Lucene search
K
OsvMost viewed

907757 matches found

OSV
OSV
added 2024/03/06 11:2 a.m.100 views

BIT-MATTERMOST-2023-1421

A reflected cross-site scripting vulnerability in the OAuth flow completion endpoints in Mattermost allows an attacker to send AJAX requests on behalf of the victim via sharing a crafted link with a malicious state parameter...

6.1CVSS4.6AI score0.00413EPSS
Exploits0References2
OSV
OSV
added 2023/01/21 3:30 a.m.100 views

GHSA-3MPG-Q26J-83J5 Command injection in yiisoft/yii2-gii

Yii Yii2 Gii before 2.2.2 allows remote attackers to execute arbitrary code via the Generator.php messageCategory field. The attacker can embed arbitrary PHP code into the model file...

8.8CVSS9AI score0.01461EPSS
Exploits1References5
OSV
OSV
added 2022/08/30 8:38 p.m.100 views

GHSA-P4CC-W597-6CPM Cryptographically weak PRNG in `utils.generateUUID`

In Brief utils.generateUUID, a helper function available in essentially all versions of NodeBB as far back as v1.0.1 and potentially earlier used a cryptographically insecure Pseudo-random number generator Math.random, which meant that a specially crafted script combined with multiple invocations...

9.8CVSS9.4AI score0.01052EPSS
Exploits0References5
OSV
OSV
added 2022/06/21 3:15 p.m.100 views

CVE-2022-2068

In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there...

7.3CVSS1.6AI score0.83223EPSS
Exploits5References11
OSV
OSV
added 2022/05/13 1:1 a.m.100 views

GHSA-7J4H-8WPF-RQFH Missing XML Validation in Apache Xerces2

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment JRE in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlie...

7.1CVSS7AI score0.24738EPSS
Exploits0References50
OSV
OSV
added 2022/02/09 10:50 p.m.100 views

GHSA-C566-2GRG-MJWG Serialization vulnerability in Apache Tapestry

A Java Serialization vulnerability was found in Apache Tapestry 4. Apache Tapestry 4 will attempt to deserialize the "sp" parameter even before invoking the page's validate method, leading to deserialization without authentication. Apache Tapestry 4 reached end of life in 2008 and no update to...

9.8CVSS9.3AI score0.09732EPSS
Exploits1References5
OSV
OSV
added 2021/04/30 5:29 p.m.100 views

GHSA-RV39-3QH7-9V7W Improper Input Validation in Spring Framework

In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter...

6.5CVSS7.6AI score0.10736EPSS
Exploits1References25
OSV
OSV
added 2025/02/07 7:17 a.m.99 views

BIT-GITLAB-2024-5528 Incomplete Comparison with Missing Factors in GitLab

An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages...

5.4CVSS3.6AI score0.00392EPSS
Exploits1References4
OSV
OSV
added 2024/08/23 7:19 a.m.99 views

BIT-GRAFANA-2024-6322

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...

5.4CVSS4.5AI score0.00305EPSS
Exploits0References2
OSV
OSV
added 2024/08/10 7:27 a.m.99 views

BIT-GITLAB-2024-3114 Uncontrolled Resource Consumption in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2, with the processing logic for parsing invalid commits can lead to a regular expression DoS attack on the server...

6.5CVSS5.1AI score0.00462EPSS
Exploits0References3
OSV
OSV
added 2023/02/09 8:15 p.m.99 views

CVE-2022-43552

A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...

5.9CVSS0.3AI score0.02511EPSS
Exploits1References5
OSV
OSV
added 2022/07/03 12:0 a.m.99 views

DSA-5174-1 gnupg2 - security update

Bulletin has no description...

6.5CVSS6.6AI score0.02551EPSS
Exploits1
OSV
OSV
added 2022/06/08 8:15 a.m.99 views

PYSEC-2022-204

The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be...

9.8CVSS2.1AI score0.0422EPSS
Exploits1References4
OSV
OSV
added 2022/05/27 4:36 p.m.99 views

GHSA-WQ4H-7R42-5HRR Possible shell escape sequence injection vulnerability in Rack

There is a possible shell escape sequence injection vulnerability in the Lint and CommonLogger components of Rack. This vulnerability has been assigned the CVE identifier CVE-2022-30123. Versions Affected: All. Not affected: None Fixed Versions: 2.0.9.1, 2.1.4.1, 2.2.3.1 Impact Carefully crafted...

10CVSS9.6AI score0.01801EPSS
Exploits0References9
OSV
OSV
added 2016/09/26 7:59 p.m.99 views

CVE-2016-6306

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service out-of-bounds read via crafted certificate operations, related to s3clnt.c and s3srvr.c...

5.9CVSS5.3AI score
Exploits0References56
OSV
OSV
added 2004/11/01 12:0 a.m.99 views

DSA-581-1 xpdf - integer overflows

Bulletin has no description...

10CVSS6.3AI score0.09334EPSS
Exploits0
OSV
OSV
added 2025/07/16 7:56 a.m.98 views

BIT-APACHE-2025-23048 Apache HTTP Server: mod_ssl access control bypass with session resumption

In some modssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when modssl is configured for multiple virtual hosts, with each restricted to a different set of...

9.1CVSS6AI score0.0097EPSS
Exploits1References5
OSV
OSV
added 2024/08/10 7:26 a.m.98 views

BIT-GITLAB-2024-3958 Improper Control of Generation of Code ('Code Injection') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allows someone to abuse a discrepancy between the Web application display and the git command line interface to social engineer victims into...

6.5CVSS5.6AI score0.00301EPSS
Exploits0References3
OSV
OSV
added 2023/08/11 3:15 a.m.98 views

CVE-2022-40982

Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

6.5CVSS6.2AI score
Exploits0References15
OSV
OSV
added 2023/04/12 12:0 a.m.98 views

DLA-3390-1 zabbix - security update

Bulletin has no description...

8.8CVSS5.6AI score0.32304EPSS
Exploits2
OSV
OSV
added 2022/02/09 12:11 a.m.98 views

GHSA-H39Q-95Q5-9JFP OS Command Injection in ansible

A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by...

8.5CVSS7.5AI score0.00444EPSS
Exploits0References16
OSV
OSV
added 2021/06/21 8:15 p.m.98 views

PYSEC-2021-427

A Regular Expression Denial of Service ReDOS vulnerability was discovered in Mpmath v1.0.0 when the mpmathify function is called...

7.5CVSS3.6AI score0.041EPSS
Exploits1References8
OSV
OSV
added 2015/09/13 12:0 a.m.98 views

DSA-3358-1 php5 - security update

Bulletin has no description...

9.8CVSS7.8AI score0.46801EPSS
Exploits7
OSV
OSV
added 2024/10/05 7:10 a.m.97 views

BIT-MARIADB-2023-22084

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Serve...

4.9CVSS4.9AI score0.01782EPSS
Exploits0References8
OSV
OSV
added 2024/08/21 3:29 p.m.97 views

GO-2022-0875 Denial of Service in OpenShift Origin in github.com/openshift/origin

Denial of Service in OpenShift Origin in github.com/openshift/origin...

4CVSS6.2AI score0.01952EPSS
Exploits0References8
OSV
OSV
added 2024/07/05 8:6 p.m.97 views

GHSA-248V-346W-9CWC Certifi removes GLOBALTRUST root certificate

Certifi 2024.07.04 removes root certificates from "GLOBALTRUST" from the root store. These are in the process of being removed from Mozilla's trust store. GLOBALTRUST's root certificates are being removed pursuant to an investigation which identified "long-running and unresolved compliance issues...

7.5CVSS5.8AI score0.01049EPSS
Exploits0References7
OSV
OSV
added 2024/02/19 9:30 a.m.97 views

GHSA-4G9R-VXHX-9PGX Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress. This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue...

5.9CVSS6.8AI score0.00441EPSS
Exploits0References6
OSV
OSV
added 2023/07/12 12:0 a.m.97 views

ALSA-2023:4034 Important: nodejs:16 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: Buffer Underwrite in aresinetnetpton CVE-2023-31130 c-ares: Insufficient...

7.5CVSS7AI score0.01577EPSS
Exploits0References10
OSV
OSV
added 2015/11/08 12:0 a.m.97 views

DLA-341-1 php5 - security update

Bulletin has no description...

9.8CVSS8AI score0.46801EPSS
Exploits4
OSV
OSV
added 2026/05/08 10:5 a.m.96 views

RHSA-2026:14926 Red Hat Security Advisory: kernel update

Bulletin has no description...

7.8CVSS6AI score0.96267EPSS
Exploits228References18
OSV
OSV
added 2024/08/10 7:20 a.m.96 views

BIT-GITLAB-2024-6329 Improper Encoding or Escaping of Output in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which causes the web interface to fail to render the diff correctly when the path is encoded...

7.5CVSS6AI score0.00371EPSS
Exploits0References3
OSV
OSV
added 2024/07/05 8:7 p.m.96 views

GHSA-XR7Q-JX4M-X55M Private tokens could appear in logs if context containing gRPC metadata is logged in github.com/grpc/grpc-go

Impact This issue represents a potential PII concern. If applications were printing or logging a context containing gRPC metadata, the affected versions will contain all the metadata, which may include private information. Patches The issue first appeared in 1.64.0 and is patched in 1.64.1 and...

7.1AI score
Exploits0References3
OSV
OSV
added 2024/06/17 7:17 a.m.96 views

BIT-ELASTICSEARCH-2024-37280 Elasticsearch StackOverflow vulnerability

A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of...

4.9CVSS4.7AI score0.00529EPSS
Exploits0References3
OSV
OSV
added 2023/02/07 12:0 p.m.96 views

RUSTSEC-2023-0007 Timing Oracle in RSA Decryption

A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages fo...

5.9CVSS6.8AI score0.16195EPSS
Exploits0References3
OSV
OSV
added 2022/12/23 3:15 p.m.96 views

CVE-2022-43551

A vulnerability exists in curl 7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypasse...

7.5CVSS0.1654EPSS
Exploits1References4
OSV
OSV
added 2021/10/28 12:0 a.m.96 views

DSA-4994-1 bind9 - security update

Bulletin has no description...

5.3CVSS6AI score0.08001EPSS
Exploits0
OSV
OSV
added 2021/05/18 9:9 p.m.96 views

GHSA-VJ3F-3286-R4PF Path Traversal in Docker

Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an 1 image or 2 build in a Dockerfile...

5.9CVSS8.4AI score0.04923EPSS
Exploits0References7
OSV
OSV
added 2020/10/22 6:15 p.m.96 views

CVE-2020-15906

tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts...

9.8CVSS6.8AI score0.27362EPSS
Exploits5References2
OSV
OSV
added 2020/09/15 6:19 p.m.96 views

GHSA-699Q-WCFF-G9MJ Unsafe deserialization in Yii 2

Impact Remote code execution in case application calls unserialize on user input containing specially crafted string. Patches 2.0.38 Workarounds Add the following to BatchQueryResult.php: php public function sleep throw new \BadMethodCallException'Cannot serialize '.CLASS; public function wakeup...

8.9CVSS9.6AI score0.78759EPSS
Exploits0References5
OSV
OSV
added 2019/06/18 12:0 a.m.96 views

DSA-4466-1 firefox-esr - security update

Bulletin has no description...

8.8CVSS9.7AI score0.37951EPSS
Exploits7
OSV
OSV
added 2025/07/16 8:19 a.m.95 views

BIT-TOMCAT-2025-52520 Apache Tomcat: DoS via integer overflow in multipart file upload

For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0 through 11.0.8, from 10.1.0 through 10.1.42, from 9.0.0 through 9.0.106. The following versions...

7.5CVSS7.2AI score0.0196EPSS
Exploits0References4
OSV
OSV
added 2024/10/22 12:0 a.m.95 views

DLA-3931-1 ghostscript - security update

Bulletin has no description...

3.3CVSS4AI score0.00375EPSS
Exploits0
OSV
OSV
added 2024/10/05 7:10 a.m.95 views

BIT-MYSQL-CLIENT-2024-21096

Vulnerability in the MySQL Server product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to...

4.9CVSS5AI score0.00424EPSS
Exploits0References7
OSV
OSV
added 2024/06/25 12:23 p.m.95 views

MAL-2024-2063 Malicious code in dashboard (npm)

False positive caused by problematic ingestion. --- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2023/08/08 6:15 p.m.95 views

CVE-2023-20569

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure...

4.7CVSS6.7AI score
Exploits0References12
OSV
OSV
added 2021/08/24 3:15 p.m.95 views

CVE-2021-3711

In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...

9.8CVSS1AI score
Exploits0References17
OSV
OSV
added 2020/10/01 12:0 a.m.95 views

DLA-2391-1 ruby2.3 - security update

Bulletin has no description...

7.5CVSS7.8AI score0.03849EPSS
Exploits0
OSV
OSV
added 2013/05/26 12:0 a.m.95 views

DSA-2694-1 spip - privilege escalation

Bulletin has no description...

7.5CVSS6.3AI score0.08982EPSS
Exploits4
OSV
OSV
added 2024/11/16 7:9 a.m.94 views

BIT-GITLAB-2024-9633 Incorrect Ownership Assignment in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.3 before 17.4.2, all versions starting from 17.5 before 17.5.4, all versions starting from 17.6 before 17.6.2. This issue allows an attacker to create a group with a name matching an existing unique Pages domain,...

7.5CVSS5AI score0.00437EPSS
Exploits0References3
OSV
OSV
added 2023/10/29 7:16 a.m.94 views

BIT-2023-46288

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.4.0 to 2.7.0.Sensitive configuration information has been exposed to authenticated users with the ability to read configuration via Airflow REST API for configuratio...

4.3CVSS6.4AI score0.01416EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities5000