Lucene search
K
OsvMost viewed

907650 matches found

OSV
OSV
•added 2022/04/11 9:30 p.m.•116 views

GHSA-XXX9-3XCR-GJJ3 XML Injection in Xerces Java affects Nokogiri

Summary Nokogiri v1.13.4 updates the vendored xerces:xercesImpl from 2.12.0 to 2.12.2, which addresses CVE-2022-23437. That CVE is scored as CVSS 6.5 "Medium" on the NVD record. Please note that this advisory only applies to the JRuby implementation of Nokogiri = v1.13.4. Impact CVE-2022-23437 in...

6.5CVSS7.2AI score0.0444EPSS
Exploits0References6
OSV
OSV
•added 2021/06/21 8:15 p.m.•116 views

CVE-2020-27511

An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service ReDOS through stripping crafted HTML tags...

7.5CVSS6.6AI score0.02455EPSS
Exploits1References3
OSV
OSV
•added 2020/11/01 12:0 a.m.•116 views

ASB-A-140256621

In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due to an incorrect permission check. This could lead to local escalation of privilege that allows instant apps access to permissions not allowed for instant apps, with no additional execution privileges...

7.8CVSS7.8AI score0.00212EPSS
Exploits0References3
OSV
OSV
•added 2024/08/10 7:18 a.m.•115 views

BIT-GITLAB-2024-7554 Exposure of Sensitive Information to an Unauthorized Actor in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.0.6, all versions starting from 17.1 before 17.1.4, all versions starting from 17.2 before 17.2.2. Under certain conditions, access tokens may have been logged when an API request was made in a specif...

6.5CVSS5.5AI score0.00403EPSS
Exploits0References2
OSV
OSV
•added 2024/08/10 7:18 a.m.•115 views

BIT-GITLAB-2024-7610 Uncontrolled Resource Consumption in GitLab

A Denial of Service DoS condition has been discovered in GitLab CE/EE affecting all versions starting with 15.9 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause catastrophic backtracking while parsing results from Elasticsearch...

6.5CVSS5AI score0.00448EPSS
Exploits0References2
OSV
OSV
•added 2024/08/06 10:3 p.m.•115 views

GO-2024-3023 Mattermost allows remote actor to create/update/delete posts in arbitrary channels in github.com/mattermost/mattermost-server

Mattermost allows remote actor to create/update/delete posts in arbitrary channels in github.com/mattermost/mattermost-server...

7.1CVSS6AI score0.00362EPSS
Exploits0References3
OSV
OSV
•added 2024/02/01 4:10 p.m.•115 views

CVE-2024-24752 Bref Uploaded Files Not Deleted in Event-Driven Functions

Bref enable serverless PHP on AWS Lambda. When Bref is used with the Event-Driven Function runtime and the handler is a RequestHandlerInterface, then the Lambda event is converted to a PSR7 object. During the conversion process, if the request is a MultiPart, each part is parsed and for each whic...

6.5CVSS6.4AI score0.0075EPSS
Exploits1References4
OSV
OSV
•added 2022/06/24 9:15 p.m.•115 views

PYSEC-2022-217

The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS6.7AI score0.01857EPSS
Exploits1References3
OSV
OSV
•added 2022/05/24 5:30 p.m.•115 views

GHSA-GWFG-CQMG-CF8F WEBRick vulnerable to HTTP Request/Response Smuggling

An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...

7.5CVSS7.8AI score0.03849EPSS
Exploits0References16
OSV
OSV
•added 2022/03/28 8:28 p.m.•115 views

GHSA-C3H9-896R-86JM Improper Input Validation in GoGo Protobuf

An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue...

8.6CVSS8.5AI score0.03478EPSS
Exploits0References10
OSV
OSV
•added 2021/06/29 6:32 p.m.•115 views

GHSA-MR6H-CHQP-P9G2 SQL Injection in gogs.io/gogs

SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs aka Go Git Service 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL commands via the label parameter to user/repos/issues...

6.5CVSS8AI score0.04437EPSS
Exploits5References13
OSV
OSV
•added 2020/06/05 7:37 p.m.•115 views

GHSA-V73W-R9XG-7CR9 Use of insecure jQuery version in OctoberCMS

Impact Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods i.e. .html, .append, and others may execute untrusted code. Patches Issue has been patched in Build 466 v1.0.466 by applying the recommended patch from @jquery. Workarounds Apply...

7.3AI score
Exploits0References4
OSV
OSV
•added 2025/08/14 6:52 p.m.•114 views

MAL-2025-36856 Malicious code in thunder-iris-jur448-project (npm)

The package thunder-iris-jur448-project was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
•added 2025/02/01 7:29 a.m.•114 views

BIT-GITLAB-2023-6195 Server-Side Request Forgery (SSRF) in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.5 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. GitLab was vulnerable to Server Side Request Forgery when an attacker uses a malicious URL in the markdown image...

4.3CVSS3.6AI score0.00307EPSS
Exploits1References3
OSV
OSV
•added 2022/12/25 5:15 a.m.•114 views

CVE-2022-44640

Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center KDC...

9.8CVSS7.2AI score
Exploits0References3
OSV
OSV
•added 2022/06/03 12:0 a.m.•114 views

GHSA-52VJ-MR2J-F8JH Server-Side Template Injection in formio

A Server-Side Template Injection SSTI was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL. NOTE: the email templating service was removed after 2020. Additionally, the vendor disputes this issue indicating this is sandboxed and on...

9.8CVSS9.8AI score0.02177EPSS
Exploits0References3
OSV
OSV
•added 2022/05/03 12:0 a.m.•114 views

GHSA-M2H2-264F-F486 angular vulnerable to regular expression denial of service (ReDoS)

AngularJS lets users write client-side web applications. The package angular after 1.7.0 is vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very...

5.3CVSS7.2AI score0.04658EPSS
Exploits1References13
OSV
OSV
•added 2022/05/02 12:0 a.m.•114 views

DSA-5127-1 linux - security update

Bulletin has no description...

7.8CVSS7.8AI score0.05524EPSS
Exploits20
OSV
OSV
•added 2021/10/22 4:20 p.m.•114 views

GHSA-H58V-G3Q6-Q9FX Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in sulu/sulu

Impact What kind of vulnerability is it? Who is impacted? It is an issue when input HTML into the Tag name. The HTML is execute when the tag name is listed in the auto complete form. Only admin users are affected and only admin users can create tags. Patches Has the problem been patched? What...

6.2CVSS5.7AI score0.00572EPSS
Exploits0References4
OSV
OSV
•added 2023/03/03 9:30 p.m.•113 views

GHSA-VPVM-3WQ2-2WVM Opencontainers runc Incorrect Authorization vulnerability

runc 1.0.0-rc95 through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue...

7CVSS6.9AI score0.00448EPSS
Exploits1References19
OSV
OSV
•added 2021/12/16 12:0 a.m.•113 views

DSA-5022-1 apache-log4j2 - security update

Bulletin has no description...

9CVSS8.8AI score0.99977EPSS
Exploits39
OSV
OSV
•added 2021/04/22 4:15 p.m.•113 views

GHSA-64X2-GQ24-75PV Cross-site scripting in Apache CXF

By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting XSS attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This...

6.1CVSS6.3AI score0.42993EPSS
Exploits0References16
OSV
OSV
•added 2024/03/06 10:56 a.m.•112 views

BIT-APACHE-2020-35452 mod_auth_digest possible stack overflow by one nul byte

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make i...

7.3CVSS8.1AI score0.53191EPSS
Exploits0References13
OSV
OSV
•added 2022/05/26 6:15 p.m.•112 views

CVE-2022-26691

A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges...

6.7CVSS3.2AI score
Exploits0References9
OSV
OSV
•added 2022/02/18 9:55 p.m.•112 views

GSD-2022-1000204 PCI: pciehp: Fix infinite loop in IRQ handler upon power fault

PCI: pciehp: Fix infinite loop in IRQ handler upon power fault This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.97 by commit...

7.2AI score
Exploits0
OSV
OSV
•added 2022/01/06 6:31 p.m.•112 views

GHSA-3QPM-H9CH-PX3C Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j library

Summary The version used of Log4j, the library used for logging by PowerNukkit, is subject to a remote code execution vulnerability via the ldap JNDI parser. It's well detailed at CVE-2021-44228 and CVE-2021-45105https://github.com/advisories/GHSA-p6xc-xr62-6r2g. Impact Malicious client code coul...

10CVSS9.3AI score
Exploits0References2
OSV
OSV
•added 2021/03/25 9:26 p.m.•112 views

GHSA-8Q59-Q68H-6HV4 Improper Input Validation in PyYAML

A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be...

9.8CVSS8.1AI score0.05984EPSS
Exploits1References12
OSV
OSV
•added 2018/03/08 9:29 p.m.•112 views

CVE-2018-7889

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...

7.8CVSS8.1AI score
Exploits0References2
OSV
OSV
•added 2013/02/17 12:0 a.m.•112 views

DSA-2627-1 nginx - information leak

Bulletin has no description...

2.6CVSS5.9AI score0.04266EPSS
Exploits2
OSV
OSV
•added 2025/04/18 9:15 p.m.•111 views

CVE-2025-43903

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries...

3.3CVSS6.8AI score
Exploits0References1
OSV
OSV
•added 2024/11/28 12:0 a.m.•111 views

DLA-3973-1 redis - security update

Bulletin has no description...

6.5CVSS6.5AI score0.33269EPSS
Exploits0
OSV
OSV
•added 2024/04/03 9:12 p.m.•111 views

GO-2024-2687 HTTP/2 CONTINUATION flood in net/http

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS8.1AI score0.91969EPSS
Exploits1References3
OSV
OSV
•added 2024/03/07 9:30 p.m.•111 views

GHSA-RJ98-CRF4-G69W pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user

pgAdmin prior to version 8.4 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is...

9.9CVSS9.6AI score0.79326EPSS
Exploits4References6
OSV
OSV
•added 2022/06/20 8:16 p.m.•111 views

MAL-2022-2944 Malicious code in extraneous-detected (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c37443660cc0f4d7112c362734a5370d76c45d1444f9ae76efbac3b4bbed71e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
•added 2021/12/17 8:15 p.m.•111 views

PYSEC-2021-857

Buffer overflow in the arrayfrompyobj function of fortranobject.c in NumPy 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values...

5.5CVSS6.2AI score0.00368EPSS
Exploits1References2
OSV
OSV
•added 2024/02/09 12:11 a.m.•110 views

CVE-2024-24819 icingaweb2-module-incubator base implementation for HTML forms is susceptible to CSRF

icingaweb2-module-incubator is a working project of bleeding edge Icinga Web 2 libraries. In affected versions the class gipfl\Web\Form is the base for various concrete form implementations 1 and provides protection against cross site request forgery CSRF by default. This is done by automatically...

5.3CVSS8.2AI score0.0026EPSS
Exploits0References5
OSV
OSV
•added 2023/04/24 10:34 p.m.•110 views

GHSA-6M9F-PJ6W-W87G Rancher Webhook is misconfigured during upgrade process

Impact A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into the Kubernetes cluster. When the Webhook is operating in a degraded state, it no...

9.9CVSS9.4AI score0.00779EPSS
Exploits0References5
OSV
OSV
•added 2021/05/01 12:0 p.m.•110 views

RUSTSEC-2021-0056 CA certificate check bypass with X509_V_FLAG_X509_STRICT

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS7.5AI score0.18339EPSS
Exploits1References3
OSV
OSV
•added 2025/01/10 7:17 p.m.•109 views

BIT-GITLAB-2024-6324 Inefficient Algorithmic Complexity in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics...

4.3CVSS4.3AI score0.00692EPSS
Exploits1References4
OSV
OSV
•added 2024/08/01 12:0 a.m.•109 views

ASB-A-343727534

In dstnegativeadvice of sock.h, there is a possible failure to clear sk-skdstcache in the correct order resulting in a use after free. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS9AI score0.02701EPSS
Exploits1References12
OSV
OSV
•added 2024/01/31 10:33 p.m.•109 views

CVE-2024-24573 facileManager Privilege Escalation via Mass Assignment

facileManager is a modular suite of web apps built with the sysadmin in mind. In versions 4.5.0 and earlier, when a user updates their profile, a POST request containing user information is sent to the endpoint server/fm-modules/facileManager/ajax/processPost.php. It was found that non-admins can...

8.8CVSS8.4AI score0.00817EPSS
Exploits1References4
OSV
OSV
•added 2022/08/01 3:15 p.m.•109 views

CVE-2022-30699

NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to expire. The rogue...

6.5CVSS2.7AI score0.0085EPSS
Exploits0References5
OSV
OSV
•added 2020/12/01 12:0 a.m.•109 views

ASB-A-141745510

In addWindow of WindowManagerService.java, there is a possible window overlay attack due to an insecure default value. This could lead to local escalation of privilege via tapjacking with no additional execution privileges needed. User interaction is needed for exploitation...

9.3CVSS7.8AI score0.00526EPSS
Exploits0References2
OSV
OSV
•added 2025/03/27 2:2 p.m.•108 views

CVE-2025-2867 Improper Control of Generation of Code ('Code Injection') in GitLab

An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized...

4.4CVSS6.4AI score0.00197EPSS
Exploits0References4
OSV
OSV
•added 2024/11/16 7:11 a.m.•108 views

BIT-GITLAB-2024-8180 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. Improper output encoding could lead to XSS if CSP is not enabled...

5.4CVSS5.3AI score0.0035EPSS
Exploits0References4
OSV
OSV
•added 2024/07/23 3:31 p.m.•108 views

GHSA-G3CH-RX76-35FX vue-template-compiler vulnerable to client-side Cross-Site Scripting (XSS)

A vulnerability has been discovered in vue-template-compiler, that allows an attacker to perform XSS via prototype pollution. The attacker could change the prototype chain of some properties such as Object.prototype.staticClass or Object.prototype.staticStyle to execute arbitrary JavaScript code...

4.2CVSS5.2AI score0.00506EPSS
Exploits0References3
OSV
OSV
•added 2024/03/06 11:5 a.m.•108 views

BIT-PYTHON-2022-42919

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...

7.8CVSS8AI score0.00603EPSS
Exploits0References16
OSV
OSV
•added 2024/03/06 10:57 a.m.•108 views

BIT-APACHE-2020-13938 Improper Handling of Insufficient Privileges

Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows...

5.5CVSS6.5AI score0.11773EPSS
Exploits0References8
OSV
OSV
•added 2024/03/06 10:50 a.m.•108 views

BIT-APACHE-2023-31122 Apache HTTP Server: mod_macro buffer over-read

Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...

7.5CVSS7.6AI score0.02978EPSS
Exploits0References7
OSV
OSV
•added 2022/08/18 7:3 p.m.•108 views

GHSA-5HM8-VH6R-2CJQ CodeIgniter Shield Vulnerable to SameSite Attackers Bypassing the CSRF Protection

Impact This vulnerability may allow SameSite Attackers to bypass the CodeIgniter4 CSRF protection mechanism with CodeIgniter Shield. For this attack to succeed, the attacker must have direct or indirect, e.g., XSS control over a subdomain site e.g., https://a.example.com/ of the target site e.g.,...

5.9CVSS7AI score0.00474EPSS
Exploits1References7
Total number of security vulnerabilities5000