1518 matches found
hutool-core was discovered to contain a stack overflow via NumberUtil.toBigDecimal method
The NumberUtil.toBigDecimal method in hutool-core v5.8.23 was discovered to contain a stack overflow...
Open redirect vulnerability in Flask-Security-Too
An open redirect vulnerability in the python package Flask-Security-Too =2.1.0 the autocorrectlocationheader configuration was changed to False - which means that location headers in redirects are relative by default. Thus, this issue may impact applications that were previously not impacted, if...
ActiveAdmin vulnerable to CSV injection
csvbuilder.rb in ActiveAdmin aka Active Admin before 3.2.0 allows CSV injection...
NULL Pointer Dereference
cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSONInsertItemInArray at cJSON.c...
NULL Pointer Dereference
cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSONSetValuestring at cJSON.c...
@adobe/css-tools Improper Input Validation and Inefficient Regular Expression Complexity
Impact @adobe/css-tools version 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS. Patches The issue has been resolved in 4.3.2. Workarounds None References N/A...
pubnub Insufficient Entropy vulnerability
Versions of the package pubnub before 7.4.0; all versions of the package com.pubnub:pubnub; versions of the package pubnub before 6.19.0; all versions of the package github.com/pubnub/go; versions of the package github.com/pubnub/go/v7 before 7.2.0; versions of the package pubnub before 7.3.0;...
pubnub Insufficient Entropy vulnerability
Versions of the package pubnub before 7.4.0; all versions of the package com.pubnub:pubnub; versions of the package pubnub before 6.19.0; all versions of the package github.com/pubnub/go; versions of the package github.com/pubnub/go/v7 before 7.2.0; versions of the package pubnub before 7.3.0;...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Ajax.NET Professional AjaxPro is an AJAX framework for Microsoft ASP.NET which will create proxy JavaScript classes that are used on client-side to invoke methods on the web server. Affected versions of this package is vulnerable cross site scripting attacks. Releases before version 21.12.22.1 ar...
Logback is vulnerable to an attacker mounting a Denial-Of-Service attack by sending poisoned data
A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...
Exposure of Sensitive Information to an Unauthorized Actor
Forgejo before 1.20.5-1 allows remote attackers to test for the existence of private user accounts by appending .rss or another extension to a URL...
Incorrect Authorization
Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication...
Incorrect Permission Assignment for Critical Resource
In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a repository for which permissions are being checked. This allows remote attackers to read private issues, read private pull requests, delete issues, and perform other unauthorized actions...
logback serialization vulnerability
A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html...
logback serialization vulnerability
A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Admidio v4.2.12 and below is vulnerable to Cross Site Scripting XSS...
Out-of-bounds Write
Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c...
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious plugin to an application running the APM Java agent. By using this vulnerability, an attacker could execute code at a potentially higher level of permissions than their user...
@adobe/css-tools Regular Expression Denial of Service (ReDOS) while Parsing CSS
Impact @adobe/css-tools version 4.3.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS. Patches The issue has been resolved in 4.3.1. Workarounds None References N/A...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
H2O is vulnerable to stored XSS vulnerability which can lead to a Local File Include attack...
Improper Control of Generation of Code ('Code Injection')
An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature...
S3 Bucket can lead to spread of malicious R package
H2O included a reference to an S3 bucket that no longer existed allowing an attacker to take over the S3 bucket URL...
Missing Authorization
An attacker is able to read any file on the server hosting the H2O dashboard without any authentication...
otelgrpc DoS vulnerability due to unbound cardinality metrics
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the server's potential memory exhaustio...
SaToken authentication bypass vulnerability
An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...
SaToken privilege escalation vulnerability
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...
Bunkum tokens cached in the AuthenticationService are susceptible to a use-after-free
Bunkum is an open-source protocol-agnostic request server for custom game servers. First, a little bit of background. So, in the beginning, Bunkum's AuthenticationService only supported injecting IUsers. However, as Refresh and SoundShapesServer implemented permissions systems support for injecti...
Allocation of Resources Without Limits or Throttling
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels http.useragent and http.method that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP...
Allocation of Resources Without Limits or Throttling
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels http.useragent and http.method that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP...
Allocation of Resources Without Limits or Throttling
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels http.useragent and http.method that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP...
Allocation of Resources Without Limits or Throttling
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels http.useragent and http.method that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP...
Allocation of Resources Without Limits or Throttling
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels http.useragent and http.method that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP...
Allocation of Resources Without Limits or Throttling
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels http.useragent and http.method that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP...
Allocation of Resources Without Limits or Throttling
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels http.useragent and http.method that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP...
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Azure Identity SDK Remote Code Execution Vulnerability...
HTTP/2 Stream Cancellation Attack
HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RSTSTREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The clie...
Improper Neutralization
Improper Neutralization in CefSharp.Common...
gnark-crypto's exponentiation in the pairing target group GT using GLV can give incorrect results
Impact When the exponent is bigger than r, the group order of the pairing target group GT, the exponentiation à la GLV ExpGLV can sometimes give incorrect results compared to normal exponentiation Exp. The issue impacts all users using ExpGLV for exponentiations in GT. This does not impact Exp an...
Improper Neutralization
Improper Neutralization in CefSharp.Common.NETCore...
Vapor's incorrect request error handling triggers server crash
Vapor incorrectly handles errors encountered during parsing of HTTP 1.x requests, triggering a precondition failure in swift-nio due to API misuse and causing immediate termination of the server process...
Deserialization of Untrusted Data
When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. Users should update to apache-avro...
Duplicate Advisory: Consensys gnark-crypto allows Signature Malleability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-fr8m-434r-g3xp. This link is maintained to preserve external references. Original Description Consensys gnark-crypto through 0.11.2 allows Signature Malleability. This occurs because deserialisation of EdDSA and...
AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure
In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails...
CefSharp affected by heap buffer overflow in WebP
Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...
CefSharp affected by heap buffer overflow in WebP
Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...
Missing Release of Memory after Effective Lifetime
An issue in cimg.eu Cimg Library v2.9.3 allows an attacker to obtain sensitive information via a crafted JPEG file...
Server-Side Request Forgery (SSRF)
GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. A SSRF vulnerability exists starting in version 3.2.0, bypassing existing controls on the software. This can allow a user to request internal services for a full read SSRF, returni...
hutool Buffer Overflow vulnerability
hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath...
hutool Buffer Overflow vulnerability
hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath...
hutool Buffer Overflow vulnerability
hutool v5.8.21 was discovered to contain a buffer overflow via the component JSONUtil.parse...