20 matches found
GO-2026-4848 Vikjuna: Link Share Hash Disclosure via ReadAll Endpoint Enables Permission Escalation in code.vikunja.io/api
Vikjuna: Link Share Hash Disclosure via ReadAll Endpoint Enables Permission Escalation in code.vikunja.io/api. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports fr...
EUVD-2026-14925
Vikjuna: Link Share Hash Disclosure via ReadAll Endpoint Enables Permission Escalation...
CVE-2026-33680
Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.2, the LinkSharing.ReadAll method allows link share authenticated users to list all link shares for a project, including their secret hashes. While LinkSharing.CanRead correctly blocks link share users from readi...
EUVD-2022-7121
Malicious code in bioql PyPI...
BIT-ETCD-2020-15112 Improper Input Validation in etcd
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...
etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic
Vulnerability type Data Validation Detail In the ReadAll method in wal/wal.go, it is possible to have an entry index greater then the number of entries. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...
GHSA-M332-53R6-2W93 etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic
Vulnerability type Data Validation Detail In the ReadAll method in wal/wal.go, it is possible to have an entry index greater then the number of entries. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...
Denial Of Service (DoS)
etcd is vulnerable to denial of service DoS. It does not handle the case when an entry index is greater then the number of entries in the ReadAll method in wal/wal.go, leading to issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant and causing a runti...
etcd: DoS in wal/wal.go
A flaw was found in etcd, where it is possible to have an entry index greater than the number of entries in the ReadAll method in wal/wal.go. This can cause issues when WAL entries are being read during consensus, as an arbitrary etcd consensus participant can go down from a runtime panic when...
CVE-2020-15112
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...
DEBIAN-CVE-2020-15112
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...
CVE-2020-15112
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...
CVE-2020-15112
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...
CVE-2020-15112
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...
UBUNTU-CVE-2020-15112
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...
CVE-2020-15112 Improper Input Validation in etcd
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...
CVE-2020-15112
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...
PT-2020-14194 · Etcd +4 · Etcd +4
Name of the Vulnerable Software and Affected Versions: etcd versions 3.3.0 through 3.3.22 etcd versions 3.4.0 through 3.4.9 Description: The issue is related to data validation in the ReadAll method in wal/wal.go, where it is possible to have an entry index greater than the number of entries. Thi...
PT-2020-14189 · Etcd +4 · Etcd +4
Name of the Vulnerable Software and Affected Versions: etcd versions 3.3.0 through 3.3.22 etcd versions 3.4.0 through 3.4.9 Description: The issue is related to a lack of validation on the size of a record stored in the length field of a WAL file. This allows for the creation of a forged, extreme...
iisCart2000 Arbitrary File Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7765/info A vulnerability has been reported for iisCart2000 that may result in an attacker uploading arbitrary files to a vulnerable server. The vulnerability exists in the upload.asp script. This will allow an attacker t...