Lucene search
K
GitlabMost viewed

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2023/01/27 12:0 a.m.•49 views

Improper Neutralization of Equivalent Special Elements

Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5...

8.8CVSS8.4AI score0.07896EPSS
Exploits4References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/10/07 12:0 a.m.•49 views

URL Redirection to Untrusted Site ('Open Redirect')

This affects all versions of package Flask-Security. When using the getpostlogoutredirect and getpostloginredirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\evil.com/path. This vulnerability is only...

6.1CVSS3.4AI score0.00913EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/08/19 12:0 a.m.•49 views

Use of Hard-coded Credentials

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

9.8CVSS5.9AI score0.01109EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/06/10 12:0 a.m.•49 views

Unsafe deserialization in com.alibaba:fastjson

The package com.alibaba:fastjson before 1.2.83 is vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not...

9.8CVSS6.1AI score0.17767EPSS
Exploits5References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/06/02 12:0 a.m.•49 views

OS Command Injection in gogs

Impact The malicious user is able to upload a crafted config file into repository's .git directory with to gain SSH access to the server. All Windows installations with repository upload enabled default are affected. Patches Repository file uploads are prohibited to its .git directory. Users shou...

0.1AI score0.01774EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/04/06 12:0 a.m.•49 views

Improper Link Resolution Before File Access ('Link Following')

An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally...

7.8CVSS5.3AI score0.00432EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/02 12:0 a.m.•49 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Zope is an open-source web application server. Zope versions have a remote code execution security issue...

7.5CVSS6.2AI score0.02277EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/29 12:0 a.m.•49 views

URL Redirection to Untrusted Site ('Open Redirect')

Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\ substring in the user/login redirectto parameter, related to the function isValidRedirect in routes/user/auth.go...

6.1CVSS5.6AI score0.01316EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/12 12:0 a.m.•49 views

Missing Authorization

Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object...

9.8CVSS4AI score0.02436EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/05/21 12:0 a.m.•49 views

Information disclosure issue in Active Resource

There is a possible information disclosure issue in Active Resource v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information...

7.5CVSS7.1AI score0.02224EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/05/05 12:0 a.m.•49 views

URL Redirection to Untrusted Site (Open Redirect)

macaron before has an open redirect in the static handler...

6.1CVSS0.8AI score0.01375EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/03/13 12:0 a.m.•49 views

SQL Injection

In Administrate rubygem, when sorting by attributes on a dashboard, the direction parameter was not validated before being interpolated into the SQL query. This could present a SQL injection if the attacker were able to modify the direction parameter and bypass ActiveRecord SQL protections. Whils...

8.1CVSS3AI score0.009EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2012/06/22 12:0 a.m.•49 views

SQL injection vulnerability in Active Record

Due to the way Active Record handles nested query parameters, an attacker can use a specially crafted request to inject some forms of SQL into your application's SQL queries...

5CVSS4AI score0.04174EPSS
Exploits2References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/01/11 12:0 a.m.•48 views

Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270)

The OrderAndPaginate function is used to order and paginate data. It is defined as follows: go func OrderAndPaginatec gin.Context funcdb gorm.DB gorm.DB return funcdb gorm.DB gorm.DB sort := c.DefaultQuery"order", "desc" order := fmt.Sprintf"%s %s", DefaultQueryc, "sortby", "id", sort db =...

7CVSS6.7AI score0.00584EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/09/09 12:0 a.m.•48 views

hutool Buffer Overflow vulnerability

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath...

9.8CVSS7.2AI score0.00769EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/01/26 12:0 a.m.•48 views

Improper Control of Generation of Code ('Code Injection')

Modelina is a library for generating data models based on inputs such as AsyncAPI, OpenAPI, or JSON Schema documents. Versions prior to 1.0.0 is vulnerable to Code injection. This issue affects anyone who is using the default presets and/or does not handle the functionality themself. This issue h...

9.9CVSS8.8AI score0.01064EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/12/16 12:0 a.m.•48 views

Alist vulnerable to Path Traversal

Alist v3.4.0 is vulnerable to Directory Traversal,...

9.8CVSS3.5AI score0.01175EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/09/07 12:0 a.m.•48 views

x/crypto/ssh vulnerable to panic via SSH server

The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server...

7.5CVSS3.9AI score0.00984EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/13 12:0 a.m.•48 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting XSS vulnerability in the phpCAS client library before 1.1.0, as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled in an error message...

4.3CVSS6AI score0.01813EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/02/22 12:0 a.m.•48 views

Use after free in Animation

The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available. There is currently little other public information on the issue...

8.8CVSS2.5AI score0.23546EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/12/16 12:0 a.m.•48 views

Incorrect Permission Assignment for Critical Resource

When ORT now via atstccfg generates ipallow.config files in Apache Traffic Control 3.0.0 to 3.1.0 and 4.0.0 to 4.1.0, those files include permissions that allow bad actors to push arbitrary content into and remove arbitrary content from CDN cache servers. Additionally, these permissions are...

5.8CVSS3.1AI score0.03928EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/04 12:0 a.m.•48 views

Improper Verification of Cryptographic Signature

bubble fireworks is an open source java package relating to Spring Framework. In bubble fireworks BUILD-SNAPSHOT there is a vulnerability in which the package did not properly verify the signature of JSON Web Tokens. This allows to forgery of valid JWTs...

7.5CVSS2.9AI score0.00595EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/04/27 12:0 a.m.•48 views

Missing Authentication for Critical Function

Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos, the ConfigOpsController lets the user perform management operations like querying the database or even wiping it out. While the /data/remove endpoint is properly protected with the...

8.6CVSS2.3AI score0.64697EPSS
Exploits2References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/10 12:0 a.m.•48 views

NULL Pointer Dereference

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...

7.5CVSS1.4AI score0.03023EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/04/23 12:0 a.m.•48 views

Cross-site Scripting

Anch allows admins to cause XSS via crafted post content...

4.8CVSS3AI score0.00564EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2015/07/26 12:0 a.m.•48 views

XSS Vulnerability in ActiveSupport::JSON.encode

When a Hash containing user-controlled data is encoded as JSON either through Hashtojson or ActiveSupport::JSON.encode, Rails does not perform adequate escaping that matches the guarantee implied by the escapehtmlentitiesinjson option which is enabled by default. If this resulting JSON string is...

4.3CVSS6.8AI score0.0278EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2012/08/10 12:0 a.m.•48 views

Potential XSS Vulnerability in Ruby on Rails

The HTML escaping code in Ruby on Rails does not escape all potentially dangerous characters. In particular the code does not escape the single quote character. The helpers used in Rails itself never use single quotes, so most applications are unlikely to be vulnerable, however all users running ...

4.3CVSS1.6AI score0.02568EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/02 12:0 a.m.•47 views

aimeos/ai-admin-jsonadm improper access control vulnerability allows editors to remove required records

Improper access control allows editors to remove admin group and locale configuration in Aimeos backend...

5.5CVSS6.8AI score0.00481EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/04 12:0 a.m.•47 views

ActionText ContentAttachment can Contain Unsanitized HTML

Instances of ActionText::Attachable::ContentAttachment included within a richtextarea tag could potentially contain unsanitized HTML. This has been assigned the CVE identifier CVE-2024-32464. Versions Affected: = 7.1.0 Not affected: 7.1.0 Fixed Versions: 7.1.3.4 Impact ------ This could lead to a...

6.1CVSS6.5AI score0.00434EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/04/01 12:0 a.m.•47 views

CasaOS Username Enumeration - Bypass of CVE-2024-24766

The Casa OS Login page has disclosed the username enumeration vulnerability in the login page which was patched in CasaOS v0.4.7...

7.5CVSS7.1AI score0.00758EPSS
Exploits2References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/09/09 12:0 a.m.•47 views

hutool Buffer Overflow vulnerability

hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray...

9.8CVSS7.6AI score0.00769EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/02/06 12:0 a.m.•47 views

Insertion of Sensitive Information into Log File

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects v1.19.3, v1.18.10, v1.17.13...

5.5CVSS3.5AI score0.00461EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/12/14 12:0 a.m.•47 views

Helm vulnerable to denial of service through schema file

Fuzz testing, by Ada Logics and sponsored by the CNCF, identified input to functions in the chartutil package that can cause a segmentation violation. Applications that use functions from the chartutil package in the Helm SDK can have a Denial of Service attack when they use this package and it...

7.5CVSS1.8AI score0.00818EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/08/13 12:0 a.m.•47 views

Gitea allowed assignment of private issues

In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea there was no permission check for fetching the issue. As a result, the attacker would get access to private issue title...

6.5CVSS7AI score0.0069EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/08/09 12:0 a.m.•47 views

Insufficient Session Expiration

Insufficient Session Expiration in GitHub repository cockpit-hq/cockpit prior to 2.2.0...

9.8CVSS2AI score0.00975EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/06/21 12:0 a.m.•47 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in github.com/argoproj/argo-cd...

9CVSS2AI score0.00915EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/03/13 12:0 a.m.•47 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Alist v2.1.0 and below was discovered to contain a cross-site scripting XSS vulnerability via /i/:data/ipa.plist...

6.1CVSS2.5AI score0.00705EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/03/12 12:0 a.m.•48 views

Exposure of Sensitive Information to an Unauthorized Actor in FreeTAKServer-UI

FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys...

7.5CVSS2.3AI score0.01073EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/02 12:0 a.m.•47 views

Incorrect Access Control in Nacos

Nacos 1.1.4 is affected by: Incorrect Access Control. An environment can be set up locally to get the service details interface. Then other Nacos service names can be accessed through the service list interface. Service details can then be accessed when not logged in...

5.3CVSS1.6AI score0.0142EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•47 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform thi...

6.5CVSS3.6AI score0.01517EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/10 12:0 a.m.•47 views

Uncontrolled Resource Consumption

JPA Server in HAPI FHIR allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are many...

5.3CVSS4.3AI score0.01587EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/10/19 12:0 a.m.•47 views

Moderate severity vulnerability that affects com.adobe.xmp:xmpcore

XMPCore in Adobe XMP Toolkit for Java before 5.1.3 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

7.5CVSS6.7AI score0.03631EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/12/06 12:0 a.m.•47 views

Incomplete fix to CVE-2013-0155 (Unsafe Query Generation Risk)

Due to the way that Rack::Request and Rails::Request interact, it is possible for a 3rd party or custom rack middleware to parse the parameters insecurely and store them in the same key that Rails uses for its own parameters. In the event that happens the application will receive unsafe parameter...

6.4CVSS3.2AI score0.08245EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/17 12:0 a.m.•46 views

obx Prototype Pollution

almela obx before v.0.0.4 has a Prototype Pollution issue which allows arbitrary code execution via the obx/build/index.js:656, reduce @almela/obx/build/index.js:470, Object.set obx/build/index.js:269 component...

7.6AI score0.00693EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/17 12:0 a.m.•46 views

object-deep-assign Prototype Pollution

alexbinary object-deep-assign 1.0.11 is vulnerable to Prototype Pollution via the extend method of Module.deepAssign /src/index.js...

6.7AI score0.00558EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/02/08 12:0 a.m.•46 views

Uncontrolled Resource Consumption

opentelemetry-go-contrib is a collection of extensions for OpenTelemetry-Go. The v0.38.0 release of go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp uses the httpconv.ServerRequest function to annotate metric measurements for the http.server.requestcontentlength,...

7.5CVSS7.2AI score0.00973EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/01/23 12:0 a.m.•46 views

MITM based Zip Slip in `ca.uhn.hapi.fhir:org.hl7.fhir.core`

MITM can enable Zip-Slip...

8.1CVSS7.6AI score0.01166EPSS
Exploits1References6
GitLab Advisory Database
GitLab Advisory Database
•added 2023/01/14 12:0 a.m.•46 views

golang.org/x/net/http2/h2c vulnerable to request smuggling attack

A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be...

7.5CVSS0.9AI score0.01814EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/12/27 12:0 a.m.•46 views

Uncontrolled Resource Consumption

Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...

5.5CVSS3.5AI score0.00415EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/12/14 12:0 a.m.•46 views

Helm vulnerable to denial of service through through repository index file

Fuzz testing, by Ada Logics and sponsored by the CNCF, identified input to functions in the repo package that can cause a segmentation violation. Applications that use functions from the repo package in the Helm SDK can have a Denial of Service attack when they use this package and it panics...

7.5CVSS0.7AI score0.00818EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities1518