The Bank Of Tokyo-mitsubishi Ufj, Ltd. Security Vulnerabilities

TCPDF vulnerable to Regular Expression Denial of Service

TCPDF version <= 6.7.4 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted...

Exploit for Deserialization of Untrusted Data in Apache Activemq

Resumen Técnico del Ataque: CVE-2023-46604 El script explota...

PyMongo Out-of-bounds Read in the bson module

Versions of the package pymongo before 4.6.3 are vulnerable to Out-of-bounds Read in the bson module. Using the crafted payload the attacker could force the parser to deserialize unmanaged memory. The parser tries to interpret bytes next to buffer and throws an exception with string. If the...

Use of Insufficiently Random Values in github.com/greenpau/caddy-security

Versions of the package github.com/greenpau/caddy-security before 1.0.42 are vulnerable to Insecure Randomness due to using an insecure random number generation library which could possibly be predicted via a brute-force search. Attackers could use the potentially predictable nonce value used for.....

[Out of Bounds Read in convertSubgraphFromHAL in ShimConverter.cpp in libneuralnetworks_shim_static]

In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

Permanent denial of service via JobScheduler#schedule with invalid NetworkCapabilities.mTransportTypes

In several methods of JobStore.java, uncaught exceptions in job map parsing could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for...

TCPDF vulnerable to Regular Expression Denial of Service

TCPDF version <= 6.7.4 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted...

there is a possible constriction of directory permissions due to path prefix verification error, resulting in DOS of some parts-related function.

In update of MmsProvider.java, there is a possible way to change directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is not needed for...

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check Chequea si...

vyper performs multiple eval of `sqrt()` argument built in

Summary Using the sqrt builtin can result in multiple eval evaluation of side effects when the argument has side-effects. The bug is more difficult (but not impossible!) to trigger as of 0.3.4, when the unique symbol fence was introduced (https://github.com/vyperlang/vyper/pull/2914). A contract...

Denial of service of Minder Server from maliciously crafted GitHub attestations in github.com/stacklok/minder

Denial of service of Minder Server from maliciously crafted GitHub attestations in...

Improper Neutralization of HTTP Headers in github.com/greenpau/caddy-security

Improper Neutralization of HTTP Headers in...

Enumeration of users in HashiCorp Vault in github.com/hashicorp/vault

Enumeration of users in HashiCorp Vault in...

Permanent denial of service via JobScheduler#schedule with invalid JobInfo.extras

In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...

[Out of Bounds Write in ConvertRGBToPlanarYUV in C2InterfaceHelper.cpp in libsfplugin_ccodec_utils]

In ConvertRGBToPlanarYUV of Codec2BufferUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

[Out of Bounds Read in setOperandValue in ShimPreparedModel.cpp in libneuralnetworks_cl]

In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

Permanent denial of service via ShortcutManager#addDynamicShortcuts with invalid Intent.mFlags

In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...

[Crafted AVRCP Response Causes Out-of-bounds Read in Bluetooth]

In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...

Buildkite Elastic CI for AWS time-of-check-time-of-use race condition vulnerability in github.com/buildkite/elastic-ci-stack-for-aws

Buildkite Elastic CI for AWS time-of-check-time-of-use race condition vulnerability in...

Denial of service in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc

The grpc Unary Server Interceptor created by the otelgrpc package added the labels net.peer.sock.addr and net.peer.sock.port with unbounded cardinality. This can lead to the server's potential memory exhaustion when many malicious requests are sent. This leads to a...

Exploit for SQL Injection in Crmeb

CVE-2024-36837 POC write URL in url.txt and run...

Exploit for Unrestricted Upload of File with Dangerous Type in Wpallimport Wp All Import

WordPress Plugin WP All Import <= 3.6.7 - Thực thi mã từ xa...

pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS)

Python Packaging Authority (PyPA)'s setuptools is a library designed to facilitate packaging Python projects. Setuptools version 65.5.0 and earlier could allow remote attackers to cause a denial of service by fetching malicious HTML from a PyPI package or custom PackageIndex page due to a...

Denial of service in HashiCorp Consul in github.com/hashicorp/consul

Denial of service in HashiCorp Consul in...

[Out of Bounds Write in internalGetVp8Params in SoftVP8Encoder.cpp in libstagefright_soft_vpxenc]

In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

[Out of Bounds Read in register_notification_rsp in btif_rc.cc in libbtif]

In register_notification_rsp of btif_rc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

gqlparser denial of service vulnerability via the parserDirectives function

An issue in vektah gqlparser open-source-library v.2.5.10 allows a remote attacker to cause a denial of service via a crafted script to the parserDirectives...

Use of Insufficiently Random Values in github.com/greenpau/caddy-security

Use of Insufficiently Random Values in...

Improper Validation of Array Index in github.com/greenpau/caddy-security

Improper Validation of Array Index in...

Improper Validation of Array Index in github.com/greenpau/caddy-security

All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access elements, which can lead...

Permanent denial of service via PackageManager#setPackagesSuspended with invalid SuspendParams.launcherExtras

In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for...

Bypass patch of 209446496: Secondary user could disable secure nfc

In isToggleable of SecureNfcEnabler.java and SecureNfcPreferenceController.java, there is a possible way to enable NFC from a secondary account due to a permissions bypass. This could lead to local escalation of privilege from the Guest account with no additional execution privileges needed. User.....

[Out of Bounds Write in phNciNfc_MfCreateXchgDataHdr in phNxpExtns_MifareStd.cpp in libnfc_nci_jni]

In phNciNfc_MfCreateXchgDataHdr of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Snakeyaml vulnerable to Stack overflow leading to denial of service

Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service...

Exposure of secrets through system log in Jenkins Structs Plugin

Structs Plugin provides utility functionality used, e.g., in Pipeline to instantiate and configure build steps, typically before their execution. When Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that...

Denial of service in Kubernetes in k8s.io/kubernetes

Denial of service in Kubernetes in...

Exposure of secrets through system log in Jenkins Structs Plugin

Structs Plugin provides utility functionality used, e.g., in Pipeline to instantiate and configure build steps, typically before their execution. When Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that...

Build Numbers and Versions of Veeam Recovery Orchestrator

This KB article lists all versions of Veeam Recovery Orchestrator and their respective build...

Out-of-bounds write in ChakraCore

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195,....

Out-of-bounds write in Microsoft.ChakraCore

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1195, CVE-2019-1196,....

pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS)

Python Packaging Authority (PyPA)'s setuptools is a library designed to facilitate packaging Python projects. Setuptools version 65.5.0 and earlier could allow remote attackers to cause a denial of service by fetching malicious HTML from a PyPI package or custom PackageIndex page due to a...

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from...

Exploit for Out-of-bounds Write in Linux Linux Kernel

CVE-2021-22555 This repo hosts TUKRU's Linux Privilege...

Denial Of Service (DOS)

Intel(R) Core(TM) Ultra Processors are vulnerable to Denial Of Service (DOS). The vulnerability is caused due to a Sequence of processor instructions leading to unexpected behavior. This can allow an authenticated user to potentially enable Denial Of Service (DOS) via local...

CVE-2024-33000 Missing Authorization check in SAP Bank Account Management

SAP Bank Account Management does not perform necessary authorization check for an authorized user, resulting in escalation of privileges. As a result, it has a low impact to confidentiality to the...

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from...

Denial Of Service (DoS)

pocketmine/pocketmine-mp is vulnerable to Denial Of Service (DoS). The vulnerability exists in due to the netresearch/jsonmapper dependency due to improper mappings of JSON arrays and objects onto scalar model properties which allows an attacker to send malformed JWT JSON in the LoginPacket...

Mattermost Exposure of Sensitive Information to an Unauthorized Actor vulnerability

Mattermost fails to check whether the "Allow users to view archived channels" setting is enabled during permalink previews display, allowing members to view permalink previews of archived channels even if the "Allow users to view archived channels" setting is...

Exploit for Out-of-bounds Write in Polkit Project Polkit

b0VIM...

Denial Of Service (DoS)

github.com/stacklok/minder is vulnerable to Denial Of Service (DoS). The vulnerability is due to the engines lack of template size limits, which allows an attacker to execute a Denial of Service (DoS) attack by submitting maliciously crafted large...