Lucene search
K
GitlabMost viewed

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•32 views

Use After Free

Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS2.2AI score0.02747EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/05 12:0 a.m.•32 views

Uncontrolled Resource Consumption

This affects the package @absolunet/kafe It allows cause a denial of service when validating crafted invalid emails...

5.3CVSS3.9AI score0.01555EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/15 12:0 a.m.•32 views

Uncontrolled Resource Consumption

GNU Bison allows attackers to cause a denial of service application crash...

5.5CVSS4.6AI score0.00401EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/04/12 12:0 a.m.•32 views

Injection Vulnerability

cpp-httplib does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...

7.5CVSS1.8AI score0.01643EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/01/28 12:0 a.m.•32 views

Improper Privilege Management

The parsecmd function in lib/gitlabshell.rb allows remote authenticated users to gain privileges and clone arbitrary repositories...

8.8CVSS5.9AI score0.02EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2015/01/07 12:0 a.m.•32 views

Textile Link Parsing XSS

RedCloth Gem for Ruby contains a flaw that allows a cross-site scripting XSS attack. This flaw exists because the program does not validate input when parsing textile links before returning it to users. This may allow a remote attacker to create a specially crafted request that would execute...

4.3CVSS4.7AI score0.02253EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/09/16 12:0 a.m.•32 views

Directory traversal with ssi template tag

Directory traversal vulnerability allows remote attackers to read arbitrary files via a file path in the ALLOWEDINCLUDEROOTS setting followed by a .. in a ssi template tag...

5CVSS5.5AI score0.03182EPSS
Exploits2References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2026/04/21 12:0 a.m.•31 views

Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints

All WebSocket endpoints in nginx-ui use a gorilla/websocket Upgrader with CheckOrigin unconditionally returning true, allowing Cross-Site WebSocket Hijacking CSWSH. Combined with the fact that authentication tokens are stored in browser cookies set via JavaScript without HttpOnly or explicit...

8.1CVSS5.8AI score0.00176EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2026/03/18 12:0 a.m.•31 views

HAPI FHIR HTTP authentication leak in redirects

When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers ...

8.2CVSS5.9AI score0.00264EPSS
Exploits0References4
GitLab Advisory Database
GitLab Advisory Database
•added 2024/12/16 12:0 a.m.•31 views

CosmosSDK: Transaction decoding may result in a stack overflow or resource exhaustion

ASA-2024-0012: Transaction decoding may result in a stack overflow When decoding a maliciously formed packet with a deeply-nested structure, it may be possible for a stack overflow to occur and result in a network halt. This was addressed by adding a recursion limit while decoding the packet...

7.4AI score
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/11/05 12:0 a.m.•31 views

HAPI FHIR XML External Entity (XXE) vulnerability

An XML External Entity XXE vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities...

9.8CVSS6.7AI score0.01851EPSS
Exploits1References5
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/01 12:0 a.m.•31 views

frappejs was discovered to contain a prototype pollution via the function registerView

airvertco frappejs v0.0.11 was discovered to contain a prototype pollution via the function registerView. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

8.8CVSS8.4AI score0.00822EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/17 12:0 a.m.•31 views

flatten-json Prototype Pollution

A Prototype Pollution issue in flatten-json 1.0.1 allows an attacker to execute arbitrary code via module.exports.unflattenJSON flatten-json/index.js:42...

6.3CVSS7.6AI score0.0042EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/11/16 12:0 a.m.•31 views

Improper Control of Generation of Code ('Code Injection')

An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature...

10CVSS7.8AI score0.30567EPSS
Exploits1References2
GitLab Advisory Database
GitLab Advisory Database
•added 2023/08/30 12:0 a.m.•31 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the .git directory, in some places the name of the file being read is provided by the user, GitPython does not check if this file is located outside the .git...

6.5CVSS6.7AI score0.01012EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/08/02 12:0 a.m.•31 views

Excessive Iteration

A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...

6.5CVSS6.8AI score0.00805EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/08/02 12:0 a.m.•31 views

Allocation of Resources Without Limits or Throttling

The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height, and encoded size to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU...

6.5CVSS6.7AI score0.0086EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/06/05 12:0 a.m.•31 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site Scripting XSS - Stored in GitHub repository admidio/admidio prior to 4.2.8...

6.3CVSS6.1AI score0.00479EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/01/23 12:0 a.m.•31 views

MITM based Zip Slip in `ca.uhn.hapi.fhir:org.hl7.fhir.core`

MITM can enable Zip-Slip...

8.1CVSS7.6AI score0.01166EPSS
Exploits1References6
GitLab Advisory Database
GitLab Advisory Database
•added 2022/12/19 12:0 a.m.•31 views

Improper Resource Shutdown or Release

A vulnerability classified as problematic has been found in cgriego activeattr up to 0.15.2. This affects the function call of the file lib/activeattr/typecasting/booleantypecaster.rb of the component Regex Handler. The manipulation of the argument value leads to denial of service. The exploit ha...

7.5CVSS2AI score0.01106EPSS
Exploits1References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/06/28 12:0 a.m.•31 views

Double Free

DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific requests to the dcmqrdb program will incur a double free. An attacker can use it to launch a DoS attack...

7.5CVSS0.9AI score0.01595EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/06/28 12:0 a.m.•31 views

NULL Pointer Dereference

DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack...

7.5CVSS1.3AI score0.01688EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/17 12:0 a.m.•31 views

Django Image Field Vulnerable to Image Decompression Bombs

The django.forms.ImageField class in the form system in Django before 1.3.2 and 1.4.x before 1.4.1 completely decompresses image data during image validation, which allows remote attackers to cause a denial of service memory consumption by uploading an image file...

5CVSS6AI score0.02641EPSS
Exploits1References12Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/14 12:0 a.m.•31 views

Improper Input Validation

The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // slash slash in a URL, which triggers a scheme-relative URL...

5.8CVSS6.8AI score0.02277EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/13 12:0 a.m.•31 views

Improper Restriction of Operations within the Bounds of a Memory Buffer

The html package aka x/net/html through 2018-09-17 in Go mishandles , leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call...

7.5CVSS2AI score0.02772EPSS
Exploits1References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/05 12:0 a.m.•31 views

ReviewBoard and Djblets library are vulnerable to code execution

An eval vulnerability exists in Python Software Foundation Djblets version before 0.6.30 and 0.7.0 before 0.7.19 and Beanbag Review Board before 1.7.15 when parsing JSON requests allowing an attacker to execute arbitrary Python code...

9.8CVSS9.5AI score0.0304EPSS
Exploits0References11Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/03/12 12:0 a.m.•31 views

Improper Authorization in Gogs

Improper Authorization in GitHub repository gogs/gogs prior to 0.12.5...

9.1CVSS2.7AI score0.01221EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/02/15 12:0 a.m.•31 views

Loop with Unreachable Exit Condition ('Infinite Loop')

An issue was discovered in the /api/connector endpoint handler in Yubico yubihsm-connector before 3.0.1 in YubiHSM SDK before 2021.04. The handler does not validate the length of the request, which can lead to a state where yubihsm-connector becomes stuck in a loop waiting for the YubiHSM to send...

7.5CVSS0.8AI score0.01521EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/01/25 12:0 a.m.•31 views

Authentication Bypass by Primary Weakness

Authentication Bypass by Primary Weakness exists in adodb/adodb...

9.1CVSS3AI score0.0217EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/01/12 12:0 a.m.•31 views

Out-of-bounds Write

GNOME gdk-pixbuf is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals 12...

8.8CVSS3.1AI score0.01891EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/01/08 12:0 a.m.•31 views

ANSI escape characters not filtered

kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events...

3CVSS2.4AI score0.00778EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/21 12:0 a.m.•31 views

Externally Controlled Reference to a Resource in Another Sphere

A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the lo...

4.1CVSS1.9AI score0.021EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/29 12:0 a.m.•31 views

URL Redirection to Untrusted Site (Open Redirect)

PowerMux is a drop-in replacement for Go's http.ServeMux. In PowerMux, attackers may be able to craft phishing links and other open redirects by exploiting the trailing slash redirection feature. This may lead to users being redirected to untrusted sites after following an attacker crafted link...

6.1CVSS3.6AI score0.00606EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/23 12:0 a.m.•31 views

Improper Certificate Validation

Go before 1.12.16 and 1.13.x before 1.13.7 and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go allows attacks on clients resulting in a panic via a malformed X.509 certificate...

7.8CVSS4.7AI score0.02582EPSS
Exploits0References16Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•31 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to helm --help. This issu...

4CVSS1.6AI score0.00962EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/04/21 12:0 a.m.•31 views

Out-of-bounds Read

A heap-based buffer over-read was discovered in cpp-peglib's peg::resolveescapesequence in peglib.h...

5.5CVSS2.3AI score0.00893EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/10/07 12:0 a.m.•31 views

Improper Input Validation

Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or...

5.8CVSS4.1AI score0.05722EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/09/15 12:0 a.m.•31 views

Buffer Overflow

A buffer overflow exists in the Brotli library where an attacker controlling the input length of a one-shot decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB...

6.5CVSS2.2AI score0.03217EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/07/27 12:0 a.m.•31 views

Improper Authentication

The Kubelet and kube-proxy components were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but...

8.8CVSS2.1AI score0.03597EPSS
Exploits5References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/07/23 12:0 a.m.•31 views

Uncontrolled Resource Consumption

The Kubernetes kubelet component do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of dat...

5.5CVSS0.7AI score0.00501EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/12/17 12:0 a.m.•31 views

Insufficiently Protected Credentials

A missing permission check in Jenkins Alauda DevOps Pipeline Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS4.6AI score0.00852EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/10/29 12:0 a.m.•31 views

Out-of-bounds Read

In Apache Thrift, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

7.5CVSS2.3AI score0.06849EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/07/23 12:0 a.m.•31 views

Improper date handling in Django

The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not validate the length of a string representing a base36 timestamp, which allows remote attackers to cause a denial of service resource consumption via a URL that...

5CVSS6.2AI score0.03348EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2016/09/07 12:0 a.m.•31 views

Possible XSS Vulnerability

There is a possible XSS vulnerability in Action View. Text declared as "HTML safe" will not have quotes escaped when used as attribute values in tag helpers...

6.1CVSS1.5AI score0.03438EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2015/12/07 12:0 a.m.•31 views

Settings leak in date template filter

If an application allows users to specify an unvalidated format for dates and passes this format to the date filter, a malicious user could obtain any secret in the application's settings by specifying a settings key instead of a date format. e.g. SECRETKEY instead of j/m/Y...

5CVSS3.4AI score0.04284EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/12/10 12:0 a.m.•30 views

Simulation of Wasmd message can cause crashing

CWA-2024-009 Severity Low Marginal + Likely^1 Affected versions: - wasmd 0.53.1 Patched versions: - wasmd 0.53.2 please note that wasmd 0.53.1 is broken and must not be used Description of the bug Blank for now. We'll add more detail once chains had a chance to upgrade. Mitigations Apart from...

7AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/11/05 12:0 a.m.•30 views

HAPI FHIR XML External Entity (XXE) vulnerability

An XML External Entity XXE vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities...

9.8CVSS6.7AI score0.01851EPSS
Exploits1References5
GitLab Advisory Database
GitLab Advisory Database
•added 2024/10/15 12:0 a.m.•30 views

Possible ReDoS vulnerability in block_format in Action Mailer

There is a possible ReDoS vulnerability in the blockformat helper in Action Mailer. This vulnerability has been assigned the CVE identifier CVE-2024-47889. Impact ------ Carefully crafted text can cause the blockformat helper to take an unexpected amount of time, possibly resulting in a DoS...

8.7CVSS9.3AI score0.00944EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/11 12:0 a.m.•30 views

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...

5.5CVSS6.7AI score0.00788EPSS
Exploits0References9
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/14 12:0 a.m.•30 views

Bouncy Castle crafted signature and public key can be used to trigger an infinite loop

An issue was discovered in Bouncy Castle Java Cryptography APIs starting in 1.73 and before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...

7.5CVSS7.5AI score0.00753EPSS
Exploits0References9
Total number of security vulnerabilities1518