Lucene search
K
GitlabRecent

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2024/08/05 12:0 a.m.•55 views

gotortc Cross-site Scripting vulnerability

gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The index page index.html shows the available streams by fetching the API in the client side. Then, it uses Object.entries to iterate over the result whose first item name gets...

6.1CVSS5.7AI score0.00453EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/08/05 12:0 a.m.•65 views

CasaOS Command Injection vulnerability

CasaOS is an open-source personal cloud system. Prior to version 0.4.4, if an authenticated user using CasaOS is able to successfully connect to a controlled SMB server, they are able to execute arbitrary commands. Version 0.4.4 contains a patch for the issue...

8.8CVSS7.3AI score0.0127EPSS
Exploits1References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/08/05 12:0 a.m.•42 views

RobotsAndPencils go-saml authentication bypass vulnerability

RobotsAndPencils go-saml, a SAML client library written in Go, contains an authentication bypass vulnerability in all known versions. This is due to how the xmlsec1 command line tool is called internally to verify the signature of SAML assertions. When xmlsec1 is used without defining the enabled...

7.5CVSS7AI score0.00559EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/30 12:0 a.m.•27 views

@75lb/deep-merge Prototype Pollution vulnerability

Prototype Pollution in 75lb deep-merge 1.1.1 allows attackers to execute arbitrary code or cause a Denial of Service DoS and cause other impacts via merge methods of lodash to merge objects...

9.8CVSS7.8AI score0.00985EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/29 12:0 a.m.•54 views

Admidio Vulnerable to RCE via Arbitrary File Upload in Message Attachment

Description: Remote Code Execution Vulnerability has been identified in the Message module of the Admidio Application, where it is possible to upload a PHP file in the attachment. The uploaded file can be accessed publicly through the URL admidiobaseurl/admmyfiles/messagesattachments/filename. Th...

9CVSS8.4AI score0.01245EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/29 12:0 a.m.•68 views

Admidio has Blind SQL Injection in ecard_send.php

Description: An SQL Injection has been identified in the /admprogram/modules/ecards/ecardsend.php source file of the Admidio Application. The SQL Injection results in a compromise of the application's database. The value of ecardrecipients POST parameter is being directly concatenated with the SQ...

9.9CVSS8.7AI score0.00931EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/22 12:0 a.m.•37 views

Anki Latex Incomplete Blocklist Vulnerability

An vulnerability in the handling of Latex exists in Ankitects Anki 24.04. When Latex is sanitized to prevent unsafe commands, the verbatim package, which comes installed by default in many Latex distributions, has been overlooked. A specially crafted flashcard can lead to an arbitrary file read. ...

6.5CVSS6.7AI score0.11512EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/21 12:0 a.m.•15 views

H2O vulnerable to Deserialization of Untrusted Data

The H2O machine learning platform uses "Iced" classes as the primary means of moving Java Objects around the cluster. The Iced format supports inclusion of serialized Java objects. When a model is deserialized, any class is allowed to be deserialized no class allowlist. An attacker can construct ...

7.5CVSS7.5AI score0.00682EPSS
Exploits0References5
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/18 12:0 a.m.•43 views

1Panel has an SQL injection issue related to the orderBy clause

There are many sql injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The proof is as follows...

9.8CVSS6.9AI score0.29396EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/05 12:0 a.m.•28 views

ai-controller-frontend payment status in basket isn't reset

Payment status in basket isn't reset...

5.3CVSS6.8AI score0.0043EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/02 12:0 a.m.•38 views

aimeos/ai-admin-graphql improper access control vulnerability allows an editor to modify admin account

aimeos/ai-admin-graphql is the Aimeos GraphQL API admin interface. Starting in version 2022.04.01 and prior to versions 2022.10.10, 2023.10.6, and 2024.04.6, an improper access control vulnerability allows an editor to modify and take over an admin account in the back end. Versions 2022.10.10,...

7.1CVSS6.7AI score0.00439EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/02 12:0 a.m.•27 views

aimeos/ai-admin-graphql improper access control vulnerability allows editors to manage own services

aimeos/ai-admin-graphql is the Aimeos GraphQL API admin interface. Starting in version 2022.04.1 and prior to versions 2022.10.10, 2023.10.6, and 2024.4.2, improper access control allows a editors to manage own services via GraphQL API which isn't allowed in the JQAdm front end. Versions...

3.8CVSS6.8AI score0.00425EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/02 12:0 a.m.•47 views

aimeos/ai-admin-jsonadm improper access control vulnerability allows editors to remove required records

Improper access control allows editors to remove admin group and locale configuration in Aimeos backend...

5.5CVSS6.8AI score0.00481EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/01 12:0 a.m.•26 views

akbr patch-into was discovered to contain a prototype pollution via the function patchInto

akbr patch-into v1.0.1 was discovered to contain a prototype pollution via the function patchInto. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

8.8CVSS8.2AI score0.00822EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/01 12:0 a.m.•16 views

adolph_dudu ratio-swiper was discovered to contain a prototype pollution via the function extendDefaults

adolphdudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function extendDefaults. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

6.5CVSS8.2AI score0.00462EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/01 12:0 a.m.•31 views

frappejs was discovered to contain a prototype pollution via the function registerView

airvertco frappejs v0.0.11 was discovered to contain a prototype pollution via the function registerView. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

8.8CVSS8.4AI score0.00822EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/07/01 12:0 a.m.•113 views

ag-grid packages vulnerable to Prototype Pollution

ag-grid-enterprise v31.3.2 was discovered to contain a prototype pollution via the component ModuleSupport.jsonApply. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

6.3CVSS8.1AI score0.00827EPSS
Exploits1References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/25 12:0 a.m.•42 views

Aimeos HTML client may potentially reveal sensitive information in error log

Debug information can reveal sensitive information from environment variables in error log...

8.8CVSS6.5AI score0.0051EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/17 12:0 a.m.•45 views

@akbr/update Prototype Pollution

akbr update 1.0.0 is vulnerable to Prototype Pollution via update/index.js...

5.9CVSS6.7AI score0.002EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/17 12:0 a.m.•31 views

flatten-json Prototype Pollution

A Prototype Pollution issue in flatten-json 1.0.1 allows an attacker to execute arbitrary code via module.exports.unflattenJSON flatten-json/index.js:42...

6.3CVSS7.6AI score0.0042EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/17 12:0 a.m.•26 views

Badger Database Prototype Pollution

A Prototype Pollution issue in abw badger-database 1.2.1 allows an attacker to execute arbitrary code via dist/badger-database.esm...

7.6CVSS8AI score0.00518EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/17 12:0 a.m.•51 views

DeepJavaLibrary API absolute path traversal

DeepJavaLibraryDJL versions 0.1.0 through 0.27.0 do not prevent absolute path archived artifacts from inserting archived files directly into the system, overwriting system files. This is fixed in DJL 0.28.0 and patched in DJL Large Model Inference containers 0.27.0. Impacted versions: 0.1.0 throu...

10CVSS6.6AI score0.00655EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/17 12:0 a.m.•46 views

obx Prototype Pollution

almela obx before v.0.0.4 has a Prototype Pollution issue which allows arbitrary code execution via the obx/build/index.js:656, reduce @almela/obx/build/index.js:470, Object.set obx/build/index.js:269 component...

7.6AI score0.00693EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/17 12:0 a.m.•46 views

object-deep-assign Prototype Pollution

alexbinary object-deep-assign 1.0.11 is vulnerable to Prototype Pollution via the extend method of Module.deepAssign /src/index.js...

6.7AI score0.00558EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/13 12:0 a.m.•51 views

AdGuardHome privilege escalation vulnerability

An issue in AdGuardHome v0.93 to latest allows unprivileged attackers to escalate privileges via overwriting the AdGuardHome binary...

8.8CVSS6.9AI score0.00209EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/11 12:0 a.m.•25 views

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...

5.5CVSS6.7AI score0.00788EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/11 12:0 a.m.•30 views

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...

5.5CVSS6.7AI score0.00788EPSS
Exploits0References9
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/07 12:0 a.m.•43 views

aimeos-core arbitrary file uopload vulnerability

An arbitrary file upload vulnerability in the image upload function of aimeos-core v2024.04 allows attackers to execute arbitrary code via uploading a crafted PHP file...

7.7AI score
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/05 12:0 a.m.•9 views

Duplicate

This advisory duplicates another...

5.9AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/05 12:0 a.m.•27 views

Remote code execution in web server context

User with administrative privileges and upload files that look like images but contain PHP code which can then be executed in the context of the web server...

7.2CVSS7.5AI score0.00607EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/05 12:0 a.m.•17 views

Duplicate

This advisory duplicates another...

5.9AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/05 12:0 a.m.•26 views

Digital products download without proper payment status check

Digital downloads sold in online shops can be downloaded without valid payment, e.g. if the payment didn't succeed...

5.3CVSS7.1AI score0.0055EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/05 12:0 a.m.•28 views

Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC

An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption...

8.2CVSS8.1AI score0.00994EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/05 12:0 a.m.•21 views

Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC

An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption...

8.2CVSS8.1AI score0.00994EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/04 12:0 a.m.•47 views

ActionText ContentAttachment can Contain Unsanitized HTML

Instances of ActionText::Attachable::ContentAttachment included within a richtextarea tag could potentially contain unsanitized HTML. This has been assigned the CVE identifier CVE-2024-32464. Versions Affected: = 7.1.0 Not affected: 7.1.0 Fixed Versions: 7.1.3.4 Impact ------ This could lead to a...

6.1CVSS6.5AI score0.00434EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/04 12:0 a.m.•53 views

apko Exposure of HTTP basic auth credentials in log output

Exposure of HTTP basic auth credentials from repository and keyring URLs in log output...

7.5CVSS6.8AI score0.00441EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/06/02 12:0 a.m.•90 views

activeadmin vulnerable to stored persistent cross-site scripting (XSS) in dynamic form legends

Users settings their active admin form legends dynamically may be vulnerable to stored XSS, as long as its value can be injected directly by a malicious user. For example: A public web application allows users to create entities with arbitrary names. Active Admin is used to administrate these...

6.1CVSS6.5AI score0.00349EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/29 12:0 a.m.•9 views

Duplicate

This advisory duplicates another...

5.9AI score
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/29 12:0 a.m.•12 views

Aimeos denial of service vulnerability in SaaS and marketplace setups

All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack...

5.5CVSS7.1AI score0.00435EPSS
Exploits0References10Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/15 12:0 a.m.•18 views

amphp/artax Cookie leakage to wrong origins and non-restricted cookie acceptance

In artax version before 1.0.6 and 2 before 2.0.6, cookies of foo.bar.example.com were leaked to foo.bar. Additionally, any site could set cookies for any other site. Artax fixed this issue by following newer browser implementations now. Cookies can only be set on domains higher or equal to the...

7AI score
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/15 12:0 a.m.•13 views

easyadmin-extension-bundle action case insensitivity

In alterphp/easyadmin-extension-bundle, role based access rules do not handle action name case sensitivity which may lead to unauthorized access...

7AI score
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/15 12:0 a.m.•11 views

pygmentize Remote Code Execution

pygmentize is prone to remote code execution due to an unsafe sanitazation of user input when passed to the highlight function...

8.1AI score
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/15 12:0 a.m.•12 views

ADOdb SQL injection vulnerability

The ADOdb Library for PHP prior to version 5.20.11 is prone to SQL Injection vulnerability in multiple drivers...

8.4AI score
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/15 12:0 a.m.•24 views

amphp/http-client Header leakage on cross-domain redirects

amphp/http-client has a security weakness that might leak sensitive request headers from the initial request to the redirected host on cross-domain redirects, which were not removed correctly. Message::setHeaders does not replace the entire set of headers, but only operates on the headers matchin...

7AI score
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/15 12:0 a.m.•13 views

amphp/http Host Header Injection vulnerability

amphp/http versions before 1.0.1 allows an attacker to supply invalid input in the Host header which may lead to various type of Host header injection attacks...

7.3AI score
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/14 12:0 a.m.•19 views

Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java BC Java before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of th...

7.5CVSS6.2AI score0.011EPSS
Exploits0References9
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/14 12:0 a.m.•27 views

Bouncy Castle crafted signature and public key can be used to trigger an infinite loop

An issue was discovered in Bouncy Castle Java Cryptography APIs starting in 1.73 and before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...

7.5CVSS7.5AI score0.00753EPSS
Exploits0References9
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/14 12:0 a.m.•32 views

Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java BC Java before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of th...

7.5CVSS6.2AI score0.011EPSS
Exploits0References9
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/14 12:0 a.m.•30 views

Bouncy Castle crafted signature and public key can be used to trigger an infinite loop

An issue was discovered in Bouncy Castle Java Cryptography APIs starting in 1.73 and before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...

7.5CVSS7.5AI score0.00753EPSS
Exploits0References9
GitLab Advisory Database
GitLab Advisory Database
•added 2024/05/14 12:0 a.m.•40 views

Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing...

5.9CVSS6.3AI score0.00901EPSS
Exploits0References8
Total number of security vulnerabilities1518