Page 3 of 38531 results (0.031 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

The endpoint at POST /api/v1/twofaccounts/preview allows setting a remote URI to retrieve the image of a 2fa site. ... The combination of these two issues allows an attacker to retrieve URIs accessible from the application, as long as their content type is text based. ... Version 5.4.1 fixes the issues. 2FAuth es una aplicación web para administrar cuentas de autenticación de dos factores (2FA) y generar sus códigos de seguridad. Existen dos vulnerabilidades interconectadas en la versión 5.4.1: un problema de omisión de validación de SSRF y URI. ... La combinación de estos dos problemas permite a un atacante recuperar URI accesibles desde la aplicación, siempre que su tipo de contenido esté basado en texto. • https://github.com/Bubka/2FAuth/security/advisories/GHSA-xwxc-w7v3-2p4j • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

One of the accepted types of image is SVG, which allows JS scripting. ... Version 5.4.1 contains a patch for the issue. 2FAuth es una aplicación web para administrar cuentas de autenticación de dos factores (2FA) y generar sus códigos de seguridad. • https://github.com/Bubka/2FAuth/commit/93c508e118f483f3c93ac36e1f91face95af642d https://github.com/Bubka/2FAuth/security/advisories/GHSA-q5p4-6q4v-gqg3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

An issue in the Instructor Appointment Availability module of eSoft Planner 3.24.08271-USA allows attackers to cause a Denial of Service (DoS) via a crafted POST request. • https://github.com/esoft-planner-cve/esoft_planner_cve •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. ... This bug is trivial to exploit for a denial of service but is not certain to suffice to bring the system down and can generally not be exploited further because the exploitable buffer is dynamically allocated. • https://github.com/mbed-ce/mbed-os/blob/54e8693ef4ff7e025018094f290a1d5cf380941f/connectivity/FEATURE_BLE/libraries/cordio_stack/ble-host/sources/hci/dual_chip/hci_evt.c#L2748 https://github.com/mbed-ce/mbed-os/pull/386 •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet header. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the packet body determined earlier plus the header length. ... This may cause a buffer overflow of up to 65 KB . This bug is trivial to exploit for a denial of service but can generally not be exploited further because the exploitable buffer is dynamically allocated. • https://github.com/mbed-ce/mbed-os/blob/54e8693ef4ff7e025018094f290a1d5cf380941f/connectivity/FEATURE_BLE/libraries/cordio_stack/wsf/sources/port/baremetal/wsf_msg.c#L72 https://github.com/mbed-ce/mbed-os/pull/388 •