Lucene search
K
GitlabMost viewed

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/14 12:0 a.m.•36 views

Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing...

5.9CVSS6.3AI score0.00901EPSS
Exploits0References8
GitLab Advisory Database
GitLab Advisory Database
•added 2023/12/27 12:0 a.m.•36 views

Open redirect vulnerability in Flask-Security-Too

An open redirect vulnerability in the python package Flask-Security-Too =2.1.0 the autocorrectlocationheader configuration was changed to False - which means that location headers in redirects are relative by default. Thus, this issue may impact applications that were previously not impacted, if...

6.1CVSS6AI score0.01079EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/10/25 12:0 a.m.•36 views

SaToken authentication bypass vulnerability

An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...

8.8CVSS7.4AI score0.00797EPSS
Exploits1References4
GitLab Advisory Database
GitLab Advisory Database
•added 2023/10/16 12:0 a.m.•36 views

Allocation of Resources Without Limits or Throttling

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels http.useragent and http.method that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP...

7.5CVSS6.2AI score0.01364EPSS
Exploits0References10Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/10/16 12:0 a.m.•36 views

Allocation of Resources Without Limits or Throttling

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels http.useragent and http.method that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP...

7.5CVSS6.2AI score0.01364EPSS
Exploits0References10Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/09/21 12:0 a.m.•36 views

CefSharp affected by heap buffer overflow in WebP

Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...

8.6AI score0.99735EPSS
Exploits9References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/12/14 12:0 a.m.•36 views

Helm vulnerable to denial of service through string value parsing

Fuzz testing, by Ada Logics and sponsored by the CNCF, identified input to functions in the strvals package that can cause a stack overflow. In Go, a stack overflow cannot be recovered from. Applications that use functions from the strvals package in the Helm SDK can have a Denial of Service atta...

7.5CVSS2.2AI score0.0076EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/12/08 12:0 a.m.•36 views

Allocation of Resources Without Limits or Throttling

An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate...

5.3CVSS1.1AI score0.05623EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/12/02 12:0 a.m.•36 views

Missing Release of Memory after Effective Lifetime

DCMTK v3.6.7 was discovered to contain a memory leak via the TASCAssociation object...

7.5CVSS2.8AI score0.01568EPSS
Exploits2References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/10/14 12:0 a.m.•36 views

Missing Release of Resource after Effective Lifetime

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

7.5CVSS4AI score0.01428EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/24 12:0 a.m.•36 views

Insertion of Sensitive Information into Log File

The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components such as kube-apiserver prior to v1.16.0, which make use of basic or bearer token authentication, and run ...

6.5CVSS2.7AI score0.01766EPSS
Exploits0References10Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/24 12:0 a.m.•36 views

Loop with Unreachable Exit Condition ('Infinite Loop')

golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service infinite loop via crafted ParseFragment input...

7.5CVSS4.8AI score0.07293EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/22 12:0 a.m.•36 views

Access control bypass in beego

The route lookup process in beego through 1.12.4 and 2.x through 2.0.2 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places e.g., p1.xml instead of p1...

9.8CVSS5.4AI score0.21573EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/17 12:0 a.m.•36 views

Improper Encoding or Escaping of Output

Gitea before 1.16.7 does not escape git fetch remote...

7.5CVSS1.9AI score0.87678EPSS
Exploits8References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/02 12:0 a.m.•36 views

Django cross-site request forgery (CSRF) vulnerability

The administration application in Django 0.91.x, 0.95.x, and 0.96.x stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery CSRF attacks and delete or modify data via unspecified...

5.8CVSS6.7AI score0.00931EPSS
Exploits0References10Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/03/19 12:0 a.m.•36 views

Use of a Broken or Risky Cryptographic Algorithm

The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey...

7.5CVSS3.5AI score0.03931EPSS
Exploits0References20Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/02/10 12:0 a.m.•36 views

Improper Authentication

An Authentication Bypass vulnerability exists in Gitea before 1.5.0, which could let a malicious user gain privileges. If captured, the TOTP code for the 2FA can be submitted correctly more than once...

9.8CVSS3.2AI score0.01319EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/10/05 12:0 a.m.•36 views

Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.

Cobbler before 3.3.0 allows arbitrary file write operations via uploadlogdata...

7.5CVSS8.5AI score0.68635EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/15 12:0 a.m.•36 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross Site Scripting XSS vulnerability exists in the admin panel in Beego v2.0.1 via the URI path in an HTTP request, which is activated by administrators viewing the "Request Statistics" page...

6.1CVSS2.2AI score0.00795EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/06 12:0 a.m.•36 views

Use of a Broken or Risky Cryptographic Algorithm

The ElGamal implementation in Botan, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's...

5.9CVSS2.3AI score0.01532EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/08 12:0 a.m.•36 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The media2click aka 2 Clicks for External Media extension 1.x before 1.3.3 for TYPO3 allows XSS by a backend user account...

5.4CVSS3.7AI score0.00534EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•36 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to helm --help. This issu...

4CVSS1.6AI score0.00962EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/18 12:0 a.m.•36 views

Improper Access Control

go-jose before 1.0.4 suffers from multiple signatures exploitation. The go-jose library supports messages with multiple signatures. However, when validating a signed message the API did not indicate which signature was valid, which could potentially lead to confusion. For example, users of the...

7.5CVSS2.4AI score0.01967EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/03/05 12:0 a.m.•36 views

Observable Timing Discrepancy

The activerecord-sessionstore aka Active Record Session Store component for Ruby on Rails does not use a constant-time approach when delivering information about whether a guessed session ID is valid. Consequently, remote attackers can leverage timing discrepancies to achieve a correct guess in a...

5.3CVSS3.2AI score0.01835EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/07/02 12:0 a.m.•36 views

Improper Control of Generation of Code ('Code Injection')

The is a code injection vulnerability in versions of Rails that wouldallow an attacker who controlled the locals argument of a render call to perform a RCE...

8.8CVSS5AI score0.83085EPSS
Exploits10References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/19 12:0 a.m.•36 views

Deserialization of Untrusted Data

A deserialization of untrusted data vulnernerability exists in rails, rails that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE...

9.8CVSS5.2AI score0.45732EPSS
Exploits5References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/02/20 12:0 a.m.•36 views

Improper Verification of Cryptographic Signature

golang.org/x/crypto allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client...

7.5CVSS3.4AI score0.21052EPSS
Exploits6References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/12/01 12:0 a.m.•36 views

Inadequate Encryption Strength

The strrotpass function in PHP-Proxy uses weak cryptography, which makes it easier for attackers to calculate the authorization data needed for local file inclusion...

7.5CVSS4AI score0.01132EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/07/09 12:0 a.m.•36 views

Insufficiently Protected Credentials

The Jenkins AWS CodeDeploy Plugin does not properly protect credentials in AWSCodeDeployPublisher...

7.8CVSS2.5AI score0.00339EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/06/07 12:0 a.m.•36 views

Path Traversal

11xiaoli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing ../ in the url...

7.5CVSS5.2AI score0.02005EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/06/04 12:0 a.m.•36 views

Cross-site Scripting

ag-grid is vulnerable to Cross-site Scripting XSS via Angular Expressions, if AngularJS is used in combination with ag-grid...

6.1CVSS2.8AI score0.01185EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•36 views

Improper Input Validation

Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attackers to modify arbitrary records by changing the names of parameters for form inputs...

6.4CVSS7.1AI score0.0225EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2015/03/24 12:0 a.m.•36 views

Improper Restriction of XML External Entity Reference

XML external entity XXE vulnerability in the SVG to PNG and JPG conversion classes in Apache Batik allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...

6.4CVSS8.2AI score0.16564EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2014/05/16 12:0 a.m.•36 views

Malformed URLs from user input incorrectly validated

The validation for redirects does not correctly validate some malformed URLs, which are accepted by some browsers. This allows a user to be redirected to an unsafe URL unexpectedly...

4.3CVSS6.2AI score0.03123EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/12/14 12:0 a.m.•35 views

NULL Pointer Dereference

cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSONSetValuestring at cJSON.c...

7.5CVSS7.2AI score0.00961EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/04/06 12:0 a.m.•35 views

Out-of-bounds Read

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an xwrite out-of-bounds read...

6.5CVSS6.9AI score0.00888EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/02/17 12:0 a.m.•35 views

Uncontrolled Resource Consumption

An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service...

5.5CVSS3.7AI score0.00309EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/10/06 12:0 a.m.•35 views

Improper Validation of Array Index

In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...

6.5CVSS3.9AI score0.01256EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/09/15 12:0 a.m.•35 views

KubeVirt vulnerable to arbitrary file read on host

As part of a Kubevirt audit performed by NCC group, a finding dealing with systemic lack of path sanitization which leads to a path traversal was identified. Google tested the exploitability of the paths in the audit report and identified that when combined with another vulnerability one of the...

1AI score
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/08/01 12:0 a.m.•35 views

Improper Certificate Validation

fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode TLSSocket using fs2-io on Node.js, the parameter requestCert = true is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1. fs2-io running on...

9.8CVSS3.2AI score0.00641EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/06/24 12:0 a.m.•35 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Jenkins Filesystem List Parameter Plugin 0.0.7 and earlier does not escape the name and description of File system objects list parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS2.4AI score0.00743EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/03/08 12:0 a.m.•35 views

Duplicate of ./gem/activestorage/CVE-2022-21831.yml

The Active Storage module of Rails starting with version 5.2.0 are possibly vulnerable to code injection. This issue was patched in versions 5.2.6.2, 6.0.4.7, 6.1.4.7, and 7.0.2.3. To work around this issue, applications should implement a strict allow-list on accepted transformation methods or...

9.8CVSS3AI score0.02742EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/02/17 12:0 a.m.•36 views

Improper Certificate Validation

Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation...

9.8CVSS1.2AI score0.01301EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/01/01 12:0 a.m.•35 views

Out-of-bounds Write

GDAL has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment...

5.5CVSS3AI score0.01491EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/12/20 12:0 a.m.•35 views

Excessive Platform Resource Consumption within a Loop in Kubernetes

Abusively constructed YAML payload can significantly reduce parsing performance potentially leading to DoS...

6.5CVSS3AI score0.0236EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/29 12:0 a.m.•35 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting XSS vulnerability in models/issue.go in Gogs aka Go Git Service 0.3.1-9 through 0.5.x before 0.5.8 allows remote attackers to inject arbitrary web script or HTML via the text parameter to api/v1/markdown...

4.3CVSS5.5AI score0.01909EPSS
Exploits3References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•35 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to helm --help. This issu...

4CVSS1.6AI score0.00962EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/15 12:0 a.m.•35 views

Incorrect Conversion between Numeric Types

An issue was discovered in GNOME GLib If gbytearraynewtake was called with a buffer of 4GB or more on a platform, the length would be truncated modulo 232, causing unintended length truncation...

7.5CVSS3.1AI score0.0408EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/10 12:0 a.m.•35 views

Integer Overflow or Wraparound

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

9.8CVSS3.4AI score0.0586EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/02 12:0 a.m.•35 views

Access of Resource Using Incompatible Type ('Type Confusion')

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS2.9AI score0.48574EPSS
Exploits3References3Affected Software1
Total number of security vulnerabilities1518