Lucene search
K
GitlabMost viewed

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
added 2021/05/18 12:0 a.m.53 views

Loop with Unreachable Exit Condition ('Infinite Loop')

The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to...

7.5CVSS2.9AI score0.01855EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/01/29 12:0 a.m.52 views

Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature

The Import Certificate feature allows arbitrary write into the system. The feature does not check if the provided user input is a certification/key and allows to write into arbitrary paths in the system...

9.8CVSS7.3AI score0.00699EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/11/29 12:0 a.m.52 views

logback serialization vulnerability

A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html...

7.5CVSS7AI score0.009EPSS
Exploits0References11Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/09 12:0 a.m.52 views

Vapor's Metrics integration could cause a system drain

This is a DoS attack against anyone who Bootstraps a metrics backend for their Vapor app with the following attack vector: 1. send unlimited requests against a vapor instance with different paths. this will create “unlimited” counters and timers, which will eventually drain the system. 2...

5.3CVSS6.8AI score0.01625EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/03/16 12:0 a.m.52 views

Exposure of Sensitive Information in OpenGoofy Hippo4j

Insecure Permissions vulnerability found in OpenGoofy Hippo4j v.1.4.3 allows attacker toescalate privileges via the AddUser method of the UserController function in Tenant Management module...

6.5CVSS6.3AI score0.00564EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/09/09 12:0 a.m.52 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site Scripting XSS - Stored in GitHub repository appwrite/appwrite prior to 1.0.0-RC1...

9CVSS1.3AI score0.00688EPSS
Exploits2References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/17 12:0 a.m.52 views

Cross-Site Request Forgery (CSRF)

admidio 3.2.8 has CSRF in admprogram/modules/members/membersfunction.php with an impact of deleting arbitrary user accounts...

4.5CVSS7.1AI score0.02626EPSS
Exploits5References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/22 12:0 a.m.52 views

Use after free in Animation

The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available. There is currently little...

8.8CVSS2AI score0.23546EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/08 12:0 a.m.53 views

Incorrect Authorization

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status which is considered a privileged operation and should not...

6.3CVSS4.9AI score0.09274EPSS
Exploits3References11Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/05/27 12:0 a.m.52 views

Exposure of Sensitive Information to an Unauthorized Actor

Their is an information disclosure vulnerability in Helm from version 3.1.0 and before version 3.2.0. lookup is a Helm template function introduced in Helm v3. It is able to lookup resources in the cluster to check for the existence of specific resources and get details about them. This can be us...

8.5CVSS0.4AI score0.0126EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/05/18 12:0 a.m.52 views

Improper Preservation of Permissions

In Gogs 0.11.91, MakeEmailPrimary in models/usermail.go lacks a "not the owner of the email" check...

6.5CVSS3.4AI score0.0093EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/04/21 12:0 a.m.52 views

NULL Pointer Dereference

A NULL pointer dereference was discovered in cpp-peglib's peg::AstOptimizer::optimize located in peglib.h. It allows an attacker to cause a Denial of Service...

5.5CVSS3.8AI score0.00869EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2020/09/16 12:0 a.m.52 views

Improper Input Validation

xmlquery lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service SIGSEGV at xmlquery.Node.InnerText or possibly have unspecified other impact...

9.8CVSS6.4AI score0.01936EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/29 12:0 a.m.51 views

CC-Tweaked has an SSRF Protection Bypass with NAT64

CC-Tweaked's HTTP API http.request, http.websocket blocks requests to private network ranges to prevent server-side request forgery SSRF. This protection can be bypassed on IPv6-capable servers using NAT64 well-known prefix addresses 64:ff9b::/96. An attacker who can execute Lua code can reach an...

5.9AI score0.00054EPSS
Exploits0References3
GitLab Advisory Database
GitLab Advisory Database
added 2025/03/20 12:0 a.m.51 views

H2O Vulnerable to Denial of Service (DoS) via `HEAD` Request

A vulnerability in the typeahead endpoint of h2oai/h2o-3 version 3.46.0 allows for a denial of service. The endpoint performs a HEAD request to verify the existence of a specified resource without setting a timeout. An attacker can exploit this by sending multiple requests to an attacker-controll...

7.5CVSS6.8AI score0.00446EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/10/16 12:0 a.m.51 views

Admidio Vulnerable to HTML Injection In The Messages Section

An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server...

4.3CVSS7.9AI score0.00469EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/06/17 12:0 a.m.51 views

DeepJavaLibrary API absolute path traversal

DeepJavaLibraryDJL versions 0.1.0 through 0.27.0 do not prevent absolute path archived artifacts from inserting archived files directly into the system, overwriting system files. This is fixed in DJL 0.28.0 and patched in DJL Large Model Inference containers 0.27.0. Impacted versions: 0.1.0 throu...

10CVSS6.6AI score0.00655EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/06/13 12:0 a.m.51 views

AdGuardHome privilege escalation vulnerability

An issue in AdGuardHome v0.93 to latest allows unprivileged attackers to escalate privileges via overwriting the AdGuardHome binary...

8.8CVSS6.9AI score0.00209EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/02/06 12:0 a.m.51 views

Exposure of Sensitive Information in EVE-SRP

A vulnerability was found in paxswill EVE Ship Replacement Program 0.12.11. It has been rated as problematic. This issue affects some unknown processing of the file src/evesrp/views/api.py of the component User Information Handler. The manipulation leads to information disclosure. The attack may ...

4.3CVSS1.1AI score0.00666EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/12/25 12:0 a.m.51 views

Memory Allocation with Excessive Size Value

A vulnerability was found in docconv up to 1.2.0 and classified as problematic. This issue affects the function ConvertDocx/ConvertODT/ConvertPages/ConvertXML/XMLToText. The manipulation leads to uncontrolled memory allocation. The attack may be initiated remotely. Upgrading to version 1.2.1 is...

6.5CVSS4.2AI score0.00763EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/07/05 12:0 a.m.51 views

Improper Authentication

An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login...

8.8CVSS3.2AI score0.07229EPSS
Exploits4References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/11 12:0 a.m.51 views

Improper Privilege Management

API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover...

9CVSS3AI score0.01115EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/03/12 12:0 a.m.51 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

A Cross Site Scripting XSS vulnerability exists in Nacos 2.0.3 in auth/users via the 1 pageSize and 2 pageNo parameters...

6.1CVSS3.2AI score0.00818EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/01 12:0 a.m.51 views

Out-of-bounds Write

Open Asset Import Library aka assimp has a heap-based buffer overflow in m3dsafestr called from m3dload and Assimp::M3DWrapper::M3DWrapper...

5.5CVSS3.3AI score0.00942EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/20 12:0 a.m.51 views

Improper Authentication

Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngxhttpauthrequestmodule with Authelia, it allows a malicious individual who crafts a malformed HTTP request to bypass the authentication mechanism. It additionally could theoretically affect...

10CVSS1.4AI score0.01868EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/05/18 12:0 a.m.51 views

Improper Authentication

Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that user without that user's correct...

9.8CVSS4.7AI score0.03455EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2020/09/10 12:0 a.m.51 views

Improper Input Validation

apollo-adminservice does not implement access controls. If users expose apollo-adminservice to internetwhich is not recommended, there are potential security issues since apollo-adminservice is designed to work in intranet and it does not have access control built-in. Malicious hackers may access...

7CVSS4.1AI score0.01315EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2019/06/07 12:0 a.m.51 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cookies and other sensitive information from ca/uhn/fhir/to/BaseController.java via a specially crafte...

6.1CVSS2.4AI score0.01268EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2017/10/24 12:0 a.m.51 views

activerecord vulnerable to SQL Injection

The Active Record component in Ruby on Rails efore 2.3.15, 3.0.x before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via...

7.5CVSS7.1AI score0.02924EPSS
Exploits2References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/04/18 12:0 a.m.50 views

1Panel's password verification is suspected to have a timing attack vulnerability

源码中密码校验处使用 != 符号,而不是hmac.Equal,这可能导致产生计时攻击漏洞,从而爆破密码。 建议使用 hmac.Equal 比对密码。 Translation: The source code uses the != symbol instead of hmac.Equal for password verification, which may lead to timing attack vulnerabilities that can lead to password cracking. It is recommended to use hmac. Equal to...

5.9CVSS5.4AI score0.0038EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/09 12:0 a.m.50 views

Arbitrary file read using percent-encoded relative paths in FileMiddleware

Attackers can access data at arbitrary filesystem paths on the same host as an application using FileMiddleware...

8.5CVSS6.9AI score0.0153EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/01 12:0 a.m.50 views

Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header

When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by a proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client's session cookie to other clients. The severity depends on the...

7.5CVSS7.5AI score0.01261EPSS
Exploits1References12Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/03/08 12:0 a.m.50 views

Use of Hard-coded Credentials

Use of Hard-coded Credentials in GitHub repository alextselegidis/easyappointments prior to 1.5.0...

9.8CVSS9AI score0.00743EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/02/07 12:0 a.m.50 views

Go SSH library vulnerable to Man-in-the-Middle attacks

The Go SSH library x/crypto/ssh by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism...

8.1CVSS4AI score0.03156EPSS
Exploits0References12Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/12/28 12:0 a.m.50 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Improper path santiziation in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote attackers to read files outside of the intended directory...

7.5CVSS5.6AI score0.0141EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/12/21 12:0 a.m.50 views

Improper Restriction of Security Token Assignment

aad-pod-identity assigns Azure Active Directory identities to Kubernetes applications and has now been deprecated as of 24 October 2022. The NMI component in AAD Pod Identity intercepts and validates token requests based on regex. In this case, a token request made with backslash in the request...

5.3CVSS2.9AI score0.00709EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/12/06 12:0 a.m.50 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

All versions of package gitpython is vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git...

9.8CVSS3.8AI score0.05378EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/06/21 12:0 a.m.50 views

DoS through large manifest files in Argo CD

Impact All versions of Argo CD starting with v0.7.0 is vulnerable to an uncontrolled memory consumption bug, allowing an authorized malicious user to crash the repo-server service. The repo-server is a critical component of Argo CD, so crashing the repo-server effectively denies core Argo CD...

6.5CVSS0.1AI score0.00836EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/17 12:0 a.m.50 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The web interface CobblerWeb in Cobbler before 1.2.9 allows remote authenticated users to execute arbitrary Python code in cobblerd by editing a Cheetah kickstart template to import arbitrary Python modules...

9CVSS7.2AI score0.02145EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/03/16 12:0 a.m.50 views

Path Traversal in Gitea

The avatar middleware in Gitea before 1.13.6 allows Directory Traversal via a crafted URL...

5.3CVSS4.6AI score0.01367EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/08/09 12:0 a.m.50 views

Improper Input Validation

In Argo Workflows through 3.1.3, if EXPRESSIONTEMPLATES is enabled and untrusted users are allowed to specify input parameters when running workflows, an attacker may be able to disrupt a workflow because expression template output is evaluated...

6.5CVSS4.9AI score0.00963EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/06/07 12:0 a.m.50 views

Deserialization of Untrusted Data

QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components...

9.8CVSS5AI score0.07501EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/05/18 12:0 a.m.50 views

Insertion of Sensitive Information into Log File

The Elastic APM agent for Go versions before 1.11.0 can leak sensitive HTTP header information when logging the details during an application panic. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application panic it...

2.7CVSS0.4AI score0.00521EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2020/09/11 12:0 a.m.50 views

Cross-site Scripting

In Action View there is a potential Cross-Site Scripting XSS vulnerability in Action View's translation helpers. Views that allow the user to control the default not found value of the t and translate helpers could be susceptible to XSS attacks. When an HTML-unsafe string is passed as the default...

6.1CVSS2.7AI score0.02372EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2019/02/20 12:0 a.m.50 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

In Bootstrap, XSS is possible in the tooltip or popover data-template attribute...

6.1CVSS1.6AI score0.1686EPSS
Exploits2References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2018/11/30 12:0 a.m.50 views

Exposure of Sensitive Information to an Unauthorized Actor

A bypass vulnerability in Active Storage for Google Cloud Storage and Disk services allow an attacker to modify the content-disposition and content-type parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as cookie...

6.5CVSS1.9AI score0.01311EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2018/11/13 12:0 a.m.50 views

Information Exposure

PHP-Proxy allows remote attackers to read local files if the default pre-installed version intended for users who lack shell access to their web server is used. This occurs because the appkey value from the default config.php is in place, and this value can be easily used to calculate the...

7.5CVSS4.3AI score0.21951EPSS
Exploits5References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2017/10/24 12:0 a.m.50 views

Action Pack contains database-query restrictions bypass

actionpack/lib/actiondispatch/http/request.rb in Ruby on Rails before 2.3.16, 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to...

6.4CVSS7.4AI score0.046EPSS
Exploits1References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2016/07/18 12:0 a.m.50 views

HTTP Proxy header vulnerability

httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. See provided link...

8.1CVSS0.6AI score0.50427EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/10 12:0 a.m.49 views

PostgresNIO processes unencrypted bytes from man-in-the-middle

Any user of PostgresNIO connecting to servers with TLS enabled is vulnerable to a man-in-the-middle attacker injecting false responses to the client's first few queries, despite the use of TLS certificate verification and encryption. The remaining text in this section is quoted verbatim from...

8.1CVSS7AI score0.01901EPSS
Exploits0References11Affected Software1
Total number of security vulnerabilities1518