1518 matches found
Use of Externally-Controlled Format String
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape...
CoAPthon DoS due to Exceptions
The Serialize.deserialize method in CoAPthon 3.1, 4.0.0, 4.0.1, and 4.0.2 mishandles certain exceptions, leading to a denial of service in applications that use this library e.g., the standard CoAP server, CoAP client, CoAP reverse proxy, example collect CoAP server and client when they receive...
Sandbox Escape
In Pallets Jinja, str.formatmap allows a sandbox escape...
Deserialization of Untrusted Data
The Serialize.deserialize method in CoAPthon3 mishandles certain exceptions, leading to a denial of service...
Improper Link Resolution Before File Access
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user?s machine. If the tar binary in the container is malicious, it could r...
Allocation of Resources Without Limits or Throttling
There is a possible denial of service vulnerability in Action View Rails where specially crafted accept headers can cause action view to consume % cpu and make the server unresponsive...
Path Traversal in Action View
File Content Disclosure in Action View Impact ------ There is a possible file content disclosure vulnerability in Action View. Specially crafted accept headers in combination with calls to render file: can cause arbitrary files on the target server to be rendered, disclosing the file contents. Th...
Deserialization of Untrusted Data
DISPUTED SOFA-Hessian through 4.0.2 allows remote attackers to execute arbitrary commands via a crafted serialized Hessian object because denylisting of com.caucho.naming.QName and com.sun.org.apache.xpath.internal.objects.XString is mishandled, related to Resin Gadget. NOTE: The vendor doesn’t...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the tooltip or popover data-template attribute...
Code Injection
The fromstring function is prone to Server Side Template Injection SSTI where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI...
Improper Access Control
API Platform contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the affix configuration target property...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the tooltip data-viewport attribute...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041...
XML External Entity Reference in c3p0:c3p0
c3p0 allows XXE during initialization...
Inadequate Encryption Strength
The strrotpass function in PHP-Proxy uses weak cryptography, which makes it easier for attackers to calculate the authorization data needed for local file inclusion...
Cross-site Scripting
PHP-Proxy has Cross-Site Scripting XSS via the URL field in index.php...
Exposure of Sensitive Information to an Unauthorized Actor
A bypass vulnerability in Active Storage for Google Cloud Storage and Disk services allow an attacker to modify the content-disposition and content-type parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as cookie...
Deserialization of Untrusted Data
A Broken Access Control vulnerability in Active Job...
Improper Authentication
In PHP Proxy, any user can read files from the server without authentication...
Information Exposure
PHP-Proxy allows remote attackers to read local files if the default pre-installed version intended for users who lack shell access to their web server is used. This occurs because the appkey value from the default config.php is in place, and this value can be easily used to calculate the...
Improper Input Validation
Fastjson allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi:// URI in the dataSourceName field of HTTP POST data to the Pippo /json URI, which is mishandled in AjaxApplication.java...
Moderate severity vulnerability that affects com.adobe.xmp:xmpcore
XMPCore in Adobe XMP Toolkit for Java before 5.1.3 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting XSS attack in the default servlet/services...
Integer Overflow or Wraparound
In the client in Bytom checkTopicRegister in p/discover/net.go does not prevent negative idx values, leading to a crash...
Improper Handling of Case Sensitivity
Improper Handling of Case Sensitivity in easyadmin-extension-bundle...
Improper Handling of Case Sensitivity
Improper Handling of Case Sensitivity in easyadmin-extension-bundle...
Flask is vulnerable to Denial of Service via incorrect encoding of JSON data
The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. Th...
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
active-support ruby gem could allow a remote attacker to execute arbitrary code on the system, caused by containing a malicious backdoor. An attacker could exploit this vulnerability to execute arbitrary code on the system...
Command Injection
active-support could allow a remote attacker to execute arbitrary code on the system, caused by containing a malicious backdoor. An attacker could exploit this vulnerability to execute arbitrary code on the system...
Denial of service in django
The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service resource consumption via a URL associated with...
Django Cross-Site Request Forgery vulnerability
The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page...
Improper date handling in Django
The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not validate the length of a string representing a base36 timestamp, which allows remote attackers to cause a denial of service resource consumption via a URL that...
Cross-site request forgery in Django
Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged AJAX requests that leverage a "combination of browser plugins...
Cross-site scripting in django
Cross-site scripting XSS vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload...
Directory traversal in Django
Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on Windows might allow remote attackers to read or execute files via a / slash character in a key in a session cookie, related to session replays...
Session manipulation in Django
django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote attackers to modify a session by triggering use of a key that is equal to that...
Cross-site scripting in django
Cross-site scripting XSS vulnerability in Django 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a csrfmiddlewaretoken aka csrftoken cookie...
Improper query string handling in Django
The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the data-container property of tooltip...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the collapse data-parent attribute...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the data-target property of scrollspy...
Eve allows execution of arbitrary code
io/mongo/parser.py in Eve aka pyeve before 0.7.5 allows remote attackers to execute arbitrary code via Code Injection in the where parameter...
Insufficiently Protected Credentials
The Jenkins AWS CodePipeline Plugin contains an Insufficiently Protected Credentials vulnerability...
Insufficiently Protected Credentials
The Jenkins AWS CodeDeploy Plugin does not properly protect credentials in AWSCodeDeployPublisher...
Information Exposure
The Jenkins AWS CodeDeploy Plugin contains a File and Directory Information Exposure vulnerability in AWSCodeDeployPublisher...
Insufficiently Protected Credentials
The Jenkins AWS CodeBuild Plugin does not properly protect credentials in AWSClientFactory...