Vehicle Service Management System 1.0 - Cross Site Scripting
Vehicle Service Management System 1.0 contains a cross-site scripting vulnerability via the User List section in login...
4.8CVSS
4.9AI Score
0.001EPSS
Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "_html", a :default key which contains untrusted user input, and...
6.1CVSS
6.1AI Score
0.0004EPSS
CVE-2022-36946 Reported-by: Domingo Dirutigliano and Nicola...
7.5CVSS
8AI Score
0.009EPSS
Malicious code in test-npm-lifecycle (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (99c322c4be83c0549ab734e2734189fe33df9d7c33db8b463fc1826a47bcb2dc) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7AI Score
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following blk_mq_get_driver_tag() in case of getting driver tag failure. Then in __sbitmap_queue_wake_up(),...
7.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize We observed a corruption during on-line resize of a file system that is larger than 16 TiB with 4k block size. With having more then 2^32 blocks resize_inode is turned off by default by...
6.6AI Score
0.0004EPSS
Malicious code in xo-page-test-components (npm)
-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (11d1c570ca1f162deccd278919172fec0695d65f640b2365daebdc2dfa0d998d) The OpenSSF Package Analysis project identified 'xo-page-test-components' @ 99.2.9 (npm) as malicious. It is considered malicious because: The...
7.1AI Score
Exploit for Code Injection in Vmware Spring Framework
Spring Core RCE - CVE-2022-22965 After Spring Cloud, on...
-0.2AI Score
Jenkins Active Directory Plugin 2.30 and earlier ignores the "Require TLS" and "StartTls" options and always performs the connection test to Active directory unencrypted, allowing attackers able to capture network traffic between the Jenkins controller and Active Directory servers to obtain Active....
5.9CVSS
6.9AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following blk_mq_get_driver_tag() in case of getting driver tag failure. Then in __sbitmap_queue_wake_up(),...
6AI Score
0.0004EPSS
7.3AI Score
0.0004EPSS
Jenkins JUnit Plugin 1159.v0b_396e1e07dd and earlier converts HTTP(S) URLs in test report output to clickable links in an unsafe manner, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure...
5.4CVSS
5.2AI Score
0.001EPSS
Sophos Mobile managed on-premises - XML External Entity Injection
An XML External Entity (XXE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and...
9.8CVSS
9.8AI Score
0.368EPSS
h3. Issue Summary This is reproducible on Data Center: {}YES{}. h3. Steps to Reproduce h4. Steps on Bulldog: # Sign in as a user with all of these permissions: {}Can Use, Personal Space, Create Space(s), Confluence Administrator (optional), System Administrator{}. Note that this use should not be.....
6.6AI Score
A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack (clickjacking) and an HTML injection which disables the use of the history...
5.4CVSS
5.4AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms During the removal of the idxd driver, registered offline callback is invoked as part of the clean up process. However, on systems with only one CPU online, no valid...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ice: fix memory corruption bug with suspend and rebuild The ice driver would previously panic after suspend. This is caused from the driver only calling the ice_vsi_free_q_vectors() function by itself, when it is suspending....
7AI Score
0.0004EPSS
Artemis Java Test Sandbox versions before 1.11.2 are vulnerable to a sandbox escape when an attacker loads untrusted libraries using System.load or System.loadLibrary. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed...
8.2CVSS
8.6AI Score
0.0004EPSS
A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0...
7.5CVSS
7.4AI Score
0.019EPSS
A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against.....
7.5CVSS
7.4AI Score
0.001EPSS
Exploit for Improper Input Validation in Microsoft
CVE-2024-21413 - Expect Script POC Microsoft Outlook Leak...
9.8CVSS
10AI Score
0.006EPSS
Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed...
8.2CVSS
8.5AI Score
0.0004EPSS
CVE-2024-31771 TotalAV Arbitrary File Write TotalAV version...
7.2AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: ice: fix memory corruption bug with suspend and rebuild The ice driver would previously panic after suspend. This is caused from the driver only calling the ice_vsi_free_q_vectors() function by itself, when it is suspending. Since....
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix PPE hanging issue A patch to resolve an issue was found in MediaTek's GPL-licensed SDK: In the mtk_ppe_stop() function, the PPE scan mode is not disabled before disabling the PPE. This can...
6.5AI Score
0.0004EPSS
This exploit takes advantage of the StringSubstitutor interpolator class, which is included in the Commons Text library. A default interpolator allows for string lookups that can lead to Remote Code Execution. This is due to a logic flaw that makes the “script”, “dns” and “url” lookup keys...
9.8CVSS
10AI Score
0.972EPSS
Heap-buffer-overflow in Ins_JROF
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48547 Crash type: Heap-buffer-overflow READ 1 Crash state: Ins_JROF RunIns...
-0.3AI Score
Exploit for Deserialization of Untrusted Data in Apache Log4J
log4j-scan-turbo (Multi-threaded scanner) Test for the log4j...
10CVSS
10AI Score
0.976EPSS
Site Reviews < 7.0.0 - IP Spoofing
Description The plugin retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based blocking PoC Request sent to the server to add review: POST /wordpress/wp-admin/admin-ajax.php HTTP/1.1 Host: localhost:8888...
6.5AI Score
0.0004EPSS
cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in...
6.5CVSS
7AI Score
0.001EPSS
HashiCorp Consul/Consul Enterprise - Server-Side Request Forgery
HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11 are susceptible to server-side request forgery. When redirects are returned by HTTP health check endpoints, Consul follows these HTTP redirects by default. An attacker can possibly obtain sensitive information, modify data,...
7.5CVSS
7.6AI Score
0.02EPSS
Exploit for Release of Invalid Pointer or Reference in Linux Linux Kernel
Linux_LPE_io_uring_CVE-2021-41073 LPE exploit for...
7.8CVSS
7.8AI Score
0.0004EPSS
Operating System (OS) Detection (HTTP)
HTTP based OS detection from the HTTP/PHP banner or default test ...
7.4AI Score
Exploit for OS Command Injection in Cacti
Command injection vulnerability in Cacti (CVE-2023-39362) -...
7.2CVSS
8.1AI Score
0.016EPSS
[2.28-251.0.2.2] - Forward port of Oracle patches over 2.28-251.2 Reviewed-by: Jose E. Marchesi Oracle history: May-23-2024 Cupertino Miranda - 2.28-251.0.2.1 - Forward port of Oracle patches over 2.28-251.1 Reviewed-by: Jose E. Marchesi May-22-2024 Cupertino Miranda - 2.28-251.0.2 ...
7.2AI Score
0.0004EPSS
7.7AI Score
0.0004EPSS
Progress Software Corporation WhatsUp Gold AppProfileImport path traversal vulnerability
Talos Vulnerability Report TALOS-2024-1932 Progress Software Corporation WhatsUp Gold AppProfileImport path traversal vulnerability June 26, 2024 CVE Number CVE-2024-5017 SUMMARY A path traversal vulnerability exists in the AppProfileImport functionality of Progress Software Corporation WhatsUp...
6.5CVSS
6.6AI Score
0.0004EPSS
Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt brute-force attacks against the login page. Users should upgrade to v12.0 or later to receive a patch. As a workaround, users may install and configure a...
9.8CVSS
9.3AI Score
0.002EPSS
Exploit for Use After Free in Google Android
Bad Spin: Android Binder LPE Author: Moshe Kol Privilege...
7AI Score
Large RSA keys can cause high CPU usage in crypto/tls
Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...
5.3CVSS
7.1AI Score
0.001EPSS
.NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2023-35390: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their....
7.8CVSS
7.6AI Score
0.008EPSS
Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability
Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 and .NET 8.0 RC2. This advisory also provides guidance on what developers can do.....
9.8CVSS
6.7AI Score
0.001EPSS
[252-32.0.2] - Due to a new [Orabug: 36564551] filed on April 29 2024, reverting from back to - previous Tony Lam patch [Orabug: 25897792] until issue with [Orabug: 36564551] is resolved. - Re-Added 1001-Fix-missing-netdev-for-iscsi-entry-in-fstab.patch [Orabug: 25897792] - Removed the following,.....
5.9CVSS
7.7AI Score
0.001EPSS
Exploit for Code Injection in Crushftp
CVE-2024-4040 PoC Python exploit for CVE-2024-4040...
10CVSS
10AI Score
0.966EPSS
Exploit for Code Injection in Crushftp
CVE-2024-4040 SSTI & LFI PoC - Exploitation | CrushFTP This...
10CVSS
9.9AI Score
0.966EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
log4j-shell-poc A Proof-Of-Concept for the recently found...
8.6AI Score
In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix lockup on kernel exec fault The powerpc kernel is not prepared to handle exec faults from kernel. Especially, the function is_exec_fault() will return 'false' when an exec fault is taken by kernel, because the...
7.1AI Score
0.0004EPSS
The remote Windows host contains one or more versions of Apache JMeter, a Java-based application to test web application...
3.1AI Score
MeterSphere is a one-stop open source continuous testing platform, covering test management, interface testing, UI testing and performance testing. Versions prior to 2.5.1 allow users to upload a file, but do not validate the file name, which may lead to upload file to any path. The vulnerability.....
8.8CVSS
8.8AI Score
0.001EPSS
XStream 1.4.18 - Arbitrary Code Execution
XStream 1.4.18 is susceptible to remote code execution. An attacker can execute commands of the host by manipulating the processed input stream, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the...
8.5CVSS
8.9AI Score
0.274EPSS