Lucene search
K
GithubMost viewed

33187 matches found

Github Security Blog
Github Security Blog
added 2020/05/28 6:42 p.m.98 views

Command injection in node-dns-sync

dns-sync through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input...

9.8CVSS4.4AI score0.0262EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2020/05/21 9:8 p.m.98 views

Code execution vulnerability in HtmlUnit

HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded in Android application, Android-specific initialization of Rhino engine is...

8.1CVSS8.2AI score0.04719EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2020/02/20 11:26 p.m.98 views

Denial of Service in uap-core when processing crafted User-Agent strings

Impact Some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTPS request to maliciously crafted long strings. Patches Please update uap-core to gt;=...

7.5CVSS0.02261EPSS
Exploits1References6Affected Software2
Github Security Blog
Github Security Blog
added 2020/02/11 9:3 p.m.98 views

SQL injection in Django

Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter. By passing a suitably crafted delimiter...

9.8CVSS2.8AI score0.65336EPSS
Exploits9References18Affected Software1
Github Security Blog
Github Security Blog
added 2024/03/15 12:30 p.m.98 views

SSRF vulnerability using the Aegis DataBinding in Apache CXF

A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings including the default databinding are not impacted...

9.3CVSS8.1AI score0.05849EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2023/10/26 8:53 p.m.97 views

browserify-sign upper bound check issue in `dsaVerify` leads to a signature forgery attack

Summary An upper bound check issue in dsaVerify function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. Details In dsaVerify function, it checks whether the value of the signature is legal by calling...

7.5CVSS6.7AI score0.00508EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
added 2023/10/10 6:23 p.m.97 views

github.com/nghttp2/nghttp2 has HTTP/2 Rapid Reset

Impact Rapidly creating and cancelling streams HEADERS frame immediately followed by RSTSTREAM without bound cause denial of service. See https://vulners.com/cve/CVE-2023-44487 for details. Patches nghttp2 v1.57.0 mitigates this vulnerability by default. Workarounds If upgrading to nghttp2 v1.57....

7.5CVSS6.8AI score0.99999EPSS
Exploits19References4Affected Software1
Github Security Blog
Github Security Blog
added 2023/01/09 12:30 p.m.97 views

debug Inefficient Regular Expression Complexity vulnerability

A vulnerability classified as problematic has been found in debug-js debug up to 3.0.x. This affects the function useColors of the file src/node.js. The manipulation of the argument str leads to inefficient regular expression complexity. Upgrading to version 3.1.0 is able to address this issue. T...

7.5CVSS7.4AI score0.02046EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2022/04/13 12:0 a.m.97 views

Path Traversal in Grunt

Grunt prior to version 1.5.2 is vulnerable to path traversal...

7.1CVSS3.2AI score0.00571EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blog
added 2022/01/21 11:35 p.m.97 views

Denial of service in CBOR library

Impact Due to this library's use of an inefficient algorithm, it is vulnerable to a denial of service attack when a maliciously crafted input is passed to DecodeFromBytes or other CBOR decoding mechanisms in this library. Affected versions include versions 4.0.0 through 4.5.0. This vulnerability...

7.5CVSS3.2AI score0.01061EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/08/02 4:55 p.m.97 views

Improper Handling of Length Parameter Inconsistency in Compress

When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' sevenz package...

7.5CVSS7.3AI score0.12697EPSS
Exploits0References20Affected Software1
Github Security Blog
Github Security Blog
added 2021/07/02 7:19 p.m.97 views

A user without PR can reset user authentication failures information

Impact The script service method used to reset the authentication failures record can be executed by any user with Script rights and does not require Programming rights as it should have. Note that being able to reset the authentication failure record mean that an attacker with script right might...

5.5CVSS0.2AI score0.00499EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/07/01 5:0 p.m.97 views

Open Redirect in github.com/AndrewBurian/powermux

Impact Attackers may be able to craft phishing links and other open redirects by exploiting the trailing slash redirection feature. This may lead to users being redirected to untrusted sites after following an attacker crafted link. Patches The issue is resolved in v1.1.1 Workarounds There are no...

6.1CVSS0.6AI score0.00606EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2021/06/23 5:29 p.m.97 views

XML Processing error in github.com/crewjam/saml

Impact There are three vulnerabilities in the go encoding/xml package that can allow an attacker to forge part of a signed XML document. For details on this vulnerability see xml-roundtrip-validator Patches In version 0.4.3, all XML input is validated prior to being parsed...

10CVSS9AI score0.04872EPSS
Exploits1References11Affected Software1
Github Security Blog
Github Security Blog
added 2021/06/18 6:32 p.m.97 views

Cross-site scripting in Contentful

Contentful through 2020-05-21 for Python allows reflected XSS, as demonstrated by the api parameter to the-example-app.py...

6.1CVSS2.7AI score0.0249EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2020/09/03 5:15 p.m.97 views

Path Traversal in restify-swagger-jsdoc

Versions of restify-swagger-jsdoc prior to 3.2.1 are vulnerable to Path Traversal. The package fails to properly sanitize URLs, which may allow attackers to access server files outside the swagger-ui folder by using relative paths. Recommendation Upgrade to version 3.2.1 or later...

4.6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2018/10/19 4:54 p.m.97 views

Moderate severity vulnerability that affects io.undertow:undertow-core

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS...

7.5CVSS3.2AI score0.03662EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/23 9:43 p.m.96 views

OpenTelemetry dotnet: Excessive memory allocation when parsing OpenTelemetry propagation headers

Summary The implementation details of the baggage, B3 and Jaeger processing code in the OpenTelemetry.Api and OpenTelemetry.Extensions.Propagators NuGet packages can allocate excessive memory when parsing which could create a potential denial of service DoS in the consuming application. Details...

5.3CVSS5.8AI score0.00458EPSS
Exploits0References10Affected Software2
Github Security Blog
Github Security Blog
added 2023/09/28 6:30 a.m.96 views

quill-mention Cross-site Scripting vulnerability

Versions of the package quill-mention before 4.0.0 are vulnerable to Cross-site Scripting XSS due to improper user-input sanitization, via the renderList function. Note: If the mentions list is sourced from unsafe user-sourced data, this might allow an injection attack when a Quill user hits @...

6.1CVSS6.5AI score0.0057EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
added 2023/03/30 6:30 a.m.96 views

angular vulnerable to regular expression denial of service via the angular.copy() utility

All versions of the package angular are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic...

5.3CVSS7.2AI score0.01695EPSS
Exploits1References10Affected Software1
Github Security Blog
Github Security Blog
added 2021/10/19 8:15 p.m.96 views

Policies not properly enforced in OWASP Java HTML Sanitizer

The OWASP Java HTML Sanitizer before 20211018.1 does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements...

9.8CVSS0.7AI score0.02844EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2021/09/09 5:11 p.m.96 views

Bzip2Decoder doesn't allow setting size restrictions for decompressed data

Impact The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during decompression. All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack Workarounds No...

7.5CVSS8.1AI score0.05651EPSS
Exploits0References19Affected Software3
Github Security Blog
Github Security Blog
added 2021/05/24 6:12 p.m.96 views

Dependency Confusion in Bundler

Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.17 sometimes chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen, even if the intended choice was a private gem that is a dependency of another private gem that...

9.3CVSS8.3AI score0.06307EPSS
Exploits1References12Affected Software1
Github Security Blog
Github Security Blog
added 2020/12/02 6:28 p.m.96 views

Inappropriate implementation in V8

CVE-2020-16009: Inappropriate implementation in V8 - https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.html - https://vulners.com/cve/CVE-2020-16009 Google is aware of reports that exploits for CVE-2020-16009 exist in the wild. Allowed a remote attacker to potentiall...

8.8CVSS1.2AI score0.48574EPSS
Exploits3References12Affected Software4
Github Security Blog
Github Security Blog
added 2020/06/05 4:13 p.m.96 views

Directory traversal attack in Spring Cloud Config

Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted UR...

7.5CVSS5AI score0.95586EPSS
Exploits3References4Affected Software1
Github Security Blog
Github Security Blog
added 2020/05/28 9:10 p.m.96 views

Cross-Site Scripting in Kaminari

Impact In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1. Releases The 1.2.1 gem including the patch has already been released. All past released versions are affected by this...

6.4CVSS2.3AI score0.01508EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
added 2020/04/01 3:47 p.m.96 views

XSS in knockout

There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it...

6.1CVSS2.9AI score0.01988EPSS
Exploits1References11Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/10 6:31 p.m.95 views

Envoy's global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly

Summary At the rate limit filter, if we enabled the response phase limit with applyonstreamdone in the rate limit configuration and the response phase limit request fails directly, it may crash Envoy. Details When both the request phase limit and response phase limit are enabled, the safe gRPC...

7.5CVSS5.8AI score0.00315EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/02/19 8:28 p.m.95 views

Prototype pollution in swiper

Summary A prototype pollution vulnerability exists in the the npm package swiper =6.5.1, -1; let obj = ; var maliciouspayload = '"proto":"polluted":"yes"'; console.log.polluted; swiper.default.extendDefaultsJSON.parsemaliciouspayload; console.log.polluted; // prints yes - indicating that the patc...

9.4CVSS6.3AI score0.00397EPSS
Exploits2References5Affected Software1
Github Security Blog
Github Security Blog
added 2023/04/07 8:35 p.m.95 views

vm2 vulnerable to sandbox escape

vm2 was not properly handling host objects passed to Error.prepareStackTrace in case of unhandled async errors. - vm2 version: 3.9.14 - Node version: 18.15.0, 19.8.1, 17.9.1 Impact A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the...

10CVSS9.7AI score0.63186EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2023/02/24 6:48 p.m.95 views

Sequelize - Default support for “raw attributes” when using parentheses

Impact Sequelize 6.28.2 and prior has a dangerous feature where using parentheses in the attribute option would make Sequelize use the string as-is in the SQL ts User.findAll attributes: 'countid', 'count' ; Produced sql SELECT countid AS "count" FROM "users" Patches This feature was deprecated i...

10CVSS8.8AI score0.00831EPSS
Exploits0References9Affected Software2
Github Security Blog
Github Security Blog
added 2023/02/15 5:42 p.m.95 views

Denial of service vulnerability when parsing multipart request body

Summary The request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. Details The multipart body parser processes an unlimited number of file parts. The multipart body parser processes an unlimited number of field parts. Impact...

7.5CVSS7.4AI score0.01004EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/03/30 12:0 a.m.95 views

Firebase PHP-JWT key/algorithm type confusion

In Firebase PHP-JWT before 6.0.0, an algorithm-confusion issue e.g., RS256 / HS256 exists via the kid aka Key ID header, when multiple types of keys are loaded in a key ring. This allows an attacker to forge tokens that validate under the incorrect key. NOTE: this provides a straightforward way t...

9.1CVSS2.4AI score0.00777EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/09 10:51 p.m.95 views

Remote code execution in Apache Struts

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution...

9.8CVSS9.4AI score0.95922EPSS
Exploits11References14Affected Software1
Github Security Blog
Github Security Blog
added 2021/07/02 7:19 p.m.95 views

The reset password form reveal users email address

Impact The reset password form reveals the email address of users just by giving their username. Patches The problem has been patched on XWiki 13.2RC1. Workarounds It's possible to manually modify the resetpasswordinline.vm to perform the changes made in...

5.3CVSS0.5AI score0.01199EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2021/07/02 6:36 p.m.95 views

XXE vulnerability in Jenkins Selenium HTML report Plugin

Jenkins Selenium HTML report Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with the ability to control the report files parsed using this plugin to have Jenkins parse a crafted report file that uses external entities for...

4.3CVSS4.9AI score0.42521EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2021/05/18 9:7 p.m.95 views

Podman Origin Validation Error

Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. This issue affects Podman versions from 1.8.0...

5.9CVSS6.1AI score0.01105EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
added 2020/11/04 6:23 p.m.95 views

Remote Code Execution in Apache Synapse

In Apache Synapse, by default no authentication is required for Java Remote Method Invocation RMI. So Apache Synapse 3.0.1 or all previous releases 3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1 allows remote code execution attacks that can be performed by injecting specially crafted serialized objects...

9.8CVSS6.5AI score0.17741EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
added 2020/10/06 6:21 p.m.95 views

Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request

Impact Information Disclosure When the GET method is attacked, attackers can read files which have a .data suffix and which are accompanied by a JSON file with the .meta suffix. This can lead to Information Disclosure and in some shared-hosting scenarios also to circumvention of authentication or...

4CVSS1.4AI score0.01489EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2020/08/05 2:53 p.m.95 views

Code execution in Spring Integration

Spring Integration framework provides Kryo Codec implementations as an alternative for Java deserialization. When Kryo is configured with default options, all unregistered classes are resolved on demand. This leads to the "deserialization gadgets" exploit when provided data contains malicious cod...

9.8CVSS4.1AI score0.04409EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
added 2020/05/27 9:9 p.m.95 views

Exposure of Sensitive Information to an Unauthorized Actor in AEgir

Impact aegir publish and aegir build may leak secrets from environmental variables in the browser bundle published to npm. Patches The code has been patched, users should upgrade to = 21.10.1 Workarounds Run printenv to check your environment variables and revoke any secrets. For more information...

9.6CVSS4.2AI score0.0112EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/05 8:29 p.m.94 views

TinyMCE Cross-Site Scripting (XSS) vulnerability through `mce:protected` comments

Impact Stored XSS vulnerability via forged mce:protected comments. Allows attackers to bypass sanitization and inject scripts that execute when content is restored. Impacts users who utilize the protect option. Patches Patched by validating decoded mce:protected content against configured protect...

8.7CVSS5.5AI score0.00238EPSS
Exploits0References5Affected Software2
Github Security Blog
Github Security Blog
added 2024/10/14 8:55 p.m.94 views

Keycloak has Vulnerable Redirect URI Validation Results in Open Redirect

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost/ or http://127.0.0.1/, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS6.2AI score0.01959EPSS
Exploits0References21Affected Software1
Github Security Blog
Github Security Blog
added 2024/07/15 3:30 a.m.94 views

setuptools vulnerable to Command Injection via package URL

A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code...

8.8CVSS9.2AI score0.01939EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2024/03/18 8:38 p.m.94 views

Duplicate Advisory: Use-after-free in libxml2 via Nokogiri::XML::Reader

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xc9x-jj77-9p9j. This link is maintained to preserve external references. Original Description Summary Nokogiri upgrades its dependency libxml2 as follows: - v1.15.6 upgrades libxml2 to 2.11.7 from 2.11.6 - v1.16...

7.5CVSS7.9AI score0.01364EPSS
Exploits3References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/04/20 12:0 a.m.94 views

Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector

A vulnerability was identified in Consul and Consul Enterprise “Consul” such that HTTP health check endpoints returning an HTTP redirect may be abused as a vector for server-side request forgery SSRF. This vulnerability, CVE-2022-29153, was fixed in Consul 1.9.17, 1.10.10, and 1.11.5...

7.5CVSS7.3AI score0.08912EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2022/01/27 4:24 p.m.94 views

SSRF vulnerability in jupyter-server-proxy

Impact What kind of vulnerability is it? Server-Side Request Forgery SSRF Who is impacted? Any user deploying Jupyter Server or Notebook with jupyter-proxy-server extension enabled. A lack of input validation allowed authenticated clients to proxy requests to other hosts, bypassing the allowedhos...

7.1CVSS1.9AI score0.01096EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2021/08/13 3:21 p.m.94 views

Authentication Bypass by Alternate Name in Apache Tomcat

A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65...

6.5CVSS4.7AI score0.09886EPSS
Exploits0References11Affected Software1
Github Security Blog
Github Security Blog
added 2021/08/02 5:29 p.m.94 views

Remote code execution in ChakraCore

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1057, CVE-2020-1172...

7.6CVSS2.5AI score0.02067EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/06/18 6:44 p.m.94 views

Cross-site scripting in Products.CMFCore, Products.PluggableAuthService, Plone

Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS...

6.1CVSS1.8AI score0.00773EPSS
Exploits0References5Affected Software3
Total number of security vulnerabilities5000