Exploit for Out-of-bounds Write in Polkit Project Polkit
CVE-2021-4034 Precompiled builds for CVE-2021-4034. Of...
7.8CVSS
8.5AI Score
0.001EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
log4j-shell-poc A Proof-Of-Concept for the recently found...
10CVSS
9.6AI Score
0.976EPSS
gqlparser denial of service vulnerability via the parserDirectives function
An issue in vektah gqlparser open-source-library v.2.5.10 allows a remote attacker to cause a denial of service via a crafted script to the parserDirectives...
7AI Score
0.0004EPSS
Azure Storage Movement Client Library Denial of Service Vulnerability
Azure Storage Movement Client Library Denial of Service...
7.5CVSS
7.1AI Score
0.001EPSS
Unlimited number of NTS-KE connections can crash ntpd-rs server
Summary Missing limit for accepted NTS-KE connections allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such as the default ntpd-rs configuration, are unaffected. Details Operating systems have a limit for the number...
7.5CVSS
7AI Score
0.0004EPSS
CRI-O's pods can break out of resource confinement on cgroupv2
Impact What kind of vulnerability is it? Who is impacted? All versions of CRI-O running on cgroupv2 nodes. Unchecked access to an experimental annotation allows a container to be unconfined. Back in 2021, support was added to support an experimental annotation that allows a user to request...
7.5CVSS
7.1AI Score
0.001EPSS
APM Server vulnerable to Insertion of Sensitive Information into Log File
An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this...
7.5CVSS
6.5AI Score
0.001EPSS
Exploit for Out-of-bounds Write in Google Chrome
CVE-2023-4863 ```bash # checkout webp git clone...
8.8CVSS
8.7AI Score
0.609EPSS
[Out of Bounds Write in BTM_BlePeriodicSyncTransfer in btm_ble_gap.cc in libbt-stack]
In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.2AI Score
0.0004EPSS
[Out of Bounds Write in nci_snd_set_routing_cmd in nci_hmsgs.cc in libnfc-nci]
In nci_snd_set_routing_cmd of nci_hmsgs.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for...
8.8CVSS
7.8AI Score
0.0005EPSS
Delivery of new intents to protected activities via Activity#navigateUpTo() API
In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not...
7.8CVSS
6.7AI Score
0.0004EPSS
[Out of Bounds Write in phNxpNciHal_write_unlocked Function in phNxpNciHal.cc in nfc_nci_nxp]
In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
6.8AI Score
0.0004EPSS
TYPO3 Denial of Service in Frontend Record Registration
TYPO3’s built-in record registration functionality (aka basic shopping cart) using recs URL parameters is vulnerable to denial of service. Failing to properly ensure that anonymous user sessions are valid, attackers can use this vulnerability in order to create an arbitrary amount of individual...
7.1AI Score
[Out of Bounds Write in read_attr_value Function in gatt_db.cc in Bluetooth]
In read_attr_value of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
7.8AI Score
0.001EPSS
Exploit for External Control of File Name or Path in Fortinet Fortinac
CVE-2022-39952 POC for CVE-2022-39952 affecting Fortinet...
9.8CVSS
9.8AI Score
0.948EPSS
[Out of Bounds Write in BTM_BlePeriodicSyncSetInfo in btm_ble_gap.cc in libbt-stack]
In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
7.8CVSS
7.2AI Score
0.0004EPSS
[Out of Bounds Read in pin_reply Function in bluetooth.cc in Bluetooth]
In pinReplyNative of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege of BLE with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.7AI Score
0.0004EPSS
[oob write due to invaild length check in Mfc_Transceive() of libnfc_nci_jni.so]
In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.9AI Score
0.0004EPSS
In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure from the media server with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.1AI Score
0.0004EPSS
In updateAudioTrackInfoFromESDS_MPEG4Audio of MPEG4Extractor.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for...
6.5CVSS
6.5AI Score
0.001EPSS
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege...
5.5CVSS
5.8AI Score
0.0004EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
██████╗ ██╗ ██╗██╗ ██╗███╗ ██╗███████╗██████╗ ██╔══██...
8AI Score
[Crafted AVRCP cmd packet Causes Out-of-bounds Read in Bluetooth]
In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for...
6.5CVSS
6.5AI Score
0.001EPSS
The Moneytizer <= 9.5.20 - Missing Authorization via multiple AJAX actions
Description The The Moneytizer plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple AJAX functions in the /core/core_ajax.php file in all versions up to, and including, 9.5.20. This makes it possible....
8.1CVSS
6.4AI Score
0.001EPSS
rexml is vulnerable to Denial Of Service (DoS). The vulnerability is due to improper parsing of XML with many <characters in an attribute value, which allows an attacker to cause Denial of...
5.3CVSS
6.2AI Score
0.0004EPSS
Exploit for Exposure of Resource to Wrong Sphere in Microsoft
Blank Space Blank Space is a refactoring of James Forshaw's...
8.6AI Score
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
🇮🇱 #BringThemHome #NeverAgainIsNow 🇮🇱 **We demand...
9.8CVSS
8.2AI Score
0.018EPSS
qemu is vulnerable to Denial of Service (DoS). A wrong exit condition within qemu may lead to an infinite loop in the 'inflate_buffer' function resulting in a denial of...
6.5CVSS
6.7AI Score
0.002EPSS
libssh is vulnerable to Denial Of Service (DoS). The vulnerability is due to a lack of proper validation and checking of return values in the abstract layer for message digest (MD) operations implemented by different supported crypto backends. This could lead to low-memory failures and potentially....
5.3CVSS
7AI Score
0.001EPSS
X.Org server is vulnerable to Out-of-bounds Write. The vulnerability is caused due to not allocating sufficient memory space for the devices's particular number of logical buttons. This can lead to a heap overflow if a bigger value is used. DeviceFocusEventand the XIQueryPointer reply of X.Org...
9.8CVSS
7.3AI Score
0.002EPSS
8.5AI Score
LuckyWP Table of Contents <= 2.1.4 - Authenticated(Administrator+) Cross-Site Scripting
Description The LuckyWP Table of Contents plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Header Title' field in all versions up to and including 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
4.4CVSS
4.6AI Score
0.0004EPSS
CVE-2024-5516 itsourcecode Online Blood Bank Management System massage.php sql injection
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file massage.php. The manipulation of the argument bid leads to sql injection. The attack can be launched remotely.....
6.3CVSS
6.8AI Score
0.0004EPSS
CVE-2024-5516 itsourcecode Online Blood Bank Management System massage.php sql injection
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file massage.php. The manipulation of the argument bid leads to sql injection. The attack can be launched remotely.....
6.3CVSS
7.4AI Score
0.0004EPSS
Vulnerability Scanner for CVE-2024-24919 (need Shodan API)...
8.6CVSS
8.6AI Score
0.945EPSS
DotCMS - Arbitrary File Upload
DotCMS management system contains an arbitrary file upload vulnerability via the /api/content/ path which can allow attackers to upload malicious Trojans to obtain server...
9.8CVSS
9.7AI Score
0.975EPSS
Parts of Report are dropped as the wrong type during downcast
In affected versions, after a Report is constructed using wrap_err or wrap_err_with to attach a message of type D onto an error of type E, then using downcast to recover ownership of either the value of type D or the value of type E, one of two things can go wrong: If downcasting to E, there...
7AI Score
7.5CVSS
6.7AI Score
0.013EPSS
Gitea allowed assignment of private issues in code.gitea.io/gitea
Gitea allowed assignment of private issues in...
6.5CVSS
6.7AI Score
0.001EPSS
Improper Restriction of XML External Entity Reference in org.cyclonedx:cyclonedx-core-java
Impact Before deserializing CycloneDX Bill of Materials in XML format, cyclonedx-core-java leverages XPath expressions to determine the schema version of the BOM. The DocumentBuilderFactory used to evaluate XPath expressions was not configured securely, making the library vulnerable to XML...
7.5CVSS
7AI Score
0.0005EPSS
Improper Restriction of Excessive Authentication Attempts in github.com/greenpau/caddy-security
Improper Restriction of Excessive Authentication Attempts in...
4.8CVSS
6.8AI Score
0.0004EPSS
Improper Restriction of Excessive Authentication Attempts in github.com/greenpau/caddy-security
All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Restriction of Excessive Authentication Attempts via the two-factor authentication (2FA). Although the application blocks the user after several failed attempts to provide 2FA codes, attackers can bypass this....
4.8CVSS
7.4AI Score
0.0004EPSS
Minder affected by denial of service from maliciously configured Git repository
Minder's Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the github.com/go-git/go-git/v5 library on these lines:...
5.7CVSS
6.4AI Score
0.0004EPSS
Registering BroadcastReceiver as another app through IApplicationThread of isolated external service
In retrieveServiceLocked of ActiveServices.java, there is a possible way to dynamically register a BroadcastReceiver using permissions of System App due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...
7.8CVSS
6.8AI Score
0.0004EPSS
Displaying photos of other users via a notification with RemoteViews.setIcon/4
In visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for...
5.5CVSS
6.4AI Score
0.0004EPSS
[Out of Bounds Read in avdt_scb_hdl_pkt_no_frag Function in avdt_scb_act.cc in Bluetooth]
In avdt_scb_hdl_pkt_no_frag of avdt_scb_act.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.4AI Score
0.0004EPSS
[Out of Bounds Write in bta_av_rc_disc_done Function in bta_av_act.cc in Bluetooth]
In bta_av_rc_disc_done of bta_av_act.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
6.8AI Score
0.0004EPSS
[Regression] Uninstalling of packages by DPC does not work in T
In getStringsForPrefix of Settings.java, there is a possible prevention of package uninstallation due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
6.8AI Score
0.0004EPSS
[Out of Bounds Read in process_service_search_rsp Function in sdp_discoverty.cc in Bluetooth]
In process_service_search_rsp of sdp_discovery.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...
7.5CVSS
6.2AI Score
0.001EPSS
[Crafted HFP Client Packet Causes Out-of-bounds Write in Bluetooth]
In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
7.8AI Score
0.001EPSS