Lucene search
K
GitlabMost viewed

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
added 2025/02/13 12:0 a.m.16 views

Easy!Appointments Improper Restriction of Excessive Authentication Attempts

An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file...

9.8CVSS7AI score0.00801EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2025/01/29 12:0 a.m.16 views

kube-audit-rest's example logging configuration could disclose secret values in the audit log

If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages...

5.1CVSS6.5AI score0.00192EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/12/10 12:0 a.m.16 views

CosmWasm VM Incorrect metering

CWA-2024-007 Severity Medium Moderate + Likely^1 Affected versions: - wasmvm = 2.1.0, = 2.0.0, = 2.1.0, = 2.0.0, query wasm libwasmvm-version. It must show 1.5...

7AI score
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/11/18 12:0 a.m.16 views

cobbler allows anyone to connect to cobbler XML-RPC server with known password and make changes

utils.getsharedsecret always returns -1 - allows anyone to connect to cobbler XML-RPC as user '' password -1 and make any changes...

9.8CVSS6.8AI score0.03948EPSS
Exploits6References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/07/01 12:0 a.m.16 views

adolph_dudu ratio-swiper was discovered to contain a prototype pollution via the function extendDefaults

adolphdudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function extendDefaults. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

6.5CVSS8.2AI score0.00462EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/10/05 12:0 a.m.16 views

Improper Neutralization

Improper Neutralization in CefSharp.Common...

6.9AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/08/29 12:0 a.m.16 views

MongoDB Driver may publish events containing authentication-related data

Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed. Without due care, an application may...

7.5CVSS6.9AI score0.00492EPSS
Exploits0References13Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/07 12:0 a.m.16 views

SwiftNIO Extras vulnerable to improper detection of complete HTTP body decompression

SwiftNIO Extras provides a pair of helpers for transparently decompressing received HTTP request or response bodies. These two objects HTTPRequestDecompressor and HTTPResponseDecompressor both failed to detect when the decompressed body was considered complete. If trailing junk data was appended ...

7.5CVSS7AI score0.00732EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/03/10 12:0 a.m.16 views

Relative Path Traversal

Relative Path Traversal in ca.uhn.hapi.fhir:org.hl7.fhir.convertors...

2.6AI score
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/03/25 12:0 a.m.16 views

Gitea Open Redirect

Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5...

7.2CVSS6.6AI score0.53177EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/03/14 12:0 a.m.16 views

SSRF in repository migration

Impact The malicious user is able to discover services in the internal network through repository migration functionality. All installations accepting public traffic are affected. Patches Internal network CIDRs are prohibited to be used as repository migration targets. Users should upgrade to...

1AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/11 12:0 a.m.16 views

Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pgfx-g6rc-8cjv. This link is maintained to preserve external references. Original Description A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a...

7.5CVSS7.1AI score0.01354EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/06/22 12:0 a.m.16 views

Missing Authentication for Critical Function

The vulnerability allows an attacker to substitute or modify packages retrieved from BC thus allowing to inject malicious code into ballerina executables...

9.1CVSS4AI score0.00579EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/04/08 12:0 a.m.16 views

Cross-Site Request Forgery

Cross-Site Request Forgery in Flask-Security-Too...

2.6AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2019/10/08 12:0 a.m.16 views

Improper Authentication

Auth0 auth0.net has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens...

7.5CVSS3.3AI score0.00891EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2018/10/02 12:0 a.m.16 views

Improper Handling of Case Sensitivity

Improper Handling of Case Sensitivity in easyadmin-extension-bundle...

1.6AI score
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2017/05/15 12:0 a.m.16 views

Code Injection

pygmentize contains a Remote Code Execution vulnerability...

2.9AI score
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2013/08/28 12:0 a.m.16 views

Passwordless login

Users are able to log themselves in with a blank password, even for users who are NOT currently in the users table ie have never previously logged in...

1.9AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/29 12:0 a.m.15 views

CC-Tweaked has an SSRF Protection Bypass with NAT64

CC-Tweaked's HTTP API http.request, http.websocket blocks requests to private network ranges to prevent server-side request forgery SSRF. This protection can be bypassed on IPv6-capable servers using NAT64 well-known prefix addresses 64:ff9b::/96. An attacker who can execute Lua code can reach an...

5.9AI score0.00054EPSS
Exploits0References3
GitLab Advisory Database
GitLab Advisory Database
added 2026/03/31 12:0 a.m.15 views

jose vulnerable to untrusted JWK header key acceptance during signature verification

A vulnerability in jose versions up to and including 0.3.5 could allow an unauthenticated, remote attacker to forge valid JWS/JWT tokens by using a key embedded in the JOSE header jwk. The vulnerability exists because key selection could treat header-provided jwk as a verification candidate even...

7.5CVSS5.9AI score0.0013EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/03/30 12:0 a.m.15 views

nginx-ui Backup Restore Allows Tampering with Encrypted Backups

The nginx-ui backup restore mechanism allows attackers to tamper with encrypted backup archives and inject malicious configuration during restoration...

9.4CVSS5.9AI score0.00328EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2025/05/21 12:0 a.m.15 views

Ackites KillWxapkg Zip Bomb Resource Exhaustion

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the component wxapkg File Decompression Handler. The manipulation leads to resource consumption. The attack may be initiated remotely. The complexity of an...

3.1CVSS6.7AI score0.0036EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2025/03/20 12:0 a.m.15 views

H2O Vulnerable to Denial of Service (DoS) via Large GZIP Parsing

In h2oai/h2o-3 version 3.46.0.2, a vulnerability exists where uploading and repeatedly parsing a large GZIP file can cause a denial of service. The server becomes unresponsive due to memory exhaustion and a large number of concurrent slow-running jobs. This issue arises from the improper handling...

7.5CVSS6.7AI score0.00719EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/10/29 12:0 a.m.15 views

NVIDIA Container Toolkit contains a Time-of-check Time-of-Use (TOCTOU) vulnerability

NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use TOCTOU vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of...

9CVSS7.3AI score0.37055EPSS
Exploits2References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/08/30 12:0 a.m.15 views

Adyen APIs Library for Python timing attack vulnerability

Adyen has utility methods for validating notification HMAC signatures. The isvalidhmac and isvalidhmacnotification methods are vulnerable to a timing attack, you should compare the hash of the HMACs instead...

7.1AI score
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/07/21 12:0 a.m.15 views

H2O vulnerable to Deserialization of Untrusted Data

The H2O machine learning platform uses "Iced" classes as the primary means of moving Java Objects around the cluster. The Iced format supports inclusion of serialized Java objects. When a model is deserialized, any class is allowed to be deserialized no class allowlist. An attacker can construct ...

7.5CVSS7.5AI score0.00682EPSS
Exploits0References5
GitLab Advisory Database
GitLab Advisory Database
added 2024/02/03 12:0 a.m.15 views

Etcd auth Inaccurate logging of authentication attempts for users with CN-based auth only

Vulnerability type Logging Detail etcd users who have no password can authenticate only through a client certificate. When such users try to authenticate into etcd using the Authenticate endpoint, errors are logged with insufficient information regarding why the authentication failed, and may be...

7.2AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/10/05 12:0 a.m.15 views

gnark-crypto's exponentiation in the pairing target group GT using GLV can give incorrect results

Impact When the exponent is bigger than r, the group order of the pairing target group GT, the exponentiation à la GLV ExpGLV can sometimes give incorrect results compared to normal exponentiation Exp. The issue impacts all users using ExpGLV for exponentiations in GT. This does not impact Exp an...

7AI score
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/18 12:0 a.m.15 views

swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. It is fixed in 1.19.2 and later releases. This vulnerability is caused by a logica...

7.5CVSS6.7AI score0.01354EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/06 12:0 a.m.15 views

Out-of-bounds Read

An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3decompress out-of-bounds read in certain situations where buffers passed to bzip3 do not contain enough space to be filled with decompressed data. NOTE: the vendor's perspective is that the observed behavior can only occur for a...

6.5CVSS7AI score0.008EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/03/10 12:0 a.m.15 views

Relative Path Traversal

Relative Path Traversal in ca.uhn.hapi.fhir:org.hl7.fhir.utilities...

2.6AI score
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/24 12:0 a.m.15 views

cnlh nps vulnerable to file overwrite by local user

lib/install/install.go in cnlh nps prior to 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user...

5.8CVSS6.5AI score0.00955EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/01 12:0 a.m.15 views

Django vulnerable to Denial of Service via i18n middleware component

The internationalization i18n framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USEI18N option and the i18n component are enabled, allows remote attackers to cause a denial of service memory consumption via many HTTP requests with large...

2.6CVSS6.7AI score0.01799EPSS
Exploits0References14Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/01 12:0 a.m.15 views

Django Arbitrary Code Execution

bin/compile-messages.py in Django 0.95 does not quote argument strings before invoking the msgfmt program through the os.system function, which allows attackers to execute arbitrary commands via shell metacharacters in a 1 .po or 2 .mo file...

7.5CVSS7.6AI score0.0156EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/06/01 12:0 a.m.15 views

Improper Verification of Cryptographic Signature in aws-encryption-sdk-javascript

This advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages. This ESDK supports a streaming mode where callers may stream the plaintext of signed messages before the ECDSA signature is validated...

3AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/05/21 12:0 a.m.15 views

RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be

A security-sensitive bug was discovered by Open Source Developer Erik Sundell of Sundell Open Source Consulting AB. The functions RandomAlphaNumericint and CryptoRandomAlphaNumericint are not as random as they should be...

1.5AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/05/20 12:0 a.m.15 views

Local directory executable lookup in sops (Windows-only)

Impact Windows users using the sops direct editor option sops file.yaml can have a local executable named either vi, vim, or nano executed if running sops from cmd.exe This attack is only viable if an attacker is able to place a malicious binary within the directory you are running sops from. As...

0.4AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2020/09/03 12:0 a.m.15 views

Malicious Package

of 8.9.4 contain malicious code as a preinstall script. The package reads the system's SSH keys but does not upload it to a remote server. Remove the package from your environment. There is no evidence of further compromise at the moment...

2.9AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2019/06/13 12:0 a.m.15 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in @apollo/gateway...

3.8AI score
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2018/03/15 12:0 a.m.15 views

Incorrect header injection check

amphp/http isn't properly protected against HTTP header injection...

0.6AI score
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2017/08/28 12:0 a.m.15 views

Arbitrary File Download

This package is vulnerable to Arbitrary File Download. A client can use backslashes to escape the directory the files where exposed from. Note: Only if the host server is a windows-based operating system...

1.8AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2016/11/05 12:0 a.m.15 views

Remote Code Execution

There's a Remote Code Execution vulnerability in the highlight function of Pygmentize...

1.9AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2014/09/29 12:0 a.m.15 views

Object Injection

A flaw in Active Job that can allow string arguments to be deserialized as if they were Global IDs. This may allow a remote attacker to inject arbitrary objects...

4.7AI score
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/06/18 12:0 a.m.14 views

Crawl4AI: Unauthenticated SSRF on the Docker server streaming crawl path (/crawl/stream)

The Docker API server applied its SSRF destination check validateurldestination on the non-streaming /crawl path but not on the streaming path. handlestreamcrawlrequest passed seed URLs straight to the crawler with no destination validation. A remote, unauthenticated client could call POST...

5.3AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/06/12 12:0 a.m.14 views

SwiftNIO: CRLF Injection in outbound HTTP request URI via NIOHTTPRequestHeadersValidator

Programs using swift-nio is vulnerable to HTTP request smuggling and HTTP response splitting attacks, caused by insufficient validation of outbound HTTP/1.1 request and response start line components. This vulnerability affects all swift-nio versions from 2.0.0 to 2.99.0. It is fixed in 2.100.0 a...

5.6AI score0.00044EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/29 12:0 a.m.14 views

Sparkle: Binary delta apply intermediate-symlink traversal in malicious .delta

Binary delta apply intermediate-symlink traversal in malicious .delta Autoupdate/SUBinaryDeltaApply.m enforces relativePath.pathComponents containsObject:@".." and rejects writes whose immediate parent directory IS itself a symbolic link, but does not detect symlinks deeper in the relative path...

5.9AI score0.00029EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2025/04/21 12:0 a.m.14 views

Infinite loop condition in Amazon.IonDotnet

Amazon.IonDotnet ion-dotnet is a .NET library with an implementation of the Ion data serialization format. An issue exists in Amazon.IonDotnet and the RawBinaryReader class where, under certain conditions, an actor could trigger an infinite loop condition...

8.7CVSS6.8AI score0.00545EPSS
Exploits0References7
GitLab Advisory Database
GitLab Advisory Database
added 2025/03/20 12:0 a.m.14 views

H2O Vulnerable to Execution of Arbitrary Files

In h2oai/h2o-3 version 3.46.0, an endpoint exposing a custom EncryptionTool allows an attacker to encrypt any files on the target server with a key of their choosing. The chosen key can also be overwritten, resulting in ransomware-like behavior. This vulnerability makes it possible for an attacke...

6.5CVSS6.8AI score0.0033EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2025/03/03 12:0 a.m.14 views

Flask-AppBuilder Observable Response Discrepancy

User enumeration in database authentication in Flask-AppBuilder = 3.0.0. Allows for a non authenticated user to enumerate existing usernames by timing the response time from the server when brute forcing requests to login...

5.3CVSS6.9AI score0.00304EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2025/01/14 12:0 a.m.14 views

CVE-2025-0343: Swift ASN.1 can crash when parsing maliciously formed BER/DER

Swift ASN.1 can be caused to crash when parsing certain BER/DER constructions. This crash is caused by a confusion in the ASN.1 library itself which assumes that certain objects can only be provided in either constructed or primitive forms, and will trigger a preconditionFailure if that constrain...

7.5CVSS6.8AI score0.00319EPSS
Exploits0References5Affected Software1
Total number of security vulnerabilities1518