Lucene search
K
GitlabMost viewed

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
added 2023/11/22 12:0 a.m.19 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Admidio v4.2.12 and below is vulnerable to Cross Site Scripting XSS...

6.1CVSS6.6AI score0.007EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/09/05 12:0 a.m.19 views

Apache Axis 1.x (EOL) may allow RCE when untrusted input is passed to getService

When integrating Apache Axis 1.x in an application, it may not have been obvious that looking up a service through "ServiceFactory.getService" allows potentially dangerous lookup mechanisms such as LDAP. When passing untrusted input to this API method, this could expose the application to DoS, SS...

9.8CVSS7.2AI score0.01931EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/23 12:0 a.m.19 views

Improper Neutralization of Formula Elements in a CSV File

Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9...

7.8CVSS6.9AI score0.00462EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/03/31 12:0 a.m.19 views

zstd vulnerable to buffer overrun

A vulnerability was found in zstd v1.4.10, where an attacker can supply an empty string as an argument to the command line tool to cause buffer overrun...

7.5CVSS6.8AI score0.01588EPSS
Exploits0References11Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/11/02 12:0 a.m.19 views

Batched HTTP requests may set incorrect `cache-control` response header

Impact In Apollo Server 3 and 4, the cache-control HTTP response header may not reflect the cache policy that should apply to an HTTP request when that HTTP request contains multiple operations using HTTP batching. This could lead to data being inappropriately cached and shared. Apollo Server...

6.3AI score
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/11/01 12:0 a.m.19 views

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

A vulnerability, which was classified as critical, has been found in IBAX go-ibax. Affected by this issue is some unknown functionality of the file /api/v2/open/rowsInfo. The manipulation of the argument tablename leads to sql injection. The attack may be launched remotely. The exploit has been...

8.8CVSS3AI score0.02241EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/09/06 12:0 a.m.19 views

Improper Initialization

Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B...

9.8CVSS3.6AI score0.00993EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/21 12:0 a.m.19 views

Authentication Bypass Using an Alternate Path or Channel

The route lookup process in beego through 1.12.4 and 2.x through 2.0.2 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places e.g., p1.xml instead of p1...

9.8CVSS5.7AI score0.21573EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/17 12:0 a.m.19 views

Cherry Music Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist...

5.4CVSS5.3AI score0.00847EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/07 12:0 a.m.19 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in AjaxNetProfessional...

9.8CVSS3.5AI score0.88768EPSS
Exploits2References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/08/02 12:0 a.m.19 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in github.com/argoproj/argo-workflows...

3.8AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/06/01 12:0 a.m.19 views

Improper Verification of Cryptographic Signature in aws-encryption-sdk-javascript

This ESDK supports a streaming mode where callers may stream the plaintext of signed messages before the ECDSA signature is validated. In addition to these signatures, the ESDK uses AES-GCM encryption and all plaintext is verified before being released to a caller. There is no impact on the...

1.8AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2019/04/08 12:0 a.m.19 views

CoAPthon DoS due to Exceptions

The Serialize.deserialize method in CoAPthon 3.1, 4.0.0, 4.0.1, and 4.0.2 mishandles certain exceptions, leading to a denial of service in applications that use this library e.g., the standard CoAP server, CoAP client, CoAP reverse proxy, example collect CoAP server and client when they receive...

7.5CVSS7.3AI score0.0146EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2013/02/25 12:0 a.m.19 views

SQL Injection

ActiveRecord-JDBC-Adapter AR-JDBC contains a flaw that may allow carrying out an SQL injection attack. The issue is due to the sql.gsub function in lib/arjdbc/jdbc/adapter.rb not properly sanitizing user-supplied input before using it in SQL queries. This may allow a remote attacker to inject or...

3.6AI score
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/06/16 12:0 a.m.18 views

Crawl4AI: LLM credential exfiltration in Docker server via request base_url and env: token resolution

The Docker API server let a request control where LLM calls were sent and which environment variable an LLM token resolved from. Both could be abused to exfiltrate server-held secrets. The Docker API is unauthenticated by default...

5.3AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/29 12:0 a.m.18 views

CC-Tweaked has an SSRF Protection Bypass with NAT64

CC-Tweaked's HTTP API http.request, http.websocket blocks requests to private network ranges to prevent server-side request forgery SSRF. This protection can be bypassed on IPv6-capable servers using NAT64 well-known prefix addresses 64:ff9b::/96. An attacker who can execute Lua code can reach an...

5.9AI score0.00054EPSS
Exploits0References3
GitLab Advisory Database
GitLab Advisory Database
added 2026/03/30 12:0 a.m.18 views

nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse

The nginx-ui application is vulnerable to a Race Condition. Due to the complete absence of synchronization mechanisms Mutex and non-atomic file writes, concurrent requests lead to the severe corruption of the primary configuration file app.ini. This vulnerability results in a persistent Denial of...

7.5CVSS6AI score0.00534EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/02/24 12:0 a.m.18 views

ActualBudget server is Missing Authentication for SimpleFIN and Pluggy AI bank sync endpoints

Missing authentication middleware in the ActualBudget server component allows any unauthenticated user to query the SimpleFIN and Pluggy.ai integration endpoints and read sensitive bank account balance and transaction information...

9.2CVSS5.4AI score0.00395EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/12/10 12:0 a.m.18 views

CosmWasm VM Incorrect metering

CWA-2024-007 Severity Medium Moderate + Likely^1 Affected versions: - wasmvm = 2.1.0, = 2.0.0, = 2.1.0, = 2.0.0, query wasm libwasmvm-version. It must show 1.5...

7AI score
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/09/26 12:0 a.m.18 views

IDOR vulnerability in account profile page

Insecure direct object reference allowing an attacker to disable subscriptions and reviews of another customer...

5.3CVSS7.1AI score0.00485EPSS
Exploits0References14Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/05/15 12:0 a.m.18 views

amphp/artax Cookie leakage to wrong origins and non-restricted cookie acceptance

In artax version before 1.0.6 and 2 before 2.0.6, cookies of foo.bar.example.com were leaked to foo.bar. Additionally, any site could set cookies for any other site. Artax fixed this issue by following newer browser implementations now. Cookies can only be set on domains higher or equal to the...

7AI score
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/12/27 12:0 a.m.18 views

hutool-core was discovered to contain a stack overflow via NumberUtil.toBigDecimal method

The NumberUtil.toBigDecimal method in hutool-core v5.8.23 was discovered to contain a stack overflow...

7.5CVSS7.5AI score0.00619EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/03/10 12:0 a.m.18 views

Relative Path Traversal

Relative Path Traversal in ca.uhn.hapi.fhir:org.hl7.fhir.validation...

2.6AI score
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/24 12:0 a.m.18 views

Improper Restriction of XML External Entity Reference

AutoUpdater.cs in AutoUpdater.NET before 1.5.8 allows XXE...

9.8CVSS6.9AI score0.02283EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2020/06/30 12:0 a.m.18 views

False positive

This advisory has been marked as a False Positive and has been removed...

5.5CVSS1.5AI score0.00401EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/05 12:0 a.m.17 views

Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback

An authenticated user can call GET /api/settings and retrieve sensitive configuration values, including node.secret. The same node.secret is accepted by AuthRequired through the X-Node-Secret header or nodesecret query parameter, causing the request to be treated as authenticated via the...

6.5CVSS5.8AI score0.00299EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/04/08 12:0 a.m.17 views

WWBN AVideo has an Allowlisted downloadURL media extensions bypass SSRF protection and enable internal response exfiltration (Incomplete fix for CVE-2026-27732)

The fix for CVE-2026-27732 is incomplete. objects/aVideoEncoder.json.php still allows attacker-controlled downloadURL values with common media or archive extensions such as .mp4, .mp3, .zip, .jpg, .png, .gif, and .webm to bypass SSRF validation. The server then fetches the response and stores it ...

8.6CVSS5.9AI score0.00235EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2025/05/16 12:0 a.m.17 views

Flask-AppBuilder open redirect vulnerability using HTTP host injection

Flask-AppBuilder prior to 4.6.2 would allow for a malicious unauthenticated actor to perform an open redirect by manipulating the Host header in HTTP requests...

6.1CVSS6.8AI score0.00191EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2025/01/29 12:0 a.m.17 views

kube-audit-rest's example logging configuration could disclose secret values in the audit log

If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages...

5.1CVSS6.5AI score0.00192EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/11/08 12:0 a.m.17 views

XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`

XSLT parsing performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external clients...

8.6CVSS8.4AI score0.00918EPSS
Exploits0References9
GitLab Advisory Database
GitLab Advisory Database
added 2024/11/08 12:0 a.m.17 views

XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`

XSLT parsing performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external clients...

8.6CVSS8.4AI score0.00918EPSS
Exploits0References9
GitLab Advisory Database
GitLab Advisory Database
added 2024/06/05 12:0 a.m.17 views

Duplicate

This advisory duplicates another...

5.9AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/03/10 12:0 a.m.17 views

Relative Path Traversal

Relative Path Traversal in ca.uhn.hapi.fhir:org.hl7.fhir.r4b...

2.6AI score
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/03/10 12:0 a.m.17 views

Relative Path Traversal

Relative Path Traversal in ca.uhn.hapi.fhir:org.hl7.fhir.convertors...

2.6AI score
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/01/27 12:0 a.m.17 views

Initial debug-host handler implementation could leak information and facilitate denial of service

Impact version 1.5.0 and 1.6.0 when using the new debug-host feature could expose unnecessary information about the host Patches Use 1.6.1 or newer Workarounds Downgrade to 1.4.0 or set debug-host to empty References https://github.com/fortio/proxy/pull/38 Q&A...

1.4AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/01/14 12:0 a.m.17 views

Missing Authorization

KubePi is a modern Kubernetes panel. The API interfaces with unauthorized entities and may leak sensitive information. This issue has been patched in version 1.6.4. There are currently no known workarounds...

7.5CVSS6.5AI score0.03573EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/11/22 12:0 a.m.17 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in Akka...

4AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/10/06 12:0 a.m.17 views

etcd vulnerable to TOCTOU of gateway endpoint authentication

The vulnerability was spotted due to unclear documentation of how the gateway handles endpoints validation. Detail The gateway only authenticates endpoints detected from DNS SRV records, and it only authenticates the detected endpoints once...

2AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/13 12:0 a.m.17 views

Gitea Arbitrary File Delete Vulnerability

Gitea version 1.6.2 and earlier contains a Incorrect Access Control vulnerability in Delete/Edit file functionallity that can result in the attacker deleting files outside the repository he/she has access to. This attack appears to be exploitable via the attacker must get write access to "any"...

6.5CVSS6.8AI score0.01107EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/01 12:0 a.m.17 views

Django Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request...

4.3CVSS5.2AI score0.01312EPSS
Exploits0References12Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/03/25 12:0 a.m.17 views

Gitea Open Redirect

Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5...

7.2CVSS6.6AI score0.53177EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/11 12:0 a.m.17 views

Improper Neutralization

Improper Neutralization in github.com/aws/aws-sdk-go/service/s3/s3crypto...

2.3AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/08/23 12:0 a.m.17 views

Potential privilege escalation on Kubernetes >= v1.19 when the Argo Sever is run with `--auth-mode=client`

Impact This is pro-active fix. No know exploits exist. Impacted: You're running Kubernetes = v1.19 You're running Argo Server It is configured to with --auth-mode=client Is not configured with --auth-mode=server You are not running Argo Server in Kubernetes pod. E.g. on bare metal or other VM...

1.6AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/06/23 12:0 a.m.17 views

Repository credentials passed to alternate domain

While working on the Helm source, a Helm core maintainer discovered a situation where the username and password credentials associated with a Helm repository could be passed on to another domain referenced by that Helm repository. Impact The index.yaml within a Helm chart repository contains a...

7.3AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2020/09/04 12:0 a.m.17 views

Malicious Package

All versions of 1337qq-js contain malicious code. The package exfiltrates sensitive information through install scripts. It targets UNIX systems. The information exfiltrated includes: - Environment variables - Running processes - /etc/hosts - uname -a - npmrc file Remove the package from your...

3.5AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2018/03/15 12:0 a.m.17 views

Improper Neutralization of HTTP Headers for Scripting Syntax

HTTP header injection vulnerability in the http package...

1.1AI score
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2017/08/28 12:0 a.m.17 views

Arbitrary File Download

This package is vulnerable to Arbitrary File Download. A client can use backslashes to escape the directory the files where exposed from. Note: Only if the host server is a windows-based operating system...

1.8AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/06/12 12:0 a.m.16 views

SwiftNIO NIOHTTP1: HTTPDecoder accepts unbounded HTTP/1 header blocks, enabling remote DoS

The HTTPDecoder in NIOHTTP1 enforces no limit on the total size of an HTTP/1 message's header block or on the number of header fields per message. A remote peer can submit an arbitrary number of small, valid headers in a single request and have them all accumulated into the resulting HTTPHeaders...

5.6AI score0.00048EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/06/04 12:0 a.m.16 views

AdGuard Home: DoQ-to-UDP State Reduction and Source-Port Oracle

This report covers the client-triggered DoQ forwarding path in: - dnsproxy v0.81.2 adguard/dnsproxy:v0.81.2 - AdGuard Home v0.107.74 adguard/adguardhome:latest, image version label v0.107.74 The issue was reproduced on 2026-04-25 with the products configured through their documented DoQ listener...

5.8AI score0.00047EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/18 12:0 a.m.16 views

HAPI FHIR: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint

All implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input validation. The FHIRPath functions matches, matchesFull, and replaceMatches pass user-controlled regular expressions directly to Java's Pattern.compile and String.replaceAll without...

5.9AI score0.00086EPSS
Exploits0References3
Total number of security vulnerabilities1518