Lucene search
K
OsvMost viewed

921352 matches found

OSV
OSV
•added 2022/05/01 11:38 p.m.•90 views

GHSA-VV6J-5X58-Q2C3 Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF)

Cross-site scripting XSS vulnerability in Sun Java Server Faces JSF 1.2 before 1.208 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

5.3CVSS5.3AI score0.02537EPSS
Exploits1References4
OSV
OSV
•added 2021/11/01 12:0 a.m.•90 views

ASB-A-196926917

In unixscmtoskb of afunix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

6.9CVSS7.3AI score0.00811EPSS
Exploits0References2
OSV
OSV
•added 2021/10/26 2:55 p.m.•90 views

GHSA-J7QV-PGF6-HVH4 XSS in `*Text` options of the Datepicker widget in jquery-ui

Impact Accepting the value of various Text options of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way: js $ "datepicker" .datepicker showButtonPanel: true, showOn: "both", closeText: "doEvilThing 'closeText XSS...

6.5CVSS6.5AI score0.07948EPSS
Exploits1References25
OSV
OSV
•added 2026/06/15 8:12 p.m.•89 views

GHSA-537C-GMF6-5CCF Vulnerable OpenSSL included in cryptography wheels

pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in wheels prior to cryptograph 48.01 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20260609.txt. If yo...

7.5CVSS5.3AI score
Exploits0References3
OSV
OSV
•added 2026/05/12 12:12 a.m.•89 views

GHSA-G7CV-RXG3-HMPX Malware in @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys

Summary On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/ packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow...

9.6CVSS5.8AI score0.02342EPSS
Exploits3References8
OSV
OSV
•added 2026/01/29 12:44 a.m.•89 views

CGA-29W5-PM2P-PQ8V

Bulletin has no description...

7.5CVSS5.8AI score0.01392EPSS
Exploits1
OSV
OSV
•added 2025/07/10 9:2 a.m.•89 views

BIT-PYTHON-2025-4517 Arbitrary writes via tarfile realpath overflow

Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter= parameter with a value of...

9.4CVSS9.7AI score0.01184EPSS
Exploits11References13
OSV
OSV
•added 2024/06/04 10:26 p.m.•89 views

GHSA-PRJP-H48F-JGF6 ActionText ContentAttachment can Contain Unsanitized HTML

Instances of ActionText::Attachable::ContentAttachment included within a richtextarea tag could potentially contain unsanitized HTML. This has been assigned the CVE identifier CVE-2024-32464. Versions Affected: = 7.1.0 Not affected: 7.1.0 Fixed Versions: 7.1.3.4 Impact ------ This could lead to a...

6.1CVSS5.9AI score0.00434EPSS
Exploits0References5
OSV
OSV
•added 2024/05/22 12:0 a.m.•89 views

ALSA-2024:3138 Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section. Additional...

10CVSS7.7AI score0.07619EPSS
Exploits13References97
OSV
OSV
•added 2024/03/06 10:54 a.m.•89 views

BIT-CODEIGNITER-2022-24711

CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. Prior to version 4.1.9, an improper input validation vulnerability allows attackers to execute CLI routes via HTTP request. Version 4.1.9 contains a patch. There are currently no known workarounds for this vulnerabilit...

9.8CVSS9.5AI score0.01154EPSS
Exploits0References2
OSV
OSV
•added 2024/03/06 10:51 a.m.•89 views

BIT-APACHE-2023-27522 Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting

HTTP Response Smuggling vulnerability in Apache HTTP Server via modproxyuwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client...

7.5CVSS8.7AI score0.02134EPSS
Exploits0References5
OSV
OSV
•added 2023/07/19 11:31 a.m.•89 views

CVE-2023-3446 Excessive time spent checking DH keys and parameters

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...

5.3CVSS6.5AI score0.05533EPSS
Exploits0References15
OSV
OSV
•added 2023/04/05 9:5 p.m.•89 views

GO-2023-1703 Backticks not treated as string delimiters in html/template

Templates do not properly consider backticks as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to...

9.8CVSS8.8AI score0.02281EPSS
Exploits0References3
OSV
OSV
•added 2022/07/07 12:0 a.m.•89 views

GHSA-XJ57-8QJ4-C4M6 Code injection in Apache Commons Configuration

Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.configuration2.interpol.Lookup that performs the...

9.8CVSS9AI score0.42646EPSS
Exploits3References10
OSV
OSV
•added 2022/04/11 12:0 a.m.•89 views

OSV-2022-331 Stack-buffer-overflow in void unwindstack::Symbols::BuildRemapTable<Elf64_Sym>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46546 Crash type: Stack-buffer-overflow READ Crash state: void unwindstack::Symbols::BuildRemapTable bool unwindstack::Symbols::GetName unwindstack::ElfInterfaceImpl::GetFunctionName...

7.2AI score
Exploits0References1
OSV
OSV
•added 2022/02/22 9:51 p.m.•89 views

GHSA-VV6J-WW6X-54GX Use after free in Animation

CVE-2022-0609: Use after free in Animation - https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop14.html - https://vulners.com/cve/CVE-2022-0609 Google is aware of reports that exploits for CVE-2022-0609 exist in the wild. The exploitation is known to be easy. The attac...

8.8CVSS9.2AI score0.23546EPSS
Exploits0References5
OSV
OSV
•added 2022/02/01 12:45 a.m.•89 views

GHSA-9F3J-PM6F-9FM5 Race condition in Apache Tomcat

The fix for bug CVE-2020-9484 introduced a time of check time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is...

7CVSS7.1AI score0.00692EPSS
Exploits15References8
OSV
OSV
•added 2021/10/05 8:23 p.m.•89 views

GHSA-M2JH-FXW4-GPHM HTTP Host Header Injection

Meta CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:O/RC:C 3.5 Problem It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute URLs during the frontend...

4.8CVSS4.9AI score0.02662EPSS
Exploits0References8
OSV
OSV
•added 2021/08/09 8:43 p.m.•89 views

GHSA-HWFP-HG2M-9VR2 Integer overflow in pywin32

An integer overflow exists in pywin32 prior to version b301 when adding an access control entry ACE to an access control list ACL that would cause the size to be greater than 65535 bytes. An attacker who successfully exploited this vulnerability could crash the vulnerable process...

7.1CVSS6.4AI score0.01729EPSS
Exploits0References8
OSV
OSV
•added 2025/04/09 10:21 p.m.•88 views

CVE-2025-24375 MySQL K8s charm could leak credentials for root-level user `serverconfig`

Charmed MySQL K8s operator is a Charmed Operator for running MySQL on Kubernetes. Before revision 221, the method for calling a SQL DDL or python based mysql-shell scripts can leak database users credentials. The method mysql-operator calls mysql-shell application rely on writing to a temporary...

5CVSS7.1AI score0.00147EPSS
Exploits0References7
OSV
OSV
•added 2024/03/06 10:56 a.m.•88 views

BIT-APACHE-2021-30641 Unexpected URL matching with 'MergeSlashes OFF'

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

5.3CVSS7.4AI score0.52331EPSS
Exploits0References13
OSV
OSV
•added 2024/02/08 11:39 p.m.•88 views

CVE-2024-24825 TokenManager not checking permissions on cached tokens in DIRAC

DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There are no known...

9.1CVSS7.7AI score0.00534EPSS
Exploits0References4
OSV
OSV
•added 2024/01/09 6:28 p.m.•88 views

GHSA-8G9C-28FC-MCX2 Duplicate Advisory: Microsoft Identity Denial of service vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-59j7-ghrg-fj52. This link is maintained to preserve external references. Original Description Impact An attacker could exploit this vulnerability by crafting a malicious JSON Web Encryption JWE token with a high...

6.8CVSS7.3AI score0.02868EPSS
Exploits0References7
OSV
OSV
•added 2023/11/17 10:48 p.m.•88 views

GHSA-4XW9-CX39-R355 json-web-token library is vulnerable to a JWT algorithm confusion attack

Summary The json-web-token library is vulnerable to a JWT algorithm confusion attack. Details On line 86 of the 'index.js' file, the algorithm to use for verifying the signature of the JWT token is taken from the JWT token, which at that point is still unverified and thus shouldn't be trusted. To...

7.5CVSS7.2AI score0.00304EPSS
Exploits1References5
OSV
OSV
•added 2023/01/13 10:39 p.m.•88 views

GO-2023-1495 Request smuggling due to improper request handling in golang.org/x/net/http2/h2c

A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be...

7.5CVSS7.5AI score0.01814EPSS
Exploits1References2
OSV
OSV
•added 2023/01/12 12:0 a.m.•88 views

CVE-2022-3515

A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment...

9.8CVSS6.4AI score0.01635EPSS
Exploits1References7
OSV
OSV
•added 2022/11/18 6:50 p.m.•88 views

GHSA-HC82-W9V8-83PR Witness Block Parsing DoS Vulnerability

Impact All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. Opening channels is prohibited, and also on...

8.2CVSS7AI score0.00999EPSS
Exploits1References6
OSV
OSV
•added 2022/11/01 12:0 a.m.•88 views

DLA-3175-1 python3.7 - security update

Bulletin has no description...

9.8CVSS8.9AI score0.05193EPSS
Exploits1
OSV
OSV
•added 2022/09/26 2:15 p.m.•88 views

UBUNTU-CVE-2022-39243

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

9.8CVSS6AI score0.01177EPSS
Exploits1References5
OSV
OSV
•added 2022/06/08 10:0 a.m.•88 views

CVE-2022-31813 mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded- headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application...

9.8CVSS7AI score0.0314EPSS
Exploits1References8
OSV
OSV
•added 2022/05/13 1:14 a.m.•88 views

GHSA-R6MC-MRVR-23CR Sandbox bypass in Jenkins Pipeline: Groovy Plugin

A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM...

9.9CVSS9.7AI score0.75594EPSS
Exploits3References6
OSV
OSV
•added 2022/03/18 5:55 p.m.•88 views

GHSA-4R8Q-GV9J-3XX6 Open Redirect

Impact In some situations, it is possible to have open redirects where users can be redirected from your site to any other site using a specially crafted URL. This is only the case for installations where the default Hostname Identification is used and the environment uses tenants that have...

4.3CVSS5.7AI score0.0102EPSS
Exploits0References5
OSV
OSV
•added 2022/03/17 1:15 p.m.•88 views

PYSEC-2022-169

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and...

7.5CVSS0.01738EPSS
Exploits0References3
OSV
OSV
•added 2024/07/15 12:17 p.m.•87 views

RLSA-2024:4211 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack CVE-2020-26555 kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number...

7CVSS7.8AI score0.01401EPSS
Exploits1References62
OSV
OSV
•added 2024/04/04 2:15 p.m.•87 views

UBUNTU-CVE-2024-3296

A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The...

5.9CVSS5.8AI score0.00415EPSS
Exploits0References3
OSV
OSV
•added 2024/03/06 10:52 a.m.•87 views

BIT-APACHE-2022-29404 Denial of service in mod_lua r:parsebody

In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody0 may cause a denial of service due to no default limit on possible input size...

7.5CVSS8.5AI score0.05678EPSS
Exploits0References7
OSV
OSV
•added 2023/06/19 7:46 p.m.•87 views

GHSA-WPRV-93R4-JJ2P OpenZeppelin Contracts using MerkleProof multiproofs may allow proving arbitrary leaves for specific trees

Impact When the verifyMultiProof, verifyMultiProofCalldata, processMultiProof, or processMultiProofCalldata functions are in use, it is possible to construct merkle trees that allow forging a valid multiproof for an arbitrary set of leaves. A contract may be vulnerable if it uses multiproofs for...

5.3CVSS5.3AI score0.00371EPSS
Exploits0References5
OSV
OSV
•added 2022/06/24 12:0 a.m.•87 views

GHSA-JHFV-8936-G652 Cross-site Scripting in Jenkins Hidden Parameter Plugin

Jenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape the name and description of Hidden Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. Exploitation of this...

8CVSS5.8AI score0.00606EPSS
Exploits0References4
OSV
OSV
•added 2021/02/09 9:15 p.m.•87 views

PYSEC-2021-142

A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be...

10CVSS5AI score0.05984EPSS
Exploits0References2
OSV
OSV
•added 2024/12/17 6:7 p.m.•86 views

CGA-CFPJ-W2PP-M43X

Bulletin has no description...

9.1CVSS9.2AI score0.03153EPSS
Exploits2
OSV
OSV
•added 2024/07/01 3:32 p.m.•86 views

GHSA-876P-C77M-X2HC Prototype pollution in ag-grid-community via the _.mergeDeep function

ag-grid-community v31.3.2 and ag-grid-enterprise v31.3.2 were discovered to contain a prototype pollution via the .mergeDeep function. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties. Prior versions were also found ...

9.8CVSS9.8AI score0.01158EPSS
Exploits1References6
OSV
OSV
•added 2024/05/14 7:29 a.m.•86 views

BIT-PHP-2024-1874 Command injection via array-ish $command parameter of proc_open()

In PHP versions 8.1. before 8.1.28, 8.2. before 8.2.18, 8.3. before 8.3.5, when using procopen command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands ...

9.4CVSS8.9AI score0.32568EPSS
Exploits3References11
OSV
OSV
•added 2024/05/10 8:7 p.m.•86 views

GO-2024-2821 Denial of Service from untrusted requests in github.com/stacklok/minder

HandleGithubWebhook is susceptible to a denial of service attack from an untrusted HTTP request. An untrusted request can cause the server to allocate large amounts of memory resulting in a denial of service...

7.5CVSS7.3AI score0.00593EPSS
Exploits0References6
OSV
OSV
•added 2024/05/01 5:5 p.m.•86 views

GHSA-2XP3-57P7-QF4V xml-crypto vulnerable to XML signature verification bypass due improper verification of signature/signature spoofing

Summary Default configuration does not check authorization of the signer, it only checks the validity of the signature per section 3.2.2 of https://www.w3.org/TR/2008/REC-xmldsig-core-20080610/sec-CoreValidation. As such, without additional validation steps, the default configuration allows a...

10CVSS9.2AI score0.00833EPSS
Exploits1References10
OSV
OSV
•added 2022/08/30 8:54 p.m.•86 views

GHSA-C8FJ-4PM8-MP2C Broken Authorization in ZITADEL Actions

Impact Actions, introduced in ZITADEL 1.42.0 on the API and 1.56.0 for Console, is a feature, where users with role ORGOWNER are able to create Javascript Code, which is invoked by the system at certain points during the login. Actions, for example, allow creating authorizations user grants on...

8.7CVSS8.7AI score0.00788EPSS
Exploits0References7
OSV
OSV
•added 2022/08/25 12:0 p.m.•86 views

RUSTSEC-2022-0051 Memory corruption in liblz4

lz4-sys up to v1.9.3 bundles a version of liblz4 that is vulnerable to CVE-2021-3520. Attackers could craft a payload that triggers an integer overflow upon decompression, causing an out-of-bounds write. The flaw has been corrected in version v1.9.4 of liblz4, which is included in lz4-sys 1.9.4...

9.8CVSS8.7AI score0.03216EPSS
Exploits0References3
OSV
OSV
•added 2022/05/24 12:1 a.m.•86 views

GHSA-RHGR-952R-6P8Q Command injection in Apache Maven maven-shared-utils

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...

9.8CVSS9.7AI score0.04031EPSS
Exploits0References7
OSV
OSV
•added 2022/05/14 2:3 a.m.•86 views

GHSA-369M-2GV6-MW28 WEBrick RCE Vulnerability

The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name...

8.8CVSS9.6AI score0.16412EPSS
Exploits0References21
OSV
OSV
•added 2022/03/22 7:22 p.m.•86 views

GHSA-GCX2-GVJ7-PXV3 Insufficient Protection against HTTP Request Smuggling in mitmproxy

Impact In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body. While...

9.8CVSS9.4AI score0.01582EPSS
Exploits0References6
OSV
OSV
•added 2022/03/18 12:1 a.m.•86 views

GHSA-FX95-883V-4Q4H Path traversal in github.com/valyala/fasthttp

The package github.com/valyala/fasthttp before 1.34.0 is vulnerable to Directory Traversal via the ServeFile function, due to improper sanitization. It is possible to be exploited by using a backslash %5c character in the path. Note: This security issue impacts Windows users only...

7.5CVSS7.3AI score0.02457EPSS
Exploits1References8
Total number of security vulnerabilities5000