Lucene search
K
GitlabMost viewed

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
added 2022/02/15 12:0 a.m.57 views

Authorization bypass in Istio

In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users specify an AuthorizationPolicy resource with DENY actions using wildcard suffixes e.g. -some-suffix for source principals or namespace fields, callers will never be denied access, bypassing the intended policy...

6.8CVSS4.2AI score0.011EPSS
Exploits1References10Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/09 12:0 a.m.57 views

Observable Discrepancy

Fixed in v1.5.1, Argo version v1.5.0 was vulnerable to a user-enumeration vulnerability which allowed attackers to determine the usernames of valid non-SSO accounts because /api/v1/session returned 401 for an existing username and 404 otherwise...

5.3CVSS4.9AI score0.01924EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/05/18 12:0 a.m.57 views

Improper Input Validation

Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthenticated malicious user could forge an HTTP route service request using an invalid nonce that will cause the Gorouter to crash...

8.6CVSS2AI score0.0151EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2019/04/02 12:0 a.m.57 views

Deserialization of Untrusted Data

The Serialize.deserialize method in CoAPthon3 mishandles certain exceptions, leading to a denial of service...

7.5CVSS3.5AI score0.01446EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2017/10/24 12:0 a.m.57 views

SQL Injection in Active Record

SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresqladapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper bitstring quoting...

7.5CVSS7.9AI score0.04278EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/21 12:0 a.m.56 views

Authentication Bypass by Capture-replay

An issue was discovered in IO FinNet tss-lib before 2.0.0. The parameter ssid for defining a session id is not used through the MPC implementation, which makes replaying and spoofing of messages easier. In particular, the Schnorr proof of knowledge implemented in sch.go does not utilize a session...

6.8CVSS6.7AI score0.00523EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/08/01 12:0 a.m.56 views

Improper Certificate Validation

fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode TLSSocket using fs2-io on Node.js, the parameter requestCert = true is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1. fs2-io running on...

9.8CVSS3.2AI score0.00641EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/24 12:0 a.m.56 views

Improper Input Validation

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was found in Argo CD prior to versions 2.3.4, 2.2.9, and 2.1.15 that allows an attacker to spoof error messages on the login screen when single sign on SSO is enabled. In order to exploit this vulnerability,...

4.3CVSS1AI score0.01215EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/03/12 12:0 a.m.56 views

SSRF in repository migration

Server-Side Request Forgery SSRF in GitHub repository gogs/gogs prior to 0.12.5...

5.3CVSS2.2AI score0.03422EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/24 12:0 a.m.56 views

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement...

8.8CVSS3.1AI score0.04123EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/08/30 12:0 a.m.56 views

Incorrect Authorization

Istio is an open source platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. Istio 1.11.0, 1.10.3 and below, and 1.9.7 and below contain a remotely exploitable vulnerability where an HTTP request...

8.1CVSS1AI score0.0109EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/06/29 12:0 a.m.56 views

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Multiple SQL injection vulnerabilities in Gogs aka Go Git Service 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to 1 api/v1/repos/search, which is not properly handled in models/repo.go, or 2 api/v1/users/search, which is...

7.5CVSS8.3AI score0.33391EPSS
Exploits5References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/06/15 12:0 a.m.56 views

go.mongodb.org/mongo-driver improperly validates cstrings when marshalling Go objects into BSON

Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents. This issue affects all MongoDB GO Drivers up to and...

6.8CVSS6.4AI score0.00961EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/05/25 12:0 a.m.56 views

Uncontrolled Search Path Element

git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations most often seen on Windows...

9.8CVSS2.7AI score0.01719EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2018/07/13 12:0 a.m.56 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

In Bootstrap, XSS is possible in the data-target property of scrollspy...

6.1CVSS1.9AI score0.04293EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/08/05 12:0 a.m.55 views

gotortc Cross-site Scripting vulnerability

gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The index page index.html shows the available streams by fetching the API in the client side. Then, it uses Object.entries to iterate over the result whose first item name gets...

6.1CVSS5.7AI score0.00453EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/01/30 12:0 a.m.55 views

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

apollo-client-nextjs is the Apollo Client support for the Next.js App Router. The @apollo/experimental-apollo-client-nextjs NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this vulnerability, an attacker would need to either inject malicious input e.g. by redirecting...

8.2CVSS6.4AI score0.00385EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/11/29 12:0 a.m.55 views

logback serialization vulnerability

A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html...

7.5CVSS7AI score0.009EPSS
Exploits0References11Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/09 12:0 a.m.55 views

Incomplete Internal State Distinction in GRPCWebToHTTP2ServerCodec

Affected gRPC Swift servers are vulnerable to precondition failures when parsing certain gRPC Web requests. This may lead to a denial of service...

7.5CVSS6.6AI score0.02082EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/11/27 12:0 a.m.55 views

Improper Certificate Validation

In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 November 2016...

9.1CVSS2.6AI score0.00415EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/08/18 12:0 a.m.55 views

Relative Path Traversal

Relative Path Traversal in kubevirt.io/kubevirt...

8.7CVSS2.6AI score0.00359EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/13 12:0 a.m.55 views

NULL Pointer Dereference

The html package aka x/net/html before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of , , or . This is related to HTMLTreeBuilder.cpp in WebKit...

7.5CVSS1.2AI score0.02774EPSS
Exploits1References12Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/03/18 12:0 a.m.55 views

Deserialization of Untrusted Data

Apache Dubbo prior to 2.6.9 and 2.7.9 by default supports generic calls to arbitrary methods exposed by provider interfaces. These invocations are handled by the GenericFilter which will find the service and method specified in the first arguments of the invocation and use the Java Reflection API...

9.8CVSS3.4AI score0.04197EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/11/23 12:0 a.m.55 views

Improper Certificate Validation

The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority CA to the root CAs instead of overriding it on macOS systems. Additionally, SNI validation is also not enabled when the CA has been “overridden”. TLS handshakes will thus succeed if the peer...

7.2CVSS1.9AI score0.00611EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Database
added 2021/09/27 12:0 a.m.55 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue data in some situations...

5.4CVSS3.3AI score0.08762EPSS
Exploits2References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2018/10/10 12:0 a.m.55 views

Integer Overflow or Wraparound

In the client in Bytom checkTopicRegister in p/discover/net.go does not prevent negative idx values, leading to a crash...

7.5CVSS3.7AI score0.01449EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2014/05/02 12:0 a.m.55 views

Remote Command Injection

Unsanitized input is passed to the shell. A malicious user can inject shell commands by sending shell meta characters like ';' in some variables...

7.5CVSS6.5AI score0.02188EPSS
Exploits3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/07/29 12:0 a.m.54 views

Admidio Vulnerable to RCE via Arbitrary File Upload in Message Attachment

Description: Remote Code Execution Vulnerability has been identified in the Message module of the Admidio Application, where it is possible to upload a PHP file in the attachment. The uploaded file can be accessed publicly through the URL admidiobaseurl/admmyfiles/messagesattachments/filename. Th...

9CVSS8.4AI score0.01245EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/04/09 12:0 a.m.54 views

Azure Identity Library for .NET Information Disclosure Vulnerability

Azure Identity Library for .NET Information Disclosure Vulnerability...

5.5CVSS7AI score0.00711EPSS
Exploits0References5
GitLab Advisory Database
GitLab Advisory Database
added 2023/09/21 12:0 a.m.54 views

CefSharp affected by heap buffer overflow in WebP

Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...

8.6AI score0.99735EPSS
Exploits9References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/07/16 12:0 a.m.54 views

Unrestricted Upload of File with Dangerous Type

Unrestricted Upload of File with Dangerous Type in GitHub repository admidio/admidio prior to 4.2.10...

7.2CVSS7AI score0.00835EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/09 12:0 a.m.54 views

Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crash

A bug in the Data.initbase32Encoded: function opens up the potential for exposing server memory and/or crashing the server Denial of Service for applications where untrusted data can end up in said function. Vapor does not currently use this function itself so this only impact applications that u...

9.1CVSS6.8AI score0.01199EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/02/17 12:0 a.m.54 views

Uncontrolled Resource Consumption

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests...

7.5CVSS2.2AI score0.04561EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/12/13 12:0 a.m.54 views

hutool-json vulnerable to memory exhaustion

hutool-json v5.8.10 was discovered to contain an out of memory error...

7.5CVSS2.7AI score0.00762EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/03/28 12:0 a.m.54 views

Unrestricted Upload of File with Dangerous Type

Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6...

9.9CVSS2.3AI score0.65237EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/03/11 12:0 a.m.54 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CasaOS before v0.2.7 was discovered to contain a command injection vulnerability via the component leave or join zerotier api...

9.8CVSS3.7AI score0.05967EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/11/23 12:0 a.m.54 views

Improper Certificate Validation

Connections initialized by the AWS IoT Device SDK v2 for Java, Python , C++ and Node.js does not verify server certificate hostname during TLS handshake when overriding Certificate Authorities CA in their trust stores on MacOS. This issue has been addressed in aws-c-io submodule onward. This issu...

8.8CVSS2.1AI score0.00375EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Database
added 2020/10/27 12:0 a.m.54 views

Out-of-bounds Write

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.6CVSS3.4AI score0.5063EPSS
Exploits2References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2019/06/05 12:0 a.m.54 views

Improper Access Control

Istio has Incorrect Access Control...

7.5CVSS3.1AI score0.01175EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2019/02/15 12:0 a.m.54 views

Code Injection

The fromstring function is prone to Server Side Template Injection SSTI where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI...

9.8CVSS4.1AI score0.4478EPSS
Exploits5References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2019/01/09 12:0 a.m.54 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

In Bootstrap, XSS is possible in the tooltip data-viewport attribute...

6.1CVSS1.7AI score0.03835EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2025/01/29 12:0 a.m.53 views

Deep Java Library path traversal issue

Deep Java Library DJL is an open-source, high-level, engine-agnostic Java framework for deep learning. DJL is designed to be easy to get started with and simple to use for Java developers. DJL provides a native Java development experience and functions like any other regular Java library. DJL...

9.8CVSS9.7AI score0.23267EPSS
Exploits0References7
GitLab Advisory Database
GitLab Advisory Database
added 2024/06/04 12:0 a.m.53 views

apko Exposure of HTTP basic auth credentials in log output

Exposure of HTTP basic auth credentials from repository and keyring URLs in log output...

7.5CVSS6.8AI score0.00441EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/09/09 12:0 a.m.53 views

hutool Buffer Overflow vulnerability

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath...

9.8CVSS7.6AI score0.00769EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/07/17 12:0 a.m.53 views

CasaOS Gateway vulnerable to incorrect identification of source IP addresses

Unauthenticated attackers can execute arbitrary commands as root on CasaOS instances...

9.8CVSS9.7AI score0.06363EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/01/14 12:0 a.m.53 views

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be...

7.5CVSS0.7AI score0.01814EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/07/06 12:0 a.m.54 views

Improper Authentication

An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login...

8.8CVSS3.2AI score0.07229EPSS
Exploits4References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/17 12:0 a.m.53 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVE-2012-2395 cobbler: command injection flaw in the power management XML-RPC API...

7.5CVSS4.1AI score0.05555EPSS
Exploits1References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/08/25 12:0 a.m.53 views

Improper Control of Generation of Code ('Code Injection')

@asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream SCSt microservice. arbitrary code injection was possible when an attacker controls the AsyncAPI document. An example is provided in GHSA-xj6r-2jpm-qvxp. There are no mitigations available and all users are advised to upda...

8.7CVSS4.5AI score0.00877EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/06/21 12:0 a.m.53 views

Exposure of Resource to Wrong Sphere

The Jetpack Carousel module of the JetPack WordPress plugin allows users to create a carousel type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhgvcs that allowed the comments of non-published page/posts to...

5.3CVSS3.5AI score0.01494EPSS
Exploits2References1Affected Software1
Total number of security vulnerabilities1518