Select
The implementation of the ORDER BY SQL statement in Zend_Db_Select of Zend Framework 1 contains a potential SQL injection when the query string passed contains parentheses. For instance, the following code is affected by this issue: $db = Zend_Db::factory( /* options here */ ); $select =...
8.2AI Score
ZendFramework1 Potential SQL injection in the ORDER implementation of Zend_Db_Select
The implementation of the ORDER BY SQL statement in Zend_Db_Select of Zend Framework 1 contains a potential SQL injection when the query string passed contains parentheses. For instance, the following code is affected by this issue: $db = Zend_Db::factory( /* options here */ ); $select =...
8.2AI Score
Use Of Cryptographically Weak Pseudo-Random Number Generator
stormpath/sdk is vulnerable to Use Of Cryptographically Weak Pseudo-Random Number Generator. This vulnerability is due to an insecure generation of UUID version...
7.1AI Score