Lucene search
K
GitlabMost viewed

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2018/10/23 12:0 a.m.•62 views

Improper Input Validation

Fastjson allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi:// URI in the dataSourceName field of HTTP POST data to the Pippo /json URI, which is mishandled in AjaxApplication.java...

10CVSS6.6AI score0.3897EPSS
Exploits2References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/07/13 12:0 a.m.•62 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

In Bootstrap, XSS is possible in the collapse data-parent attribute...

6.1CVSS1.8AI score0.04135EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2025/09/17 12:0 a.m.•61 views

DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error

We found two instances in the DragonFly codebase where the first return value of a function is dereferenced even when the function returns an error figures 9.1 and 9.2. This can result in a nil dereference, and cause code to panic. The codebase may contain additional instances of the bug. golang...

6.9CVSS7.1AI score0.00293EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/24 12:0 a.m.•61 views

Insufficiently Protected Credentials

Jenkins BMC Release Package and Deployment Plugin 1.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

4.3CVSS3.9AI score0.00691EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/17 12:0 a.m.•61 views

Improper Control of Generation of Code ('Code Injection')

CVE-2010-2235 RHN Satellite cobbler: Code injection flaw ACE as root by processing of a specially-crafted kickstart template file...

8.5CVSS2.7AI score0.03327EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/02/15 12:0 a.m.•61 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that...

6.5CVSS3.6AI score0.01312EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/08 12:0 a.m.•61 views

Flask-AppBuilder Open Redirect vulnerability

If using Flask-AppBuilder OAuth, an attacker can share a carefully crafted URL with a trusted domain for an application built with Flask-AppBuilder, this URL can redirect a user to a malicious site. This is an open redirect vulnerability...

7.2CVSS6.1AI score0.007EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/09 12:0 a.m.•61 views

Open Redirect in Flask-User

This affects all versions of package Flask-User. When using the makesafeurl function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple backslashes such as /////evil.com/path or \\evil.com/path. This vulnerability is only exploitable if an...

6.1CVSS6AI score0.01113EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/23 12:0 a.m.•61 views

Inadequate Encryption Strength

go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received public key on a message is on the same curve as the static private key of the receiver, thus making ...

9.1CVSS3.6AI score0.01411EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/16 12:0 a.m.•61 views

Improper Authentication

Apollos Apps is an open source platform for launching church-related apps. In Apollos Apps, new user registrations are able to access anyone's account by only knowing their basic profile information name, birthday, gender, etc. This includes all app functionality within the app, as well as any...

9.8CVSS1.4AI score0.01458EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/03/25 12:0 a.m.•61 views

Integer Overflow or Wraparound

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

9.8CVSS3.4AI score0.04983EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/07 12:0 a.m.•61 views

Inclusion of Sensitive Information in Log Files

In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims...

5.5CVSS2.3AI score0.0052EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/12/17 12:0 a.m.•61 views

Cross-Site Request Forgery (CSRF)

A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pipeline allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS4.6AI score0.00691EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/09/09 12:0 a.m.•61 views

Improper Authentication

Improper authentication is possible in Apache Traffic Control versions if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that user without that user's correct password...

9.8CVSS4.7AI score0.03455EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/09/03 12:0 a.m.•61 views

@actions/artifact has an Arbitrary File Write via artifact extraction

Versions of actions/artifact before 2.1.7 are vulnerable to arbitrary file write when using downloadArtifactInternal, downloadArtifactPublic, or streamExtractExternal for extracting a specifically crafted artifact that contains path traversal filenames...

7.5CVSS7.3AI score0.03037EPSS
Exploits4References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/09/06 12:0 a.m.•60 views

Exposure of Sensitive Information to an Unauthorized Actor

AccessControl provides a general security framework for use in Zope. Python's "format" functionality allows someone controlling the format string to "read" objects accessible recursively via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use...

7.7CVSS6.9AI score0.00519EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/01/20 12:0 a.m.•60 views

Use After Free

An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp...

8.8CVSS2.3AI score0.00723EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/01/14 12:0 a.m.•60 views

Missing Authorization

KubePi is a modern Kubernetes panel. The API interfaces with unauthorized entities and may leak sensitive information. This issue has been patched in version 1.6.4. There are currently no known workarounds...

7.5CVSS7.1AI score0.03573EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/07/13 12:0 a.m.•60 views

Exposure of Resource to Wrong Sphere

Azure Storage Library Information Disclosure Vulnerability...

4.7CVSS1.3AI score0.00521EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/01/13 12:0 a.m.•60 views

Lookup operations do not take into account wildcards in SpiceDB

SpiceDB is a database system for managing security-critical application permissions. Any user making use of a wildcard relationship under the right hand branch of an exclusion or within an intersection operation will see Lookup/LookupResources return a resource as "accessible" if it is not...

8.1CVSS0.6AI score0.01472EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/12/09 12:0 a.m.•60 views

Improper Authentication in Flask-AppBuilder

Improper authentication on the REST API. Allows for a malicious actor with a carefully crafted request to successfully authenticate and gain access to existing protected REST API endpoints. Only affects non database authentication types, and new REST API endpoints...

8.8CVSS8.5AI score0.0125EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/04/27 12:0 a.m.•60 views

Authentication Bypass by Spoofing

Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos, when configured to use authentication -Dnacos.core.auth.enabled=true it uses the AuthFilter servlet filter to enforce authentication. This filter has a backdoor that enables Nacos server...

9.8CVSS1.1AI score0.74242EPSS
Exploits2References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/05 12:0 a.m.•60 views

Server-Side Request Forgery (SSRF)

The Kubernetes kube-controller-manager is vulnerable to a Server Side Request Forgery SSRF that allows certain authorized users to leak up to bytes of arbitrary information from unprotected endpoints within the master's host network such as link-local or loopback services...

6.3CVSS4.5AI score0.03679EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/12/07 12:0 a.m.•60 views

Improper Input Validation

actionpack/lib/actionview/lookupcontext.rb in Action View in Ruby on Rails allows remote attackers to cause a denial of service memory consumption via a header containing an invalid MIME type that leads to excessive caching...

5CVSS5.9AI score0.207EPSS
Exploits2References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2026/04/23 12:0 a.m.•59 views

melange has Path Traversal via .PKGINFO in --persist-lint-results

melange lint --persist-lint-results opt-in flag, also usable via melange build --persist-lint-results constructs output file paths by joining --out-dir with the arch and pkgname values read from the .PKGINFO control file of the APK being linted. In affected versions these values were not validate...

4.4CVSS5.9AI score0.00172EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2025/07/18 12:0 a.m.•59 views

melange's world-writable permissions expose SBOM files to potential image tampering

It was discovered that the SBOM files generated by melange in apks had file system permissions mode 666: $ apkrane ls https://packages.wolfi.dev/os/x8664/APKINDEX.tar.gz -P hello-wolfi --full --latest | xargs wget -q -O - | tar tzv 2/dev/null var/lib/db/sbom drwxr-xr-x root/root 0 2025-06-23 14:1...

4.4CVSS6.3AI score0.00125EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/11/05 12:0 a.m.•59 views

HAPI FHIR XML External Entity (XXE) vulnerability

An XML External Entity XXE vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities...

9.8CVSS6.7AI score0.01851EPSS
Exploits1References5
GitLab Advisory Database
GitLab Advisory Database
•added 2024/03/06 12:0 a.m.•59 views

CasaOS Username Enumeration

Summary The Casa OS Login page has disclosed the username enumeration vulnerability in the login page. Details It is observed that the attacker can enumerate the CasaOS username using the application response. If the username is incorrect application gives the error "User does not exist", If the...

7.5CVSS6.9AI score0.00758EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/10/10 12:0 a.m.•59 views

HTTP/2 Stream Cancellation Attack

HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RSTSTREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The clie...

7.5CVSS8.2AI score0.99999EPSS
Exploits19References181Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/13 12:0 a.m.•59 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ACS Commons version 4.9.2 and earlier suffers from a Reflected Cross-site Scripting XSS vulnerability in version-compare and page-compare due to invalid JCR characters that are not handled correctly. An attacker could potentially exploit this vulnerability to inject malicious JavaScript content...

6.1CVSS1.8AI score0.03337EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/01/09 12:0 a.m.•59 views

Information Exposure

GSocketClient in GNOME GLib may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxyaddr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest...

5.9CVSS1AI score0.02174EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/01/09 12:0 a.m.•59 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

In Bootstrap, XSS is possible in the affix configuration target property...

6.1CVSS1.9AI score0.03984EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2014/02/20 12:0 a.m.•59 views

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresql/cast.rb in Active Record in Ruby on Rails beta1, when PostgreSQL is used, allows remote attackers to execute "add data" SQL commands via vectors involving \ backslash characters that are not properly handle...

6.8CVSS7.9AI score0.01304EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/10/25 12:0 a.m.•58 views

Autolab Misconfigured Reset Password Permissions

For email-based accounts, users with insufficient privileges could reset and theoretically access privileged users' accounts by resetting their passwords...

8.8CVSS7.1AI score0.00454EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/11/16 12:0 a.m.•58 views

Missing Authorization

An attacker is able to read any file on the server hosting the H2O dashboard without any authentication...

9.3CVSS6.9AI score0.0434EPSS
Exploits1References2
GitLab Advisory Database
GitLab Advisory Database
•added 2023/03/27 12:0 a.m.•58 views

Incorrect Permission Assignment for Critical Resource

Insecure Permissions vulnerability found in OpenGoofy Hippo4j v.1.4.3 allows attacker to obtain sensitive information via the ConfigVerifyController function of the Tenant Management module...

6.5CVSS5.9AI score0.00605EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/17 12:0 a.m.•58 views

Beaker Sensitive Information Disclosure vulnerability

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

4.3CVSS7AI score0.02447EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/25 12:0 a.m.•58 views

Cross-site Scripting

nextjs-auth0 lacks HTML escaping for error messages...

8CVSS0.8AI score0.01403EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/01/09 12:0 a.m.•58 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

In Bootstrap, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041...

6.1CVSS2AI score0.04293EPSS
Exploits2References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/07/23 12:0 a.m.•58 views

Django Cross-Site Request Forgery vulnerability

The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page...

6.8CVSS6.4AI score0.01093EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•58 views

Active Record contains SQL Injection

SQL injection vulnerability in the Active Record component in Ruby on Rails before 2.3.15, 3.0.x before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in...

7.5CVSS7.7AI score0.04458EPSS
Exploits2References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2014/07/07 12:0 a.m.•58 views

SQL Injection Vulnerabilities Affecting PostgreSQL

SQLi vulnerability in activerecord...

7.5CVSS6.3AI score0.04181EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/08/05 12:0 a.m.•57 views

gotortc vulnerable to Cross-Site Request Forgery

gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to Cross-Site Request Forgery. The /api/config endpoint allows one to modify the existing configuration with user-supplied values. While the API is only allowing localhost to interact without authentication, an...

8.8CVSS7.4AI score0.00471EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/03/22 12:0 a.m.•57 views

Cross-Site Request Forgery in Anchor CMS

Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery CSRF via /anchor/admin/users/delete/2...

7.4CVSS7.5AI score0.00251EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/09/09 12:0 a.m.•57 views

hutool Buffer Overflow vulnerability

hutool v5.8.21 was discovered to contain a buffer overflow via the component JSONUtil.parse...

7.5CVSS7.7AI score0.00706EPSS
Exploits1References5
GitLab Advisory Database
GitLab Advisory Database
•added 2023/09/09 12:0 a.m.•57 views

hutool Buffer Overflow vulnerability

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray...

9.8CVSS7.2AI score0.00769EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/07/21 12:0 a.m.•57 views

Improper Access Control

KubePi is an opensource kubernetes management panel. A normal user has permission to create/update users, they can become admin by editing the isadmin value in the request. As a result any user may take administrative control of KubePi. This issue has been addressed in version 1.6.5. Users are...

9.1CVSS6.7AI score0.00615EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/17 12:0 a.m.•57 views

Djiblets Cross-site scripting Vulnerability via JSON Objects

A cross-site scripting XSS vulnerability in util/templatetags/djbletsjs.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django, as used in Review Board, allows remote attackers to inject arbitrary web script or HTML via a JSON object, as demonstrated by the name field when changing a user...

4.3CVSS7.7AI score0.02392EPSS
Exploits1References11Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/03/30 12:0 a.m.•57 views

Server-Side Request Forgery (SSRF)

C1 CMS is an open-source, .NET based Content Management System CMS. Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery SSRF by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also...

7.6CVSS4.2AI score0.00734EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/03/12 12:0 a.m.•57 views

Hard coded credentials in FreeTAKServer

FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges...

8.8CVSS5.5AI score0.01035EPSS
Exploits1References3Affected Software1
Total number of security vulnerabilities1518