Lucene search
K
GitlabMost viewed

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2022/09/01 12:0 a.m.•46 views

Pinniped Supervisor Insufficient Session Expiration vulnerability

An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor before v0.19.0. A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially use their access token to continue their session beyond what proper use of their refresh token might allow...

5.4CVSS3.2AI score0.00381EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/07/13 12:0 a.m.•46 views

aws-iam-authenticator allow-listed IAM identity may be able to modify their username, escalate privileges before v0.5.9

A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges...

8.8CVSS3.4AI score0.0097EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/07/13 12:0 a.m.•46 views

Incorrect Authorization

All unpatched versions of Argo CD starting with v1.0.0 is vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level...

9CVSS6.3AI score0.01237EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/07/06 12:0 a.m.•46 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The leafInfo.match function in Beego v2.0.3 and below uses path.join to deal with wildcardvalues which can lead to cross directory risk...

9.8CVSS3AI score0.01503EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/24 12:0 a.m.•46 views

Use of Insufficiently Random Values

An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the...

5.9CVSS2.2AI score0.03465EPSS
Exploits0References15Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/02/10 12:0 a.m.•46 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The hyperlinks functionality in atlaskit/editor-core in allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in link targets...

5.4CVSS4.7AI score0.01126EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/10/12 12:0 a.m.•46 views

Improper Input Validation

An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address...

4.3CVSS3AI score0.02734EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/02 12:0 a.m.•46 views

Incorrect Permission Assignment for Critical Resource

The File Session Manager in Beego 1.10.0 allows local users to read session files because there is a race condition involving file creation within a directory with weak permissions...

4.7CVSS3AI score0.00199EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/16 12:0 a.m.•46 views

Uncontrolled Resource Consumption

JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are...

5.3CVSS4.3AI score0.01587EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•46 views

Use of Multiple Resources with Duplicate Identifier

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker...

4CVSS2.3AI score0.00883EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•46 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the alias field on a Chart.yaml is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review th...

4CVSS2.4AI score0.01029EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/18 12:0 a.m.•46 views

Improper Input Validation

Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthenticated malicious user could forge an HTTP route service request using an invalid nonce that will cause the Gorouter to crash...

8.6CVSS2AI score0.0151EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/05/12 12:0 a.m.•46 views

Path Traversal

There is a vulnerability in actionpackpage-caching that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can write unescaped ERB to a view...

9.8CVSS6.7AI score0.0525EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•46 views

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument...

7.5CVSS6.3AI score0.02173EPSS
Exploits1References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2016/09/07 12:0 a.m.•46 views

Unsafe Query Generation Risk

There is a vulnerability when Active Record is used in conjunction with JSON parameter parsing. This vulnerability is similar to CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155...

7.5CVSS3.9AI score0.03903EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/01/13 12:0 a.m.•46 views

Multiple vulnerabilities in parameter parsing in Action Pack

There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application...

7.5CVSS6AI score0.99449EPSS
Exploits21References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/17 12:0 a.m.•45 views

@akbr/update Prototype Pollution

akbr update 1.0.0 is vulnerable to Prototype Pollution via update/index.js...

5.9CVSS6.7AI score0.002EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/08/28 12:0 a.m.•45 views

Untrusted Search Path

GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the git command, if a user runs GitPython from a repo has a git.exe or git...

7.8CVSS6.7AI score0.00465EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/01/18 12:0 a.m.•45 views

Duplicate of ./gem/activesupport/CVE-2023-22796.yml

There is a possible regular expression based DoS vulnerability in Active Support. A specially crafted string passed to the underscore method can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory,...

7.5CVSS7.4AI score0.01712EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/01/10 12:0 a.m.•45 views

Session Fixation

KubePi is a modern Kubernetes panel. A session fixation attack allows an attacker to hijack a legitimate user session, versions 1.6.3 and below are susceptible. A patch will be released in version 1.6.4...

7.5CVSS6.6AI score0.00403EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/11/01 12:0 a.m.•45 views

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

A vulnerability, which was classified as critical, was found in IBAX go-ibax. This affects an unknown part of the file /api/v2/open/rowsInfo. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

8.8CVSS3.1AI score0.30082EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/30 12:0 a.m.•45 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site Scripting XSS - Stored in GitHub repository go-gitea/gitea prior to 1.16.9...

5.4CVSS1.3AI score0.00751EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/24 12:0 a.m.•45 views

Insertion of Sensitive Information into Log File

The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components such as kube-apiserver prior to v1.16.0, which make use of basic or bearer token authentication, and run ...

6.5CVSS2.7AI score0.01766EPSS
Exploits0References10Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/01/06 12:0 a.m.•45 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ajax.NET Professional AjaxPro is an AJAX framework available for Microsoft ASP.NET. Affected versions of this package are vulnerable to JavaScript object injection which may result in cross site scripting when leveraged by a malicious user. The affected core relates to JavaScript object creation...

8.7CVSS2.1AI score0.00824EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/11/23 12:0 a.m.•45 views

Improper Certificate Validation

Connections initialized by the AWS IoT Device SDK v2 for Java, Python , C++ and Node.js does not verify server certificate hostname during TLS handshake when overriding Certificate Authorities CA in their trust stores on Windows. This issue has been addressed in aws-c-io submodule onward. This...

8.8CVSS2.8AI score0.00398EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/01 12:0 a.m.•45 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0...

7.5CVSS4.9AI score0.04441EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/03/19 12:0 a.m.•45 views

XML Parsing Vulnerability affecting JRuby users

There is a vulnerability in the JDOM backend to ActiveSupport's XML parser. you should upgrade or use one of the work arounds immediately...

5.8CVSS4.5AI score0.02054EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2023/07/05 12:0 a.m.•44 views

URL Redirection to Untrusted Site ('Open Redirect')

Open Redirect in GitHub repository go-gitea/gitea prior to 1.19.4...

4.4CVSS7AI score0.00485EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/12/28 12:0 a.m.•44 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Due to improper path santization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

9.1CVSS4AI score0.01188EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/09/06 12:0 a.m.•44 views

Improper Input Validation

A segmentation fault SEGV flaw was found in the Fribidi package and affects the fribidiremovebidimarks function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service...

5.5CVSS4.2AI score0.00454EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/09/01 12:0 a.m.•44 views

Duplicate

This advisory duplicates another...

7.5CVSS7.2AI score0.00988EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/05/24 12:0 a.m.•44 views

Uncontrolled Recursion

net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service panic via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations...

5.9CVSS5.6AI score0.03692EPSS
Exploits0References10Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/04/12 12:0 a.m.•44 views

Improper Authentication

etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 is vulnerable to an improper authentication issue when role-based access control RBAC is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name CN which matches a valid RBAC username, a remote...

8.1CVSS4.7AI score0.04031EPSS
Exploits0References14Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/04/06 12:0 a.m.•44 views

Improper Link Resolution Before File Access ('Link Following')

An issue was discovered in file profile.go in function MemProf in beego through 2.0.2, allows attackers to launch symlink attacks locally...

7.8CVSS5.4AI score0.00432EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/04/05 12:0 a.m.•44 views

Access control bypass

An issue was discovered in the route lookup process in beego through 2.0.1, allows attackers to bypass access control...

9.8CVSS5.2AI score0.0121EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/03/12 12:0 a.m.•44 views

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

FreeTAKServer-UI v1.9.8 was discovered to contain a SQL injection vulnerability via the API endpoint /AuthenticateUser...

6.5CVSS4.1AI score0.00855EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2022/02/07 12:0 a.m.•44 views

Server-Side Request Forgery (SSRF)

In Apache Traffic Control Traffic Ops, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach...

7.5CVSS1.2AI score0.01978EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/10/05 12:0 a.m.•44 views

Cobbler before 3.3.0 allows log poisoning

Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection...

9.8CVSS9.7AI score0.88482EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•44 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the alias field on a Chart.yaml is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review th...

4CVSS2.4AI score0.01029EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/01/21 12:0 a.m.•44 views

Incorrect Authorization

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status which is considered a privileged operation and should not...

6.3CVSS4.9AI score0.09274EPSS
Exploits3References1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/05/31 12:0 a.m.•44 views

Improper Certificate Validation

An issue was discovered in Hybrid Group Gobot. The mqtt subsystem skips verification of root CA certificates by default...

7.5CVSS1.6AI score0.0071EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/04/11 12:0 a.m.•44 views

Generation of Error Message Containing Sensitive Information

Auth0 Auth0-WCF-Service-JWT leaks the expected JWT signature in an error message when it cannot successfully validate the JWT signature. If this error message is presented to an attacker, they can forge an arbitrary JWT token that will be accepted by the vulnerable application...

9.8CVSS2.2AI score0.01657EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2018/07/12 12:0 a.m.•44 views

Eve allows execution of arbitrary code

io/mongo/parser.py in Eve aka pyeve before 0.7.5 allows remote attackers to execute arbitrary code via Code Injection in the where parameter...

9.8CVSS9.9AI score0.05651EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•44 views

Improper Input Validation

The tos method in actionpack/lib/actiondispatch/middleware/remoteip.rb in Ruby on Rails 3.0.5 does not validate the X-Forwarded-For header in requests from IP addresses on a Class C network, which might allow remote attackers to inject arbitrary text into log files or bypass intended address...

4.3CVSS4.5AI score0.06661EPSS
Exploits1References11Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2017/10/24 12:0 a.m.•44 views

actionpack Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/sanitizehelper.rb in the striptags helper in Ruby on Rails before 2.3.16, 3.0.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML...

4.3CVSS5.2AI score0.01977EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/02/12 12:0 a.m.•44 views

Circumvention of attr_protected

The attrprotected method allows developers to exclude model attributes which users should not be allowed to assign to. By using a specially crafted request, attackers could circumvent this protection and alter values that were meant to be protected...

4.3CVSS5.9AI score0.0246EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2013/01/30 12:0 a.m.•44 views

Vulnerability in JSON Parser in Ruby on Rails 3.0 and 2.3

There is a vulnerability in the JSON code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application...

7.5CVSS6AI score0.98582EPSS
Exploits7References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2012/06/22 12:0 a.m.•44 views

SQL Injection

Ruby on Rails contains a flaw related to the way ActiveRecord handles parameters in conjunction with the way Rack parses query parameters. This issue may allow an attacker to inject arbitrary IS NULL clauses in to application SQL queries. This may also allow an attacker to have the SQL query chec...

6.4CVSS4.5AI score0.046EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/11/05 12:0 a.m.•43 views

HAPI FHIR XML External Entity (XXE) vulnerability

An XML External Entity XXE vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities...

9.8CVSS6.7AI score0.01851EPSS
Exploits1References5
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/18 12:0 a.m.•43 views

1Panel has an SQL injection issue related to the orderBy clause

There are many sql injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The proof is as follows...

9.8CVSS6.9AI score0.29396EPSS
Exploits1References5Affected Software1
Total number of security vulnerabilities1518