Lucene search
K
GitlabMost viewed

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/15 12:0 a.m.•29 views

Incorrect Conversion between Numeric Types

An issue was discovered in GNOME GLib The function gbytesnew has an integer overflow on platforms due to an implicit cast from bits to bits. The overflow could potentially lead to memory corruption...

7.5CVSS4.4AI score0.02993EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•29 views

Out-of-bounds Write

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.6CVSS2.6AI score0.02826EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•29 views

Use After Free

Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS2.2AI score0.02747EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/08/14 12:0 a.m.•29 views

Path Traversal

The resolveRepositoryPath function does not properly validate user input and a malicious user may traverse to any valid Git repository outside the repoRoot. This issue may lead to unauthorized access of private Git repositories as long as the malicious user knows or brute-forces the location of t...

7.5CVSS3.3AI score0.02942EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/19 12:0 a.m.•29 views

Cross-Site Request Forgery (CSRF)

A CSRF vulnerability exists in rails rails-ujs module that could allow attackers to send CSRF tokens to wrong domains...

6.5CVSS4.8AI score0.01485EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/04/07 12:0 a.m.•29 views

Cross-site Scripting

Jenkins AWSEB Deployment Plugin does not escape various values printed as part of form validation output, resulting in a reflected cross-site scripting vulnerability...

6.1CVSS1.2AI score0.00816EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•29 views

High severity vulnerability that affects actionpack

actionpack/lib/actionview/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of available templates, which allows remote attackers to bypass intended access restrictions via an action...

7.5CVSS5.6AI score0.02498EPSS
Exploits1References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/05/15 12:0 a.m.•29 views

Code Injection

pygmentize contains a Remote Code Execution vulnerability...

5.8AI score
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2026/05/29 12:0 a.m.•28 views

CC-Tweaked has an SSRF Protection Bypass with NAT64

CC-Tweaked's HTTP API http.request, http.websocket blocks requests to private network ranges to prevent server-side request forgery SSRF. This protection can be bypassed on IPv6-capable servers using NAT64 well-known prefix addresses 64:ff9b::/96. An attacker who can execute Lua code can reach an...

5.9AI score0.00054EPSS
Exploits0References3
GitLab Advisory Database
GitLab Advisory Database
•added 2026/05/29 12:0 a.m.•28 views

CC-Tweaked has an SSRF Protection Bypass with NAT64

CC-Tweaked's HTTP API http.request, http.websocket blocks requests to private network ranges to prevent server-side request forgery SSRF. This protection can be bypassed on IPv6-capable servers using NAT64 well-known prefix addresses 64:ff9b::/96. An attacker who can execute Lua code can reach an...

5.9AI score0.00054EPSS
Exploits0References3
GitLab Advisory Database
GitLab Advisory Database
•added 2026/05/04 12:0 a.m.•28 views

apko doesn't verify downloaded apk packages against APKINDEX checksum (package substitution possible)

apko verifies the signature on APKINDEX.tar.gz but never compares individually downloaded .apk packages against the checksum recorded in the signed index. The checksum is parsed and available via ChecksumString, and the downloaded package control hash is computed, but the two values are never...

7.5CVSS5.9AI score0.00159EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2025/04/18 12:0 a.m.•28 views

Crawl4AI SSRF vulnerability

Crawl4AI =0.4.247 is vulnerable to SSRF in /crawl4ai/asyncdispatcher.py...

9.1CVSS6.8AI score0.00323EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/11/05 12:0 a.m.•28 views

HAPI FHIR XML External Entity (XXE) vulnerability

An XML External Entity XXE vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities...

9.8CVSS6.7AI score0.01851EPSS
Exploits1References5
GitLab Advisory Database
GitLab Advisory Database
•added 2024/10/15 12:0 a.m.•28 views

Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text

There is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. This vulnerability has been assigned the CVE identifier CVE-2024-47888. Impact ------ Carefully crafted text can cause the plaintextforblockquotenode helper to take an unexpected amount of time,...

8.7CVSS7AI score0.00991EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/05 12:0 a.m.•28 views

ai-controller-frontend payment status in basket isn't reset

Payment status in basket isn't reset...

5.3CVSS6.8AI score0.0043EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/05 12:0 a.m.•28 views

Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC

An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption...

8.2CVSS8.1AI score0.00994EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/01/31 12:0 a.m.•28 views

Missing Release of Resource after Effective Lifetime

In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the endpoint can become stuck in a loop of requestin...

7.7CVSS7.2AI score0.01206EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/10/06 12:0 a.m.•28 views

etcd having a negative value for cluster node size results in an index out-of-bound panic during service discovery

When an etcd instance attempts to perform service discovery, if a cluster size is provided as a negative value, the etcd instance will panic without recovery...

3.3AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/07/29 12:0 a.m.•28 views

Flask-AppBuilder before v4.1.3 allows inference of sensitive information through query strings

An authenticated Admin user could craft HTTP requests to filter users by their salted and hashed passwords strings. These filters could be made by using partial hashed password strings. The response would not include the hashed passwords, but an attacker could infer partial password hashes and...

2.7CVSS3.3AI score0.00616EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/06/24 12:0 a.m.•28 views

Improper Privilege Management

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...

5.3CVSS3.9AI score0.02593EPSS
Exploits1References15Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/07/23 12:0 a.m.•28 views

Out-of-bounds Write

Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out-of-bounds write on the heap with the possibility of remote code execution...

9.8CVSS3.9AI score0.03284EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/23 12:0 a.m.•28 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Helm is open-source software which is essentially "The Kubernetes Package Manager". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted...

6.8CVSS0.2AI score0.0103EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/27 12:0 a.m.•28 views

Possible Information Disclosure / Unintended Method Execution

There is a possible information disclosure / unintended method execution vulnerability in Action Pack when using the redirectto or polymorphicurl helper with untrusted user input...

7.5CVSS1.8AI score0.04195EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/12 12:0 a.m.•28 views

Uncontrolled Resource Consumption

In Apache Thrift to, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service...

7.5CVSS2.5AI score0.06779EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/08 12:0 a.m.•28 views

Out-of-bounds Write

A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash...

7.8CVSS3.2AI score0.01505EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/02 12:0 a.m.•28 views

Use After Free

Acrobat Reader DC versions versions 2020.013.20074 and earlier, 2020.001.30018 and earlier and 2017.011.30188 and earlier are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current...

8.8CVSS5.9AI score0.03977EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/07 12:0 a.m.•28 views

Inclusion of Sensitive Information in Log Files

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log...

5.5CVSS2.5AI score0.00505EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/07 12:0 a.m.•28 views

Inclusion of Sensitive Information in Log Files

In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl...

5.5CVSS1AI score0.00512EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/07/22 12:0 a.m.•28 views

URL Redirection to Untrusted Site (Open Redirect)

The Kubernetes kube-apiserver is vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise...

6.8CVSS3.4AI score0.061EPSS
Exploits3References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/03/30 12:0 a.m.•28 views

Release of Invalid Pointer or Reference

An issue was discovered in USC iLab cereal. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if a std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same address...

9.8CVSS1.6AI score0.01977EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/11/30 12:0 a.m.•28 views

Deserialization of Untrusted Data

A Broken Access Control vulnerability in Active Job...

7.5CVSS4.3AI score0.02559EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2015/07/26 12:0 a.m.•28 views

Possible Denial of Service

Specially crafted XML documents can cause applications to raise a SystemStackError and potentially cause a denial of service attack. This nonly impacts applications using REXML or JDOM as their XML processor. Other XML processors that Rails supports are not impacted...

5CVSS5.7AI score0.04261EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2014/10/24 12:0 a.m.•28 views

Cryptographic Issues

Certificates.java in Not Yet Commons SSL does not properly verify that the server hostname matches a domain name in the subject's Common Name CN field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

6.8CVSS8.7AI score0.00932EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2025/08/13 12:0 a.m.•28 views

swift-nio-http2 affected by HTTP/2 MadeYouReset vulnerability

The HTTP/2 MadeYouReset vulnerability has a mild effect on swift-nio-http2. swift-nio-http2 mostly protects against MadeYouReset by using a number of existing denial-of-service prevention patterns that we added in response to the RapidReset vulnerabilities. The result is that servers are not...

7.2AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/11/05 12:0 a.m.•27 views

HAPI FHIR XML External Entity (XXE) vulnerability

An XML External Entity XXE vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities...

9.8CVSS6.7AI score0.01851EPSS
Exploits1References5
GitLab Advisory Database
GitLab Advisory Database
•added 2024/09/06 12:0 a.m.•27 views

XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`

XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external...

8.6CVSS8.4AI score0.00975EPSS
Exploits0References7
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/30 12:0 a.m.•27 views

@75lb/deep-merge Prototype Pollution vulnerability

Prototype Pollution in 75lb deep-merge 1.1.1 allows attackers to execute arbitrary code or cause a Denial of Service DoS and cause other impacts via merge methods of lodash to merge objects...

9.8CVSS7.8AI score0.00985EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/02 12:0 a.m.•27 views

aimeos/ai-admin-graphql improper access control vulnerability allows editors to manage own services

aimeos/ai-admin-graphql is the Aimeos GraphQL API admin interface. Starting in version 2022.04.1 and prior to versions 2022.10.10, 2023.10.6, and 2024.4.2, improper access control allows a editors to manage own services via GraphQL API which isn't allowed in the JQAdm front end. Versions...

3.8CVSS6.8AI score0.00425EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/14 12:0 a.m.•27 views

Bouncy Castle crafted signature and public key can be used to trigger an infinite loop

An issue was discovered in Bouncy Castle Java Cryptography APIs starting in 1.73 and before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...

7.5CVSS7.5AI score0.00753EPSS
Exploits0References9
GitLab Advisory Database
GitLab Advisory Database
•added 2024/01/22 12:0 a.m.•27 views

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

chasquid before 1.13 allows SMTP smuggling because LF-terminated lines are accepted...

7.5CVSS7.1AI score0.00468EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/12/06 12:0 a.m.•27 views

pubnub Insufficient Entropy vulnerability

Versions of the package pubnub before 7.4.0; all versions of the package com.pubnub:pubnub; versions of the package pubnub before 6.19.0; all versions of the package github.com/pubnub/go; versions of the package github.com/pubnub/go/v7 before 7.2.0; versions of the package pubnub before 7.3.0;...

5.9CVSS6.6AI score0.00955EPSS
Exploits1References22Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/11/16 12:0 a.m.•27 views

S3 Bucket can lead to spread of malicious R package

H2O included a reference to an S3 bucket that no longer existed allowing an attacker to take over the S3 bucket URL...

8.7CVSS6.7AI score0.00855EPSS
Exploits1References2
GitLab Advisory Database
GitLab Advisory Database
•added 2023/06/07 12:0 a.m.•27 views

Vapor vulnerable to denial of service in URLEncodedFormDecoder

Vapor is an HTTP web framework for Swift. Vapor versions earlier than 4.61.1 are vulnerable to a denial of service in the URLEncodedFormDecoder...

7.5CVSS6.6AI score0.0149EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/06/06 12:0 a.m.•27 views

Inefficient Regular Expression Complexity

A Regular Expression Denial of Service ReDoS issue was discovered in the sanitizehtml function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

7.5CVSS6.4AI score0.01513EPSS
Exploits1References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/12/22 12:0 a.m.•27 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

A vulnerability was found in docconv up to 1.2.0. It has been declared as critical. This vulnerability affects the function ConvertPDFImages of the file pdfocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. Upgrading to version 1.2.1...

9.8CVSS3.2AI score0.01734EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/07/05 12:0 a.m.•27 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The leafInfo.match function in Beego v2.0.3 and below uses path.join to deal with wildcardvalues which can lead to cross directory risk...

9.8CVSS3AI score0.01503EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/17 12:0 a.m.•27 views

Django Allows Redirect via Data URL

The 1 django.http.HttpResponseRedirect and 2 django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers to conduct cross-site scripting XSS attacks via a data: URL...

4.3CVSS5.2AI score0.02072EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/13 12:0 a.m.•27 views

Improper Validation of Array Index

The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to a "panic: runtime error" index out of range in insertionModeStack.pop in node.go, called from inHeadIM, during an html.Parse call...

7.5CVSS2.2AI score0.02677EPSS
Exploits1References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/13 12:0 a.m.•27 views

Improper Restriction of Operations within the Bounds of a Memory Buffer

The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to a "panic: runtime error" index out of range in nodeStack.pop in node.go, called from parser.clearActiveFormattingElements, during an html.Parse call...

7.5CVSS2.8AI score0.02832EPSS
Exploits1References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/03/11 12:0 a.m.•27 views

Improper Authorization in Gitea

Improper Authorization in GitHub repository go-gitea/gitea prior to 1.16.4...

7.1CVSS2.8AI score0.00833EPSS
Exploits1References4Affected Software1
Total number of security vulnerabilities1518