Lucene search
K
GitlabMost viewed

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•35 views

Use After Free

Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS2.2AI score0.02747EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/17 12:0 a.m.•35 views

Loop with Unreachable Exit Condition (Infinite Loop)

The x/text package for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an...

7.5CVSS3AI score0.01855EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/04/10 12:0 a.m.•35 views

Use of Externally-Controlled Format String

In Pallets Jinja before 2.8.1, str.format allows a sandbox escape...

8.6CVSS2.5AI score0.03492EPSS
Exploits0References13Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/11/22 12:0 a.m.•35 views

Improper Authentication

In PHP Proxy, any user can read files from the server without authentication...

7.5CVSS3.2AI score0.32885EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•35 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting XSS vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, allows remote attackers to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper...

4.3CVSS5.9AI score0.03022EPSS
Exploits1References17Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•35 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Multiple cross-site scripting XSS vulnerabilities in the mailto helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 name or 2 email value...

4.3CVSS5.9AI score0.0235EPSS
Exploits1References15Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/03/19 12:0 a.m.•35 views

Symbol DoS vulnerability in Active Record

When a hash is provided as the find value for a query, the keys of the hash may be converted to symbols. Carefully crafted requests can coerce params:name to return a hash, and the keys to that hash may be converted to symbols. All users running an affected release should either upgrade or use on...

5CVSS2.1AI score0.03438EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2026/04/18 12:0 a.m.•34 views

Wish has SCP Path Traversal that allows arbitrary file read/write

The SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server, and create directories outside the configured root directory by sending crafted filenames containing ../ sequence...

9.6CVSS5.9AI score0.00393EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/04/18 12:0 a.m.•34 views

@andrei-tatar/nora-firebase-common Prototype Pollution vulnerability

An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...

8.1AI score0.01158EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/01/31 12:0 a.m.•34 views

Missing Authentication for Critical Function

In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints...

6.5CVSS7.1AI score0.01636EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/12/05 12:0 a.m.•34 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ajax.NET Professional AjaxPro is an AJAX framework for Microsoft ASP.NET which will create proxy JavaScript classes that are used on client-side to invoke methods on the web server. Affected versions of this package is vulnerable cross site scripting attacks. Releases before version 21.12.22.1 ar...

6.3CVSS6.3AI score0.00628EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/11/16 12:0 a.m.•34 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

H2O is vulnerable to stored XSS vulnerability which can lead to a Local File Include attack...

9.3CVSS5.6AI score0.00749EPSS
Exploits1References2
GitLab Advisory Database
GitLab Advisory Database
•added 2023/09/29 12:0 a.m.•34 views

Deserialization of Untrusted Data

When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. Users should update to apache-avro...

7.5CVSS6.8AI score0.01772EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/08/22 12:0 a.m.•34 views

etcd denial of service vulnerability

Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go...

7.5CVSS6.7AI score0.01314EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/06/14 12:0 a.m.•34 views

jsonij vulnerable to stack exhaustion

An issue was discovered jmarsden/jsonij through 0.5.2 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...

7.5CVSS7.4AI score0.00845EPSS
Exploits1References4
GitLab Advisory Database
GitLab Advisory Database
•added 2023/05/30 12:0 a.m.•34 views

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Prototype Pollution in GitHub repository antfu/utils prior to 0.7.3...

9.8CVSS7AI score0.00991EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/03/31 12:0 a.m.•34 views

Server-Side Request Forgery (SSRF)

Appwrite up to v1.2.1 was discovered to contain a Server-Side Request Forgery SSRF via the component /v1/avatars/favicon. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request...

7.5CVSS7.1AI score0.36171EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/01/23 12:0 a.m.•34 views

Relative Path Traversal

Relative Path Traversal in ca.uhn.hapi.fhir:org.hl7.fhir.core...

8.1CVSS7.8AI score0.01166EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/12/26 12:0 a.m.•34 views

Out-of-bounds Read

golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack...

7.5CVSS2.7AI score0.01356EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/12/23 12:0 a.m.•34 views

Use of a Broken or Risky Cryptographic Algorithm

IO FinNet tss-lib before 2.0.0 allows a collision of hash values...

9.1CVSS2.4AI score0.00453EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/09/07 12:0 a.m.•34 views

golang.org/x/net/http2 Denial of Service vulnerability

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error...

7.5CVSS4.1AI score0.02607EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/07/29 12:0 a.m.•34 views

Duplicate

This advisory duplicates another...

2.7CVSS5.8AI score0.00616EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/06/24 12:0 a.m.•34 views

Improper Privilege Management

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...

5.3CVSS3.9AI score0.02593EPSS
Exploits1References15Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/06/10 12:0 a.m.•34 views

Out-of-bounds Read

Istio is an open platform to connect, manage, and secure microservices. In affected versions ill-formed headers sent to Envoy in certain configurations can lead to unexpected memory access resulting in undefined behavior or crashing. Users are most likely at risk if they have an Istio ingress...

9.8CVSS1.8AI score0.01014EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/24 12:0 a.m.•34 views

Kubernetes Secrets Store CSI Driver plugins arbitrary file write

Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods...

6.5CVSS5.7AI score0.0137EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/24 12:0 a.m.•34 views

Loop with Unreachable Exit Condition ('Infinite Loop')

golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service infinite loop via crafted ParseFragment input...

7.5CVSS4.8AI score0.07293EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/17 12:0 a.m.•34 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The issafeurl function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting XSS or other vulnerabilities into Django applications that use this function, a...

4.3CVSS6AI score0.02297EPSS
Exploits0References15Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/13 12:0 a.m.•34 views

NULL Pointer Dereference

The html package aka x/net/html through 2018-09-17 in Go mishandles , leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call...

7.5CVSS1.3AI score0.0281EPSS
Exploits1References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/04/22 12:0 a.m.•34 views

Cross-Site Request Forgery (CSRF)

cobbler: Web interface lacks CSRF protection when using Django framework...

8.8CVSS7.2AI score0.0063EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/02/15 12:0 a.m.•34 views

Improper Authentication in Kubernetes

The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally...

8.8CVSS1.8AI score0.03597EPSS
Exploits5References12Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/02/10 12:0 a.m.•34 views

Incomplete Cleanup

An issue exsits in Gitea through 1.15.7, which could let a malicious user gain privileges due to client side cookies not being deleted and the session remains valid on the server side for reuse...

9.8CVSS2.8AI score0.01447EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/23 12:0 a.m.•34 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author to inject a relative path into a plugin archive, and copy a file outside of the intended director...

8.5CVSS2AI score0.01458EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/02 12:0 a.m.•34 views

Access of Resource Using Incompatible Type ('Type Confusion')

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS2.9AI score0.48574EPSS
Exploits3References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•34 views

Out-of-bounds Write

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.6CVSS2.6AI score0.02826EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•34 views

Use After Free

Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS2.2AI score0.02747EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/19 12:0 a.m.•34 views

Uncontrolled Resource Consumption

c-ares' aresparsea,aaaareply suffers from a Denial Of Service due to insufficient naddrttls validation...

7.5CVSS3.8AI score0.54164EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/08/25 12:0 a.m.•34 views

Use After Free

GNU Bison has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug report was...

7.1CVSS0.6AI score0.01265EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/03/27 12:0 a.m.•34 views

Allocation of Resources Without Limits or Throttling

The Kubelet component has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port, and the authenticated HTTPS API typically served on port...

6.5CVSS0.8AI score0.01141EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/04/22 12:0 a.m.•34 views

Incorrect Permission Assignment for Critical Resource

In Kubernetes, schema info is cached by kubectl in the location specified by --cache-dir defaulting to $HOME/.kube/http-cache, written with world-writeable permissions rw-rw-rw-. If --cache-dir is specified and pointed at a different location accessible to other users/groups, the written files ma...

5CVSS1.9AI score0.00483EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/07/23 12:0 a.m.•34 views

Cross-site scripting in django

Cross-site scripting XSS vulnerability in Django 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a csrfmiddlewaretoken aka csrftoken cookie...

4.3CVSS5.2AI score0.019EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/07/09 12:0 a.m.•34 views

Insufficiently Protected Credentials

The Jenkins AWS CodePipeline Plugin contains an Insufficiently Protected Credentials vulnerability...

7.8CVSS2.6AI score0.00339EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•34 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting XSS vulnerability in activesupport/lib/activesupport/coreext/string/outputsafety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a...

4.3CVSS4AI score0.02492EPSS
Exploits0References16Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•34 views

Improper Input Validation

Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery CSRF protection for requests to applications that rely on this protection, as demonstrated using text/plain...

6.8CVSS7AI score0.0808EPSS
Exploits1References20Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•34 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The cross-site scripting XSS prevention feature in Ruby on Rails 2.x before 2.3.12, 3.0.x before 3.0.8, and 3.1.x before 3.1.0.rc2 does not properly handle mutation of safe buffers, which makes it easier for remote attackers to conduct XSS attacks via crafted strings to an application that uses a...

4.3CVSS5.5AI score0.01962EPSS
Exploits0References12Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2015/07/14 12:0 a.m.•34 views

DOS by filling session store

The session backends created a new empty record in the session storage anytime request.session was accessed and there was a session key provided in the request cookies that didn't already have a session record. This could allow an attacker to easily create many new session records simply by sendi...

7.8CVSS6.1AI score0.07266EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/10/16 12:0 a.m.•34 views

Possible DoS Vulnerability

A carefully crafted email address in conjunction with the Action Mailer logger format string could take advantage of a bug in Ruby's sprintf implementation and possibly lead to a denial of service attack. Impacted Ruby code will look something like this: "some string userinput" % somenumber...

4.3CVSS3AI score0.03135EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/08/05 12:0 a.m.•33 views

gotortc Cross-site Scripting vulnerability

gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The links page links.html appends the src GET parameter 0 in all of its links for 1-click previews. The context in which src is being appended is innerHTML 1, which will insert th...

6.1CVSS6.3AI score0.00447EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/04/03 12:0 a.m.•33 views

AMPHP Denial of Service via HTTP/2 CONTINUATION Frames

amphp/http will collect HTTP/2 CONTINUATION frames in an unbounded buffer and will not check the header size limit until it has received the ENDHEADERS flag, resulting in an OOM crash. amphp/http-client and amphp/http-server are indirectly affected if they're used with an unpatched version of...

8.2CVSS7.3AI score0.83244EPSS
Exploits1References10Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/03/22 12:0 a.m.•33 views

Cross-Site Request Forgery in Anchor CMS

Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery CSRF via /anchor/admin/categories/delete/2...

2.4CVSS3.8AI score0.00255EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/12/03 12:0 a.m.•33 views

Exposure of Sensitive Information to an Unauthorized Actor

Forgejo before 1.20.5-1 allows remote attackers to test for the existence of private user accounts by appending .rss or another extension to a URL...

5.3CVSS6.9AI score0.0081EPSS
Exploits0References4Affected Software1
Total number of security vulnerabilities1518