909636 matches found
CVE-2020-27511
An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service ReDOS through stripping crafted HTML tags...
GHSA-XMPW-2VMM-P4P6 Malicious code in guardrails-ai 0.10.1 (supply chain compromise)
Impact On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Affected: any user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026. Security researchers identified the malicious package within approximately 2 hours ...
CGA-3P7C-2H7X-XXJX
Bulletin has no description...
BIT-GITLAB-2024-8974 Incorrect Provision of Specified Functionality in GitLab
Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauthorised user the path of a private project."...
GHSA-257Q-PV89-V3XV Duplicate Advisory: jQuery Cross Site Scripting vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jpcq-cgw6-v4j6. This link is maintained to preserve external references. Original Description Cross Site Scripting vulnerability in jQuery v.2.2.0 until v.3.5.0 allows a remote attacker to execute arbitrary code...
GO-2022-0493 Incorrect privilege reporting in syscall and golang.org/x/sys/unix
When called with a non-zero flags parameter, the Faccessat function can incorrectly report that a file is accessible...
GHSA-6FVX-R7HX-3VH6 JavaMelody has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java.
JavaMelody before 1.74.0 has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java...
BELL-CVE-2025-61984
Bulletin has no description...
BIT-MYSQL-CLIENT-2025-30722
Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise...
CVE-2024-24752 Bref Uploaded Files Not Deleted in Event-Driven Functions
Bref enable serverless PHP on AWS Lambda. When Bref is used with the Event-Driven Function runtime and the handler is a RequestHandlerInterface, then the Lambda event is converted to a PSR7 object. During the conversion process, if the request is a MultiPart, each part is parsed and for each whic...
CVE-2024-24753 Bref Multiple Value Headers Not Supported in ApiGatewayFormatV2
Bref enable serverless PHP on AWS Lambda. When Bref is used in combination with an API Gateway with the v2 format, it does not handle multiple values headers. If PHP generates a response with two headers having the same key but different values only the latest one is kept. If an application relie...
GHSA-VPVM-3WQ2-2WVM Opencontainers runc Incorrect Authorization vulnerability
runc 1.0.0-rc95 through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue...
GHSA-WR5J-Q359-6VR2 backup-agoddard and backup_checksum have Information Exposure vulnerability
1 lib/backup/cli/utility.rb in the backup-agoddard gem 3.0.28 and 2 lib/backup/cli/utility.rb in the backupchecksum gem 3.0.23 for Ruby place credentials on the openssl command line, which allows local users to obtain sensitive information by listing the process...
DSA-5127-1 linux - security update
Bulletin has no description...
GHSA-XXX9-3XCR-GJJ3 XML Injection in Xerces Java affects Nokogiri
Summary Nokogiri v1.13.4 updates the vendored xerces:xercesImpl from 2.12.0 to 2.12.2, which addresses CVE-2022-23437. That CVE is scored as CVSS 6.5 "Medium" on the NVD record. Please note that this advisory only applies to the JRuby implementation of Nokogiri = v1.13.4. Impact CVE-2022-23437 in...
GHSA-V73W-R9XG-7CR9 Use of insecure jQuery version in OctoberCMS
Impact Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods i.e. .html, .append, and others may execute untrusted code. Patches Issue has been patched in Build 466 v1.0.466 by applying the recommended patch from @jquery. Workarounds Apply...
BIT-GITLAB-2023-6195 Server-Side Request Forgery (SSRF) in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.5 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. GitLab was vulnerable to Server Side Request Forgery when an attacker uses a malicious URL in the markdown image...
BIT-GITLAB-2024-7610 Uncontrolled Resource Consumption in GitLab
A Denial of Service DoS condition has been discovered in GitLab CE/EE affecting all versions starting with 15.9 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause catastrophic backtracking while parsing results from Elasticsearch...
CVE-2022-44640
Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center KDC...
PYSEC-2022-217
The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...
GHSA-GWFG-CQMG-CF8F WEBRick vulnerable to HTTP Request/Response Smuggling
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...
GHSA-M2H2-264F-F486 angular vulnerable to regular expression denial of service (ReDoS)
AngularJS lets users write client-side web applications. The package angular after 1.7.0 is vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very...
GHSA-C3H9-896R-86JM Improper Input Validation in GoGo Protobuf
An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue...
PYSEC-2021-857
Buffer overflow in the arrayfrompyobj function of fortranobject.c in NumPy 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values...
GHSA-H58V-G3Q6-Q9FX Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in sulu/sulu
Impact What kind of vulnerability is it? Who is impacted? It is an issue when input HTML into the Tag name. The HTML is execute when the tag name is listed in the auto complete form. Only admin users are affected and only admin users can create tags. Patches Has the problem been patched? What...
GHSA-52VJ-MR2J-F8JH Server-Side Template Injection in formio
A Server-Side Template Injection SSTI was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL. NOTE: the email templating service was removed after 2020. Additionally, the vendor disputes this issue indicating this is sandboxed and on...
DSA-5022-1 apache-log4j2 - security update
Bulletin has no description...
RUSTSEC-2021-0056 CA certificate check bypass with X509_V_FLAG_X509_STRICT
The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...
GHSA-8Q59-Q68H-6HV4 Improper Input Validation in PyYAML
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be...
DSA-2627-1 nginx - information leak
Bulletin has no description...
BIT-GITLAB-2024-6356 Incorrect User Management in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project access for Security policy bot...
GHSA-RJ98-CRF4-G69W pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user
pgAdmin prior to version 8.4 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is...
CVE-2022-26691
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges...
GSD-2022-1000204 PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
PCI: pciehp: Fix infinite loop in IRQ handler upon power fault This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.97 by commit...
GHSA-64X2-GQ24-75PV Cross-site scripting in Apache CXF
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting XSS attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This...
DLA-3973-1 redis - security update
Bulletin has no description...
GO-2024-2687 HTTP/2 CONTINUATION flood in net/http
An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...
BIT-APACHE-2020-35452 mod_auth_digest possible stack overflow by one nul byte
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make i...
CVE-2024-24819 icingaweb2-module-incubator base implementation for HTML forms is susceptible to CSRF
icingaweb2-module-incubator is a working project of bleeding edge Icinga Web 2 libraries. In affected versions the class gipfl\Web\Form is the base for various concrete form implementations 1 and provides protection against cross site request forgery CSRF by default. This is done by automatically...
MAL-2022-2944 Malicious code in extraneous-detected (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c37443660cc0f4d7112c362734a5370d76c45d1444f9ae76efbac3b4bbed71e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-3QPM-H9CH-PX3C Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j library
Summary The version used of Log4j, the library used for logging by PowerNukkit, is subject to a remote code execution vulnerability via the ldap JNDI parser. It's well detailed at CVE-2021-44228 and CVE-2021-45105https://github.com/advisories/GHSA-p6xc-xr62-6r2g. Impact Malicious client code coul...
CVE-2018-7889
gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...
CVE-2025-43903
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries...
PUB-A-364794723
In ProtocolUnsolOnSSAdapter::GetServiceClass of protocolcalladapter.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation...
GHSA-6M9F-PJ6W-W87G Rancher Webhook is misconfigured during upgrade process
Impact A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into the Kubernetes cluster. When the Webhook is operating in a degraded state, it no...
ASB-A-343727534
In dstnegativeadvice of sock.h, there is a possible failure to clear sk-skdstcache in the correct order resulting in a use after free. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-24573 facileManager Privilege Escalation via Mass Assignment
facileManager is a modular suite of web apps built with the sysadmin in mind. In versions 4.5.0 and earlier, when a user updates their profile, a POST request containing user information is sent to the endpoint server/fm-modules/facileManager/ajax/processPost.php. It was found that non-admins can...
BIT-GITLAB-2024-6324 Inefficient Algorithmic Complexity in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics...
BIT-GITLAB-2024-8180 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. Improper output encoding could lead to XSS if CSP is not enabled...
GHSA-36JR-MH4H-2G58 d3-color vulnerable to ReDoS
The d3-color module provides representations for various color spaces in the browser. Versions prior to 3.1.0 are vulnerable to a Regular expression Denial of Service. This issue has been patched in version 3.1.0. There are no known workarounds...