The Bank Of Tokyo-mitsubishi Ufj, Ltd. Security Vulnerabilities
Denial of service while parsing a tar file due to lack of folders count validation
Description: During some analysis today on npm's node-tar package I came across the folder creation process, Basicly if you provide node-tar with a path like this ./a/b/c/foo.txt it would create every folder and sub-folder here a, b and c until it reaches the last folder to create foo.txt, In-this....
6.5CVSS
7AI Score
0.0004EPSS
TYPO3 Information Disclosure of Installed Extensions
It has been discovered that mechanisms used for configuration of RequireJS package loading are susceptible to information disclosure. This way a potential attack can retrieve additional information about installed system and third party...
6.7AI Score
Duplicate Advisory: Denial of Service in JSON-Java
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4jq9-2xhw-jpx7. This link is maintained to preserve external references. Original Description Denial of Service in JSON-Java versions prior to 20230618. A bug in the parser means that an input string of modest...
7.4AI Score
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: coredns, dex, cosign, cilium-cli, nri-mssql, rqlite, kots, falcoctl, flux, fulcio, prometheus-stackdriver-exporter, dgraph, trillian, goreleaser, kubernetes-event-exporter, prometheus-postgres-exporter, certificate-transparency, cfssl, temporal-ui-server, tkn,...
5.9CVSS
7.1AI Score
0.963EPSS
Use-of-uninitialized-value in complexity_RC_reset_marking
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57398 Crash type: Use-of-uninitialized-value Crash state: complexity_RC_reset_marking ihevce_pre_enc_process_frame_thrd...
6.9AI Score
Local persistent denial of service when setting PackageManager.GET_SIGNATURES
In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.9AI Score
0.0004EPSS
[Out of Bounds Read in WT_VoiceGain in eas_wtengine.c]
In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for...
7.2AI Score
0.0004EPSS
[The use of BD_ADDR in BR/EDR as the identity address of BLE makes the dual-stack trackable]
In bta_dm_remove_device of bta_dm_act.cc, there is a possible way for a BT device to receive a long term trackable identifier due to a permissions bypass. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.9AI Score
EPSS
ASP.NET Core is vulnerable to a Denial of Service (DoS). The vulnerability is due to improper handling of certain SignalR requests which results in the server being overwhelmed unresponsive, resulting in Denial of Service...
7.5CVSS
6.5AI Score
0.001EPSS
rack-contrib is vulnerable to a Denial Of Service (DoS). The vulnerability is due to the user-controlled profiler_runs parameter not being constrained, which allows an attacker to allocate resources on the server side without limitation, resulting in Denial of...
8.6CVSS
6.7AI Score
0.0004EPSS
Use-of-uninitialized-value in ihevce_strm_fill_done
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57401 Crash type: Use-of-uninitialized-value Crash state: ihevce_strm_fill_done ihevce_ent_coding_thrd...
6.9AI Score
.NET is vulnerable to Denial of Service (DoS) attacks. The vulnerability is due to processing X.509 certificates, which allows a malicious user is to trigger an application crash by passing a crafted...
7.5CVSS
6.7AI Score
0.001EPSS
Yarp.ReverseProxy is vulnerable to Denial of Service (DoS) attacks. The vulnerability exists due insufficient checks in StreamCopyHttpContent.cs, which allows an attacker to cause denial of service...
7.5CVSS
6.6AI Score
0.001EPSS
Microsoft QUIC is vulnerable to Denial of Service (DOS). The vulnerability is due to a memory leak in the QuicCryptoTlsReadExtensions function in crypto_tls.c, which results in Denial of Service. An attacker can create multiple instances are present or multiple calls to the decode...
7.5CVSS
6.9AI Score
0.001EPSS
Microsoft QUIC is vulnerable to Denial Of Service (DoS). The vulnerability is due to the library allowing version negotiation packets for server connections, which enables an attacker to crash the...
7.5CVSS
6.8AI Score
0.002EPSS
Microsoft.IdentityModel.JsonWebTokens and System.IdentityModel.Tokens.Jwt are vulnerable to Denial Of Service (DoS). The vulnerability is cause by improper JWT compression checks, which results in resource exhaustion due processing of malicious JSON Web Encryption(JWE) token. Successful...
6.8CVSS
7AI Score
0.001EPSS
.NET is vulnerable to Denial Of Service (Dos). The vulnerability is due to improper handling of x509 certificates, which can result in Denial of Service...
7.5CVSS
6.5AI Score
0.003EPSS
Use-of-uninitialized-value in ihevce_enc_frm_proc_slave_thrd
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57397 Crash type: Use-of-uninitialized-value Crash state: ihevce_enc_frm_proc_slave_thrd osal_func...
6.9AI Score
Mattermost is vulnerable to Denial of Service (DoS). The vulnerability is caused due to the lack of validation for custom emoji reactions. This allows an attacker to send a huge amount of non-existent custom emojis in a post to crash the mobile app of a user seeing the...
4.3CVSS
6.7AI Score
0.0005EPSS
[updated] Federal Reserve “breached” data may actually belong to Evolve Bank
A shockwave went through the financial world when ransomware group LockBit claimed to have breached the US Federal Reserve, the central banking system of the United States. On LockBit's dark web leak site, the group threatened to release over 30 TB of banking information containing Americans'...
7.4AI Score
.NET and ASP.NET are vulnerable to Denial Of Service (DoS). The vulnerability exists in the Kestrel web server, which allows an attacker to bypass the QUIC stream limit in HTTP/3, resulting in an application...
7.5CVSS
6.8AI Score
0.001EPSS
Keycloak Denial of Service via account lockout
In any realm set with "User (Self) registration" a user that is registered with a username in email format can be "locked out" (denied from logging in) using his...
7.1AI Score
Keycloak Denial of Service via account lockout
In any realm set with "User (Self) registration" a user that is registered with a username in email format can be "locked out" (denied from logging in) using his...
7.1AI Score
Directory traversal vulnerability in index.php in PHP Point Of Sale for osCommerce 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cfg_language parameter. NOTE: this issue has been disputed by CVE, since the cfg_language variable is configured...
7.2AI Score
0.008EPSS
TYPO3 Information Disclosure of Installed Extensions
It has been discovered that mechanisms used for configuration of RequireJS package loading are susceptible to information disclosure. This way a potential attack can retrieve additional information about installed system and third party...
6.7AI Score
Exploit for Out-of-bounds Write in Polkit Project Polkit
PwnKit-Exploit CVE-2021-4034 ...
8.1AI Score
.netrc parser out-of-bounds access
curl can be told to parse a .netrc file for credentials. If that file ends in a line with consecutive non-white space letters and no newline, curl could read past the end of the stack-based buffer, and if the read works, write a zero byte possibly beyond its boundary. This does in most cases cause....
6.5CVSS
7.7AI Score
0.002EPSS
YARP Denial of Service Vulnerability
Impact A denial of service vulnerability exists in YARP. Patches If you're using YARP 1.x, you should update to NuGet package version 1.1.2. If you're using YARP 2.0.0, you should update to NuGet package version 2.0.1. You can do so by updating the PackageReference in your .csproj file diff...
7.5CVSS
6.6AI Score
0.001EPSS
Guava vulnerable to insecure use of temporary directory
Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files...
7.1CVSS
6.7AI Score
0.0004EPSS
.NET is vulnerable to Denial of Service (DoS).The vulnerability is due to resource leaks caused by specially crafted requests, which can result in Denial of Service...
7.5CVSS
7AI Score
0.0005EPSS
Microsoft QUIC is vulnerable to Denial Of Service (DoS). The vulnerability is caused by holding onto failed connections, leading to continuous memory consumption until exhaustion, resulting in Denial of Service. Note that this vulnerability is not exploitable on .NET-based web servers running on...
7.5CVSS
6.5AI Score
0.0005EPSS
Exploit for Improper Restriction of XML External Entity Reference in Ivanti Connect Secure
CVE-2024-22024 Check for CVE-2024-22024 vulnerability in...
8.3CVSS
8.2AI Score
0.006EPSS
Exploit for Out-of-bounds Write in Linux Linux Kernel
Linux_LPE_eBPF_CVE-2021-3490 LPE exploit for CVE-2021-3490....
7.8CVSS
8.1AI Score
0.002EPSS
Exploit for Allocation of Resources Without Limits or Throttling in Apache Http Server
CVE-2024-27316 I decided to call this vulnerability...
7.5CVSS
7.9AI Score
0.005EPSS
Exploit for Out-of-bounds Write in Google Chrome
libwebp CVE-2023-4863 [A Vulnerability...
8.8CVSS
7.3AI Score
0.609EPSS
Exploit for Allocation of Resources Without Limits or Throttling in Redhat Enterprise Linux
CVE-2023-50387 KeyTrap in DNS (CVE-2023-50387) This...
7.5CVSS
7.6AI Score
0.05EPSS
vyper performs double eval of raw_args in create_from_blueprint
Summary Using the create_from_blueprint builtin can result in a double eval vulnerability when raw_args=True and the args argument has side-effects. A contract search was performed and no vulnerable contracts were found in production. In particular, the raw_args variant of create_from_blueprint...
5.3CVSS
5.3AI Score
0.0004EPSS
silverstripe/framework is vulnerable to Denial Of Service (DoS). The vulnerability is due to missing XML size checks, which allows an attacker to significantly degrade the performance of the site through a Quadratic Blowup...
6.8AI Score
Easy Table of Contents < 2.0.66 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed PoC You should create new post with two more heading. Go to the settings of the plugin...
5.2AI Score
0.0004EPSS
Exploit for Deserialization of Untrusted Data in Solarwinds Orion Platform
CVE-2021-35215 SolarWinds Orion Platform ActionPluginBaseView...
8.9CVSS
8.9AI Score
0.121EPSS
Denial of service while parsing a tar file due to lack of folders count validation
Description: During some analysis today on npm's node-tar package I came across the folder creation process, Basicly if you provide node-tar with a path like this ./a/b/c/foo.txt it would create every folder and sub-folder here a, b and c until it reaches the last folder to create foo.txt, In-this....
6.5CVSS
6.5AI Score
0.0004EPSS
Exploit for Improper Handling of Exceptional Conditions in Google Android
CVE-2021-0928, writeToParcel/createFromParcel serialization...
8.2AI Score
Exploit for Use of Externally-Controlled Format String in Asus Rt-Ac86U Firmware
CVE-2023-35086-POC July 25 2023, Altin (tin-z),...
7.2CVSS
9.3AI Score
0.002EPSS
Exploit for Improper Control of Dynamically-Managed Code Resources in Apache Solr
Apache-Solr-RCE_CVE-2023-50386_POC Apache Solr Backup/Restore...
8.8CVSS
8.8AI Score
0.871EPSS
Spring Framework vulnerable to denial of service
In Spring Framework versions prior to 5.2.24.release+ , 5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial-of-service (DoS)...
6.5CVSS
6.2AI Score
0.003EPSS
Use-of-uninitialized-value in do_callout_jit
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68365 Crash type: Use-of-uninitialized-value Crash state: do_callout_jit...
7.2AI Score
ASP.NET Core is vulnerable to Denial of Service (DoS). The vulnerability occurs when an attacker cancels a HTTP requests made to ASP.NET Core running on an IIS In Process hosting model, which may cause an increase in thread counts, potentially leading to an OutOfMemoryException, which results in...
8.2CVSS
6.9AI Score
0.001EPSS
In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for...
6.5AI Score
0.0004EPSS
ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability
Impact There is a vulnerability in Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability. References CVE-2024-35255 Patches https://github.com/traefik/traefik/releases/tag/v2.11.5 https://github.com/traefik/traefik/releases/tag/v3.0.3 Workarounds No...
5.5CVSS
7.1AI Score
0.0004EPSS
read&write private files of apps without any permission
In multiple locations, there is a possible way to access screenshots due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
3.3CVSS
6.5AI Score
0.0004EPSS