Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft
follina (POC) All about CVE-2022-30190, aka follina, that is...
8.2AI Score
Grafana XSS via adding a link in General feature
Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for...
6.1CVSS
6.1AI Score
0.001EPSS
Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor (IBM X-Force ID: 294242). Vulnerability Details ** IBM X-Force ID: 294242 DESCRIPTION: **Node.js Axios module is vulnerable to a denial of service, caused by a prototype pollution.....
7.8AI Score
Socomec DIRIS A-40 Devices Password Disclosure
Socomec DIRIS A-40 devices before 48250501 are susceptible to a password disclosure vulnerability in the web interface that could allow remote attackers to get full access to a device via the /password.jsn...
9.8CVSS
9.4AI Score
0.124EPSS
Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft
POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina...
7.8CVSS
8.5AI Score
0.961EPSS
Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft
MS-MSDT-Office-RCE-Follina CVE-2022-30190 | MS-MSDT Follina...
8.2AI Score
Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft
FOLLINA-CVE-2022-30190 Implementation of...
7.8CVSS
8.4AI Score
0.961EPSS
Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft
$ gollina -h gollina Follina MS-MSDT 0-day MS Of...
8.2AI Score
Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft
Follina CVE-2022-30190 Sample Educational Follina Tool...
7.8CVSS
8.6AI Score
0.961EPSS
The Postgres implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw. An attacker with access to the VM where the Brocade SANnav is installed can gain access to sensitive data inside the Postgres...
6.8AI Score
0.0004EPSS
A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions v7.4.1.x and v7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described in the Product...
5.5CVSS
5.3AI Score
0.0004EPSS
Firefly III has a MFA bypass in oauth flow
Impact A MFA bypass in the Firefly III OAuth flow may allow malicious users to bypass the MFA-check. This allows malicious users to use password spraying to gain access to your Firefly III data using passwords stolen from other sources. As OAuth applications are easily enumerable using an...
5.9CVSS
7.2AI Score
0.0004EPSS
Firefly III has a MFA bypass in oauth flow
Impact A MFA bypass in the Firefly III OAuth flow may allow malicious users to bypass the MFA-check. This allows malicious users to use password spraying to gain access to your Firefly III data using passwords stolen from other sources. As OAuth applications are easily enumerable using an...
5.9CVSS
7.2AI Score
0.0004EPSS
CrateDB has a Client initialized Session-Renegotiation DoS
Summary Client-Initiated TLS Renegotiation Denial of Service (DoS) Vulnerability at Port 4200 Details A high-risk vulnerability has been identified where the TLS endpoint (port 4200) permits client-initiated renegotiation. In this scenario, an attacker can exploit this feature to repeatedly...
5.3CVSS
6.9AI Score
0.0004EPSS
go-grpc-compression has a zstd decompression bombing vulnerability
Impact A malicious user could cause a denial of service (DoS) when using a specially crafted gRPC request. The decompression mechanism for zstd did not respect the limits imposed by gRPC, allowing rapid memory usage increases. Versions v1.1.4 through to v1.2.2 made use of the Decoder.DecodeAll...
8.2CVSS
6.8AI Score
0.001EPSS
AMD SPI Lock Bypass June 2024 Security Update
AMD has informed HP of a potential weakness in AMD SPI protection features, which might allow arbitrary code execution. AMD is releasing firmware updates and HP is enabling AMD ROM Armor to mitigate these vulnerabilities. AMD has released updates to mitigate the potential vulnerability. HP has...
8.2CVSS
8AI Score
0.0004EPSS
go-grpc-compression has a zstd decompression bombing vulnerability
Impact A malicious user could cause a denial of service (DoS) when using a specially crafted gRPC request. The decompression mechanism for zstd did not respect the limits imposed by gRPC, allowing rapid memory usage increases. Versions v1.1.4 through to v1.2.2 made use of the Decoder.DecodeAll...
8.2CVSS
6.8AI Score
0.001EPSS
6.1CVSS
5.5AI Score
0.001EPSS
Broadcom Advises Urgent Patch for Severe VMware vCenter Server Vulnerabilities
Critical security vulnerabilities (CVE-2024-37079, CVE-2024-37080, CVE-2024-37081) found in VMware vCenter Server! Patch immediately to safeguard virtual environments from remote code execution & privilege escalation...
9.8CVSS
8.3AI Score
0.0004EPSS
Stakater Forecastle has a directory traversal vulnerability
Stakater Forecastle 1.0.139 and before allows %5C../ directory traversal in the website...
6.5AI Score
EPSS
AMD Processors February 2024 Security Updates
AMD has informed HP of potential vulnerabilities identified in client platform firmware for some AMD processors, which might allow escalation of privilege, arbitrary code execution, denial of service, and/or information disclosure. AMD is releasing firmware updates to mitigate these...
7.9AI Score
EPSS
kubevirt allows a local attacker to execute arbitrary code via a crafted command in...
7.2AI Score
0.0004EPSS
company-registration-latvia.lv Cross Site Scripting vulnerability OBB-3897953
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Cluster Monitoring Operator contains a credentials leak
A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull...
7.7CVSS
6.8AI Score
0.0004EPSS
Mattermost leaks details of AD/LDAP groups of a teams
Mattermost fails to properly authorize the requests fetching team associated AD/LDAP groups, allowing a user to fetch details of AD/LDAP groups of a team that they are not a member...
4.3CVSS
7AI Score
0.0004EPSS
Apache Submarine Server Core has a SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: all versions. As this project is retired, we do not plan to release a version that fixes this issue. Users are...
7.5AI Score
0.0004EPSS
Composer has a command injection via malicious git branch name
Impact The status, reinstall and remove commands with packages installed from source via git containing specially crafted branch names in the repository can be used to execute code. Patches 2.2.24 for 2.2 LTS or 2.7.7 for mainline Workarounds Avoid installing dependencies via git by using...
8.8CVSS
7.3AI Score
0.0004EPSS
Eclipse Vert.x vulnerable to a memory leak in TCP servers
A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading.....
5.4CVSS
6.6AI Score
0.0004EPSS
A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. This flaw allows an authenticated local attacker to access information outside of their...
5.5CVSS
5.2AI Score
0.0004EPSS
Composer has a command injection via malicious git branch name
Impact The status, reinstall and remove commands with packages installed from source via git containing specially crafted branch names in the repository can be used to execute code. Patches 2.2.24 for 2.2 LTS or 2.7.7 for mainline Workarounds Avoid installing dependencies via git by using...
8.8CVSS
7.6AI Score
0.0004EPSS
Tornado has a CRLF injection in CurlAsyncHTTPClient headers
Summary Tornado’s curl_httpclient.CurlAsyncHTTPClient class is vulnerable to CRLF (carriage return/line feed) injection in the request headers. Details When an HTTP request is sent using CurlAsyncHTTPClient, Tornado does not reject carriage return (\r) or line feed (\n) characters in the request...
7.5AI Score
Eclipse Vert.x vulnerable to a memory leak in TCP servers
A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading.....
5.4CVSS
6.9AI Score
0.0004EPSS
Relevanssi (A Better Search) <= 4.22.0 - Query Log Export
The Relevanssi Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in all versions up to, and including, 4.22.0. This makes it possible for unauthenticated attackers to export the query log...
5.3CVSS
6.6AI Score
0.001EPSS
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document
Impact In DSpace 7.0 through 7.6.1, when an HTML, XML or JavaScript Bitstream is downloaded, the user's browser may execute any embedded JavaScript. If that embedded JavaScript is malicious, there is a risk of an XSS attack. This attack may only be initialized by a user who already has Submitter...
2.6CVSS
3.2AI Score
0.0004EPSS
Apache Submarine Commons Utils has a hard-coded secret
Improper Authentication vulnerability in Apache Submarine Commons Utils. This issue affects Apache Submarine Commons Utils: from 0.8.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the...
6.8AI Score
0.0004EPSS
Apache Submarine Server Core has a SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: all versions. As this project is retired, we do not plan to release a version that fixes this issue. Users are...
7.5AI Score
0.0004EPSS
Apache Submarine Commons Utils has a hard-coded secret
Improper Authentication vulnerability in Apache Submarine Commons Utils. This issue affects Apache Submarine Commons Utils: from 0.8.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the...
6.8AI Score
0.0004EPSS
CVE-2024-2882 Missing Authorization in SDG Technologies PnPSCADA
SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring system authentication. This breach could potentially lead to unauthorized control, data manipulation, and access to sensitive information within the SCADA...
0.0004EPSS
There was a problem validating the profile: Repository not found.
The 'Repository Not found' issue can happen in multiple scenarios. Most of the cases are due to repository...
7.1AI Score
Conform contains a Prototype Pollution Vulnerability in `parseWith...` function
Summary Conform allows the parsing of nested objects in the form of object.property. Due to an improper implementation of this feature, an attacker can exploit it to trigger prototype pollution by passing a crafted input to parseWith... functions. PoC ```javascript const { parseWithZod } =...
8.6CVSS
8.5AI Score
0.0004EPSS
Conform contains a Prototype Pollution Vulnerability in `parseWith...` function
Summary Conform allows the parsing of nested objects in the form of object.property. Due to an improper implementation of this feature, an attacker can exploit it to trigger prototype pollution by passing a crafted input to parseWith... functions. PoC ```javascript const { parseWithZod } =...
8.6CVSS
8.5AI Score
0.0004EPSS
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document
Impact In DSpace 7.0 through 7.6.1, when an HTML, XML or JavaScript Bitstream is downloaded, the user's browser may execute any embedded JavaScript. If that embedded JavaScript is malicious, there is a risk of an XSS attack. This attack may only be initialized by a user who already has Submitter...
2.6CVSS
3.2AI Score
0.0004EPSS
Missing permission check when removing a photo from an album
Description Impact Users can remove photos from the album of registered users Patches It is recommended that the Nextcloud Server is upgraded to 25.0.7 or 26.0.2 It is recommended that the Nextcloud Enterprise Server is upgraded to 25.0.7 or 26.0.2 Workarounds No workaround available References ...
3.5CVSS
6.6AI Score
0.0004EPSS
Ecto lacks a protection mechanism
Ecto 2.2.0 lacks a certain protection mechanism associated with the interaction between is_nil and...
9.8CVSS
3.3AI Score
0.001EPSS
Exploit for Use of a Broken or Risky Cryptographic Algorithm in Vmware Aria Operations For Networks
CVE-2023-34039 POC for CVE-2023-34039 VMWare Aria Operations...
9.8CVSS
7.3AI Score
0.945EPSS
Malicious code in @juiggitea/nostrum-a-molestias (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (99199280fb22a96400c7c5464e90c6b2e70428de874fbab885afd7e999d0de09) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7AI Score
pgAdmin is affected by a multi-factor authentication bypass vulnerability
pgAdmin <= 8.5 is affected by a multi-factor authentication bypass vulnerability. This vulnerability allows an attacker with knowledge of a legitimate account’s username and password may authenticate to the application and perform sensitive actions within the application, such as managing files....
7.4CVSS
8AI Score
0.0004EPSS
pgAdmin is affected by a multi-factor authentication bypass vulnerability
pgAdmin <= 8.5 is affected by a multi-factor authentication bypass vulnerability. This vulnerability allows an attacker with knowledge of a legitimate account’s username and password may authenticate to the application and perform sensitive actions within the application, such as managing files....
7.4CVSS
7.7AI Score
0.0004EPSS
h3. Issue Summary This is reproducible on Data Center: {}YES{}. h3. Steps to Reproduce h4. Steps on Bulldog: # Sign in as a user with all of these permissions: {}Can Use, Personal Space, Create Space(s), Confluence Administrator (optional), System Administrator{}. Note that this use should not be.....
6.6AI Score
Mattermost crashes web clients via a malformed custom status
Mattermost versions 9.6.0, 9.5.x before 9.5.3, 9.4.x before 9.4.5, and 8.1.x before 8.1.12 fail to handle JSON parsing errors in custom status values, which allows an authenticated attacker to crash other users' web clients via a malformed custom...
4.3CVSS
4.5AI Score
0.0004EPSS