19 matches found
Protection Mechanism Failure
Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Protection Mechanism Failure through the NodeVM builtin wildcard expansion in lib/builtin.js. An attacker can load Node’s private...
Incorrect Authorization
Overview nocodb is a NocoDB Affected versions of this package are vulnerable to Incorrect Authorization via the OAuthTokenStrategy in the authentication component. An attacker can access endpoints reserved for other token types or privileged users by presenting an OAuth token to routes that accep...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error via the establishproxyconnection function. An attacker can corrupt stack memory by sending a specially crafted HTTP proxy response line of 1023 or more bytes without a newline terminator, potentially leading to...
Improper Validation of Syntactic Correctness of Input
Overview org.apache.tomcat:coyote is a maven plugin for Tomcat Connectors and HTTP parser. Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the processing of HTTP/2 request headers. An attacker can cause unexpected behavior or potentiall...
Origin Validation Error
Overview org.webjars.npm:thrift is a lightweight, language-independent software stack with an associated code generation mechanism for point-to-point RPC. Affected versions of this package are vulnerable to Origin Validation Error in the webserver.js component. An attacker can access unauthorized...
Use of a Broken or Risky Cryptographic Algorithm
Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the cryptographic algorithm implementation. An attacker can compromise the confidentiality of sensitive information by exploiting weak or insufficient cryptographic algorithms...
Stack-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the profiling.sampling module of asyncio introspection capabilities feature when a privileged process connects to a malicious process via the remote debugging tool. An attacker can read and write memory...
Deserialization of Untrusted Data
Overview praisonai is a PraisonAI TypeScript AI Agents Framework - Node.js, npm, and Javascript AI Agents Framework Affected versions of this package are vulnerable to Deserialization of Untrusted Data through the YAML deserialization in the loadAgentFromFile function. An attacker can execute...
Missing Authorization
Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Missing Authorization in the select-usb-device event callback, which did not validate the chosen device ID...
Incorrect Authorization
Overview @openclaw/matrix is an OpenClaw Matrix channel plugin Affected versions of this package are vulnerable to Incorrect Authorization in the process that fetches thread root and reply context, which bypasses the sender allowlist. An attacker can gain unauthorized access to message threads by...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function through the WebSocket message handler in kernel/server/serve.go. An attacker can crash the kernel process and disrupt service availability by sending malformed JSON over an unauthenticated...
Authorization Bypass Through User-Controlled Key
Overview craftcms/commerce is a Craft Commerce Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the number parameter in the cart loading process. An attacker can gain unauthorized access to and modify another user's shopping cart by...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ttvarloaditemvariationstore function when processing HVAR, VVAR, or MVAR tables in OpenType variable fonts. An attacker can access sensitive information or cause a crash by enticing a user to open a specially...
Allocation of Resources Without Limits or Throttling
Overview io.undertow:undertow-core is a Java web server based on non-blocking IO. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the getParameterNames function. An attacker can cause an OutOfMemoryError by sending requests with...
Uncontrolled Recursion
Overview org.webjars.npm:node-forge is a WebJar for node-forge. Affected versions of this package are vulnerable to Uncontrolled Recursion via the fromDer function in asn1.js, which lacks recursion depth. An attacker can cause stack exhaustion and disrupt service availability by submitting...
Integer Overflow to Buffer Overflow
Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow via the PSD Image Decoding functionality. An attacker can execute arbitrary code by supplying a specially crafted .psd file that triggers an integer overflow during stride calculation, leading to a...
Expired Pointer Dereference
Overview Affected versions of this package are vulnerable to Expired Pointer Dereference in the parsing process of xsl nodes. An attacker can cause the application to crash by triggering the dereference of expired pointers after memory has been freed. Remediation A fix was pushed into the master...
Improper Handling of Unicode Encoding
Overview Affected versions of this package are vulnerable to Improper Handling of Unicode Encoding via the command line argument processing. An attacker can manipulate command line inputs to inject unintended arguments or traverse directories by providing malicious filenames containing Unicode...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to the improper handling of objects in memory by the std::sharedcount function. An attacker can cause a denial of service by crafting a malicious input. PoC c git clone https://github.com/qpdf/qpdf cd qpdf...