Lucene search
K
GitlabMost viewed

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2024/03/22 12:0 a.m.•33 views

Cross-Site Request Forgery in Anchor CMS

Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery CSRF via /anchor/admin/categories/delete/2...

2.4CVSS3.8AI score0.00255EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/12/03 12:0 a.m.•33 views

Exposure of Sensitive Information to an Unauthorized Actor

Forgejo before 1.20.5-1 allows remote attackers to test for the existence of private user accounts by appending .rss or another extension to a URL...

5.3CVSS6.9AI score0.0081EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/08/23 12:0 a.m.•33 views

Active Support Possibly Discloses Locally Encrypted Files

There is a possible file disclosure of locally encrypted files in Active Support. This vulnerability has been assigned the CVE identifier CVE-2023-38037. Versions Affected: = 5.2.0 Not affected: 5.2.0 Fixed Versions: 7.0.7.1, 6.1.7.5 Impact ActiveSupport::EncryptedFile writes contents that will b...

6.5AI score0.00258EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/07/05 12:0 a.m.•33 views

Improper Neutralization of Special Elements used in a Command ('Command Injection')

1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. The vulnerability has been fixed in v1.3.6...

8.8CVSS7.3AI score0.02313EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/06/20 12:0 a.m.•33 views

Improper Input Validation

Vega is a decentralized trading platform that allows pseudo-anonymous trading of derivatives on a blockchain. Prior to version 0.71.6, a vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For exampl...

6CVSS6.7AI score0.0049EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/06/09 12:0 a.m.•33 views

LeafKit allows XSS with untrusted user input

This affects anyone passing unsanitised data to Leaf's variable tags. Before this fix, Leaf would not escape any strings passed to tags as variables. If an attacker managed to find a variable that was rendered with their unsanitised data, they could inject scripts into a generated Leaf page, whic...

7.4CVSS5.9AI score0.0071EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/05/25 12:0 a.m.•33 views

Uncontrolled Resource Consumption

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...

7.5CVSS6.6AI score0.01577EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/03/15 12:0 a.m.•33 views

Possible XSS Security Vulnerability in SafeBuffer#bytesplice

There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. This vulnerability has been assigned the CVE identifier CVE-2023-28120. Versions Affected: All. Not affected: None Fixed Versions: 7.0.4.3, 6.1.7.3 Impact ActiveSupport uses...

3.4AI score0.00923EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/09/07 12:0 a.m.•33 views

golang.org/x/net/http2 Denial of Service vulnerability

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error...

7.5CVSS4.1AI score0.02607EPSS
Exploits0References11Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/06/28 12:0 a.m.•33 views

Missing Release of Memory after Effective Lifetime

DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsing. Sending specific requests to the dcmqrdb program incur the memory leak. An attacker can use it to launch a DoS attack...

7.5CVSS3AI score0.01595EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/24 12:0 a.m.•33 views

Allocation of Resources Without Limits or Throttling

Some HTTP/2 implementations is vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RSTSTREAM frames from the peer. Depending on how the peer queues the RSTSTRE...

7.8CVSS2.9AI score0.82813EPSS
Exploits0References73Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/04/22 12:0 a.m.•33 views

Cross site scripting in actionpack Rubygem

A cross-site scripting vulnerability flaw was found in the autolink function in Rails before version 3.0.6...

6.1CVSS5.9AI score0.01243EPSS
Exploits1References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/03/18 12:0 a.m.•33 views

Deserialization of Untrusted Data

Each Apache Dubbo server will set a serialization id to tell the clients which serialization protocol it is working on. But for Dubbo versions before 2.7.8 or 2.6.9, an attacker can choose which serialization id the Provider will use by tampering with the byte preamble flags, aka, not following t...

9.8CVSS2.8AI score0.17666EPSS
Exploits2References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/03/11 12:0 a.m.•33 views

Improper Authorization in cobbler

If PAM is correctly configured and a user account is set to expired, the expired user-account is still able to successfully log into Cobbler in all places Web UI, CLI & XMLRPC-API. The same applies to user accounts with passwords set to be expired...

9.1CVSS8.5AI score0.02256EPSS
Exploits1References10Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/12/17 12:0 a.m.•33 views

Deserialization of Untrusted Data

In logback version 1.2.9 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers...

8.5CVSS7.6AI score0.04439EPSS
Exploits1References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/11/01 12:0 a.m.•33 views

Files or Directories Accessible to External Parties

A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem...

8.8CVSS1.8AI score0.06873EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/21 12:0 a.m.•33 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The package github.com/argoproj/argo-cd/cmd before 1.7.13, from 1.8.0 and before 1.8.6 are vulnerable to Cross-site Scripting XSS the SSO provider connected to Argo CD would have to send back a malicious error message containing JavaScript to the user...

4.8CVSS1.8AI score0.00535EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/01/28 12:0 a.m.•33 views

Inclusion of Functionality from Untrusted Control Sphere

The 1 createbranch, 2 createtag, 3 importproject, and 4 forkproject functions in lib/gitlabprojects.rb allows remote authenticated users to include information from local files into the metadata of a Git repository via the web interface...

6.5CVSS4.2AI score0.01938EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/03/27 12:0 a.m.•33 views

Allocation of Resources Without Limits or Throttling

There is a possible denial of service vulnerability in Action View Rails where specially crafted accept headers can cause action view to consume % cpu and make the server unresponsive...

7.8CVSS4.2AI score0.08671EPSS
Exploits3References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/12/01 12:0 a.m.•33 views

Cross-site Scripting

PHP-Proxy has Cross-Site Scripting XSS via the URL field in index.php...

6.1CVSS2.4AI score0.00937EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/07/23 12:0 a.m.•33 views

Cross-site scripting in django

Cross-site scripting XSS vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload...

4.3CVSS5.2AI score0.01774EPSS
Exploits0References14Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/06/07 12:0 a.m.•33 views

Path Traversal

360class.jansenhm is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing .. in the url...

7.5CVSS5.2AI score0.02005EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•33 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting XSS vulnerability in the striptags helper in actionpack/lib/actioncontroller/vendor/html-scanner/html/node.rb in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a tag with an inval...

4.3CVSS4.2AI score0.02492EPSS
Exploits0References17Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•33 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Multiple cross-site scripting XSS vulnerabilities in the mailto helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 name or 2 email value...

4.3CVSS5.9AI score0.0235EPSS
Exploits1References16Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•33 views

Cross-Site Request Forgery (CSRF)

Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged 1 AJAX or 2 API requests that...

6.8CVSS6.9AI score0.01407EPSS
Exploits1References13Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2015/12/07 12:0 a.m.•33 views

Settings leak in date template filter

If an application allows users to specify an unvalidated format for dates and passes this format to the date filter, a malicious user could obtain any secret in the application's settings by specifying a settings key instead of a date format. e.g. SECRETKEY instead of j/m/Y...

5CVSS3.4AI score0.04284EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2014/05/19 12:0 a.m.•33 views

Incorrect Default Permissions

The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with jinja2 in /tmp...

4.4CVSS5.7AI score0.00373EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2014/05/16 12:0 a.m.•33 views

Caches may be allowed to store and serve private data

Django contains a flaw that is triggered as the program improperly removes Vary and Cache-Control headers from HTTP responses during a reply to a request from some older versions of Internet Explorer or the Chrome Frame client. This may allow a context-dependent attacker to gain access to...

6.4CVSS6.3AI score0.02546EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2014/04/23 12:0 a.m.•33 views

MySQL typecasting

When using a MySQL database, Django don't perform explicit conversion of the fields: FilePathField GenericIPAddressField IPAddressField If a query is performed without first converting values to the appropriate type, this can produce unexpected results, similar to what would occur if the query...

10CVSS6.1AI score0.04753EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/09/23 12:0 a.m.•33 views

DOS via large passwords

The authentication framework django.contrib.auth computes the hash of a password each time a user attempts to log in, no matter the length of the password. Thus, a remote attacker can cause a denial of service CPU consumption by repeatedly submitting long passwords...

5CVSS2.3AI score0.02661EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/02/12 12:0 a.m.•33 views

Serialized Attributes YAML Vulnerability with Rails 2.3 and 3.0

There is a vulnerability in the serialized attribute handling code in Ruby on Rails, applications which allow users to directly assign to the serialized fields in their models are at risk of Denial of Service or Remote Code Execution vulnerabilities...

10CVSS5.8AI score0.07497EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2012/03/13 12:0 a.m.•33 views

XSS via posted select tag options

Ruby on Rails is vulnerable to remote cross-site scripting because the application does not validate manually generated select tag options upon submission to actionpack/lib/actionview/helpers/formoptionshelper.rb. This may allow a user to create a specially crafted request that would execute...

4.3CVSS2.7AI score0.02504EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2026/04/03 12:0 a.m.•32 views

Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length

The X-Wing decapsulation path accepts attacker-controlled encapsulated ciphertext bytes without enforcing the required fixed ciphertext length. The decapsulation call is forwarded into a C API, which expects a compile-time fixed-size ciphertext buffer of 1120 bytes. This creates an FFI...

7.5CVSS6AI score0.00472EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/11/05 12:0 a.m.•32 views

HAPI FHIR XML External Entity (XXE) vulnerability

An XML External Entity XXE vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities...

9.8CVSS6.7AI score0.01851EPSS
Exploits1References5
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/14 12:0 a.m.•32 views

Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java BC Java before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of th...

7.5CVSS6.2AI score0.011EPSS
Exploits0References9
GitLab Advisory Database
GitLab Advisory Database
•added 2024/02/27 12:0 a.m.•32 views

Rails has possible Sensitive Session Information Leak in Active Storage

Possible Sensitive Session Information Leak in Active Storage There is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user's session cookie when serving blobs. It also sets Cache-Control to public. Certain proxi...

5.3CVSS5.2AI score0.01119EPSS
Exploits0References10Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/12/14 12:0 a.m.•32 views

NULL Pointer Dereference

cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSONInsertItemInArray at cJSON.c...

7.5CVSS7.2AI score0.01508EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/12/04 12:0 a.m.•32 views

Logback is vulnerable to an attacker mounting a Denial-Of-Service attack by sending poisoned data

A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...

7.5CVSS6.7AI score0.00682EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/11/22 12:0 a.m.•32 views

Out-of-bounds Write

Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c...

7.1CVSS6.3AI score0.00422EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/06/05 12:0 a.m.•32 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site Scripting XSS - Stored in GitHub repository admidio/admidio prior to 4.2.8...

6.3CVSS6.1AI score0.00479EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/04/04 12:0 a.m.•32 views

Improper Authentication

Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...

9.8CVSS9AI score0.01605EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/03/20 12:0 a.m.•32 views

CairoSVG improperly processes SVG files loaded from external resources

When CairoSVG processes an SVG file, it can make requests to the inner host and different outside hosts. When CairoSVG processes an SVG file, it can send requests to external hosts and wait for a response from the external server after a successful TCP handshake. This will cause the server to han...

9.9CVSS7.6AI score0.00722EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/02/09 12:0 a.m.•32 views

Inefficient Regular Expression Complexity

A regular expression based DoS vulnerability in Active Support 6.1.7.1 and 7.0.4.1. A specially crafted string passed to the underscore method can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory,...

7.5CVSS7.3AI score0.01712EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/01/23 12:0 a.m.•32 views

MITM based Zip Slip in `ca.uhn.hapi.fhir:org.hl7.fhir.core`

MITM can enable Zip-Slip...

8.1CVSS7.6AI score0.01166EPSS
Exploits1References6
GitLab Advisory Database
GitLab Advisory Database
•added 2022/12/27 12:0 a.m.•32 views

Uncontrolled Resource Consumption

Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory...

7.5CVSS3.5AI score0.017EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/24 12:0 a.m.•32 views

Use of Insufficiently Random Values

An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the...

5.9CVSS2.2AI score0.03465EPSS
Exploits0References15Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/17 12:0 a.m.•32 views

Improper Input Validation

The setmgmtparameters function in item.py in cobbler before 2.2.2 allows context-dependent attackers to execute arbitrary code via vectors related to the use of the yaml.load function instead of the yaml.safeload function, as demonstrated using Puppet...

6.8CVSS8AI score0.02174EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/14 12:0 a.m.•32 views

Improper Input Validation

The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // slash slash in a URL, which triggers a scheme-relative URL...

5.8CVSS6.8AI score0.02277EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/03/11 12:0 a.m.•32 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

A Cross Site Scripting XSS vulnerability exists in Nacos 2.0.3 in auth/users via the 1 pageSize and 2 pageNo parameters...

6.1CVSS3.2AI score0.00818EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/02/22 12:0 a.m.•32 views

Use after free in Animation

The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available. There is currently little other public information on the issue...

8.8CVSS2.5AI score0.23546EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities1518