Gov: Security Vulnerabilities
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
CVSS Score
3.7
EPSS Score
0.002
Published
2021-06-12
The COVIDSafe (Australia) app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufacturer data that is too short. This occurs because of an erroneous OpenTrace manuData.subdata call. The ABTraceTogether (Alberta), ProteGO (Poland), and TraceTogether (Singapore) apps were also affected.
CVSS Score
6.5
EPSS Score
0.022
Published
2020-05-14
HM Courts & Tribunals ccd-data-store-api before 2019-06-10 allows SQL injection, related to SearchQueryFactoryOperation.java and SortDirection.java.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-26