Lucene search
K
OsvMost viewed

907558 matches found

OSV
OSV
•added 2022/05/14 2:47 a.m.•81 views

GHSA-M27M-628V-XXP2 Exposure of Sensitive Information to an Unauthorized Actor in Apache Sling Servlets Post

The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors...

7.5CVSS7.1AI score0.46187EPSS
Exploits6References6
OSV
OSV
•added 2022/05/13 1:17 a.m.•81 views

GHSA-29GQ-H27W-54QF Jenkins VS Team Services Continuous Deployment Plugin stores credentials in plain text

Jenkins VS Team Services Continuous Deployment Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

4.3CVSS8.7AI score0.01365EPSS
Exploits0References4
OSV
OSV
•added 2022/04/27 9:9 p.m.•81 views

GHSA-8M5H-HRQM-PXM2 Path traversal in the OWASP Enterprise Security API

Impact The default implementation of Validator.getValidDirectoryPathString, String, File, boolean may incorrectly treat the tested input string as a child of the specified parent directory. This potentially could allow control-flow bypass checks to be defeated if an attack can specify the entire...

7.5CVSS7.1AI score0.02674EPSS
Exploits2References10
OSV
OSV
•added 2022/03/22 7:22 p.m.•81 views

GHSA-GCX2-GVJ7-PXV3 Insufficient Protection against HTTP Request Smuggling in mitmproxy

Impact In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body. While...

9.8CVSS9.4AI score0.01582EPSS
Exploits0References6
OSV
OSV
•added 2022/02/09 12:45 a.m.•81 views

GHSA-FMJ2-7WX8-QJ4V Server-side request forgery (SSRF) in Apache XmlGraphics Commons

Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...

8.2CVSS7.4AI score0.0665EPSS
Exploits0References12
OSV
OSV
•added 2022/01/28 12:0 a.m.•81 views

CVE-2022-0392 Heap-based Buffer Overflow in vim/vim

Heap-based Buffer Overflow in GitHub repository vim prior to 8.2...

6.1CVSS7.3AI score0.01514EPSS
Exploits1References12
OSV
OSV
•added 2021/03/29 12:0 a.m.•81 views

DLA-2610-1 linux-4.19 - security update

Bulletin has no description...

8.8CVSS6.9AI score0.02079EPSS
Exploits3
OSV
OSV
•added 2009/11/05 12:0 a.m.•81 views

DSA-1929-1 linux-2.6 - several vulnerabilities

Bulletin has no description...

7.8CVSS7.1AI score0.0493EPSS
Exploits23
OSV
OSV
•added 2024/06/06 12:25 p.m.•80 views

CGA-F79M-WWXV-M882

Bulletin has no description...

5.3CVSS5.4AI score0.00723EPSS
Exploits1
OSV
OSV
•added 2024/02/08 10:46 p.m.•80 views

CVE-2024-25107 Cross-Site Scripting in WikiDiscover

WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. On Special:WikiDiscover, the Language::date function is used when making the human-readable timestamp for inclusion on the wikicreation column. This function uses interface messages to translate the nam...

4.9CVSS6AI score0.00402EPSS
Exploits0References5
OSV
OSV
•added 2023/10/23 7:15 a.m.•80 views

CVE-2023-45802

When a HTTP/2 stream was reset RST frame by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing...

5.9CVSS7.9AI score
Exploits0References6
OSV
OSV
•added 2023/10/23 3:30 a.m.•80 views

GHSA-CQVV-R3G3-26RF free5GC udm vulnerable to Invalid Curve Attack

pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its...

7.5CVSS7.5AI score0.00408EPSS
Exploits0References6
OSV
OSV
•added 2023/07/30 12:0 a.m.•80 views

DSA-5461-1 linux - security update

Bulletin has no description...

7.8CVSS7.2AI score0.05794EPSS
Exploits1
OSV
OSV
•added 2023/07/19 3:30 p.m.•80 views

GHSA-MRWQ-X4V8-FH7P Pygments vulnerable to ReDoS

A ReDoS issue was discovered in pygments/lexers/smithy.py in Pygments until 2.15.0 via SmithyLexer...

6.8CVSS5.6AI score0.00503EPSS
Exploits1References11
OSV
OSV
•added 2023/04/08 5:15 a.m.•80 views

CVE-2023-24626

socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process...

6.5CVSS6.4AI score
Exploits0References4
OSV
OSV
•added 2022/12/06 6:30 p.m.•80 views

GHSA-59FH-RJQ3-XQ7J Thinkphp has a code logic error

Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...

8.8CVSS8.8AI score0.02906EPSS
Exploits1References3
OSV
OSV
•added 2022/11/22 12:0 a.m.•80 views

DLA-3201-1 ntfs-3g - security update

Bulletin has no description...

7.8CVSS5.8AI score0.00347EPSS
Exploits0
OSV
OSV
•added 2022/10/31 5:9 p.m.•80 views

GO-2022-1043 Hardcoded hashed password in github.com/flyteorg/flyteadmin

Default authorization server's configuration settings contain a known hardcoded hashed password. Users who enable auth but do not override this setting may unknowingly allow public traffic in by way of this default password with attackers effectively impersonating propeller...

7.5CVSS6.1AI score0.0067EPSS
Exploits0References3
OSV
OSV
•added 2022/06/20 9:13 p.m.•80 views

MAL-2022-5590 Malicious code in rapidjson (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d8cde70e5ebdf9f1f3ca47531c69bd833ee151e87b26e71cab845eba16fdbe4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
•added 2022/02/24 7:15 p.m.•80 views

CVE-2022-0546

A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution...

7.8CVSS7.4AI score
Exploits0References4
OSV
OSV
•added 2022/01/21 11:2 p.m.•80 views

GHSA-H79X-98R2-G6QC Impersonation of other users (passing XBOX Live authentication) by theft of logins in PocketMine-MP

Impact Minecraft Bedrock authentication and its protocol encryption are inseparably linked. One is not complete without the other. This vulnerability affects servers which are able to be directly connected to via the internet i.e. not behind a proxy. If you are using a proxy, please check that it...

4.7CVSS6.9AI score
Exploits0References3
OSV
OSV
•added 2021/11/19 8:16 p.m.•80 views

GHSA-896R-F27R-55MW json-schema is vulnerable to Prototype Pollution

json-schema before version 0.4.0 is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

9.8CVSS8.8AI score0.03563EPSS
Exploits1References8
OSV
OSV
•added 2021/05/17 8:51 p.m.•80 views

GHSA-6QMF-FJ6M-686C Open Redirect in Flask-Security-Too

Impact Flask-Security allows redirects after many successful views e.g. /login by honoring the ?next query param. There is code in FS to validate that the url specified in the next parameter is either relative OR has the same netloc network location as the requesting URL. This check utilizes...

3.1CVSS6.3AI score0.03289EPSS
Exploits0References7
OSV
OSV
•added 2018/11/09 5:44 p.m.•80 views

GHSA-7XFP-9C55-5VQJ Remote Memory Exposure in request

Affected versions of request will disclose local system memory to remote systems in certain circumstances. When a multipart request is made, and the type of body is number, then a buffer of that size will be allocated and sent to the remote server as the body. Proof of Concept js var request =...

5.9CVSS5.6AI score0.02625EPSS
Exploits1References6
OSV
OSV
•added 2024/10/13 7:7 p.m.•79 views

BIT-GITLAB-2024-9596 Inclusion of Sensitive Information in Source Code in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 16.6 prior to 17.2.9, from 17.3 prior to 17.3.5, and from 17.4 prior to 17.4.2. It was possible for an unauthenticated attacker to determine the GitLab version number for a GitLab instance...

5.3CVSS4.7AI score0.0033EPSS
Exploits0References2
OSV
OSV
•added 2024/10/13 7:7 p.m.•79 views

BIT-GITLAB-2024-9623 Incorrect Authorization in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows deploy keys to push to an archived repository...

6.5CVSS5.4AI score0.0033EPSS
Exploits0References2
OSV
OSV
•added 2024/03/06 10:56 a.m.•79 views

BIT-APACHE-2020-1934

In Apache HTTP Server 2.4.0 to 2.4.41, modproxyftp may use uninitialized memory when proxying to a malicious FTP server...

5.3CVSS6.6AI score0.51951EPSS
Exploits0References24
OSV
OSV
•added 2024/03/06 12:31 a.m.•79 views

GHSA-8R3F-844C-MC37 Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

8.7CVSS7AI score0.01262EPSS
Exploits0References9
OSV
OSV
•added 2023/08/10 2:53 p.m.•79 views

CVE-2023-39955 Notes attachment render HTML in preview mode

Notes is a note-taking app for Nextcloud, an open-source cloud platform. Starting in version 4.4.0 and prior to version 4.8.0, when creating a note file with HTML, the content is rendered in the preview instead of the file being offered to download. Nextcloud Notes app version 4.8.0 contains a...

3.5CVSS6.1AI score0.0048EPSS
Exploits0References5
OSV
OSV
•added 2023/05/31 6:41 a.m.•79 views

MGASA-2023-0188 Updated tcpreplay packages fix security vulnerability

An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpeditdltcleanup function at plugins/dltplugins.c. CVE-2023-27783 An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the readhexstring function ...

7.5CVSS7.3AI score0.01506EPSS
Exploits7References3
OSV
OSV
•added 2022/07/05 1:15 p.m.•79 views

CVE-2022-33741

Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...

7.1CVSS1.8AI score
Exploits0References7
OSV
OSV
•added 2022/05/24 5:8 p.m.•79 views

GHSA-FHC8-H6HR-H9MQ ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713...

7.5CVSS8AI score0.17597EPSS
Exploits0References5
OSV
OSV
•added 2022/01/26 2:15 p.m.•79 views

PYSEC-2022-48

Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to...

6.5CVSS3.2AI score0.0266EPSS
Exploits0References4
OSV
OSV
•added 2021/12/15 8:15 p.m.•79 views

CVE-2021-45078

stabxcoffbuiltintype in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699...

7.8CVSS7.5AI score
Exploits0References6
OSV
OSV
•added 2021/06/01 12:0 a.m.•79 views

ASB-A-174904512

In nfconntrackhelperq931 of nfconntrackh323main.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not required for exploitation...

8.3CVSS8.3AI score0.05114EPSS
Exploits1References2
OSV
OSV
•added 2021/05/30 12:0 a.m.•79 views

DLA-2670-1 nginx - security update

Bulletin has no description...

7.7CVSS6.5AI score0.52838EPSS
Exploits10
OSV
OSV
•added 2021/01/20 5:15 p.m.•79 views

CVE-2020-25681

A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overfl...

8.1CVSS7.5AI score
Exploits0References8
OSV
OSV
•added 2017/04/05 8:59 p.m.•79 views

CVE-2017-0883

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via OCS API issue. A permission related issue within the OCS sharing API allowed an authenticated adversary to reshare shared files with an increasing permission set. This may allow an attacker to edit file...

6.4CVSS6.5AI score
Exploits0References2
OSV
OSV
•added 2015/01/28 12:0 a.m.•79 views

DLA-139-1 eglibc - security update

Bulletin has no description...

10CVSS6.8AI score0.94859EPSS
Exploits29
OSV
OSV
•added 2013/03/05 12:0 a.m.•79 views

DSA-2639-1 php5 - several vulnerabilities

Bulletin has no description...

7.5CVSS7.6AI score0.10136EPSS
Exploits1
OSV
OSV
•added 2026/06/15 8:12 p.m.•78 views

GHSA-537C-GMF6-5CCF Vulnerable OpenSSL included in cryptography wheels

pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in wheels prior to cryptograph 48.01 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20260609.txt. If yo...

7.5CVSS5.3AI score
Exploits0References3
OSV
OSV
•added 2026/05/26 12:2 a.m.•78 views

OSV-2026-812 Heap-buffer-overflow in ihevcd_fmt_conv_422sp_to_420p

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=516319578 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ihevcdfmtconv422spto420p ihevcdfmtconv ihevcddecode...

5.8AI score
Exploits0References1
OSV
OSV
•added 2024/06/17 7:26 a.m.•78 views

BIT-MAGENTO-2024-34102

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that...

9.8CVSS9.9AI score0.99994EPSS
Exploits26References2
OSV
OSV
•added 2024/04/26 12:30 a.m.•78 views

GHSA-CJWG-QFPM-7377 python-jose denial of service via compressed JWE content

python-jose through 3.3.0 allows attackers to cause a denial of service resource consumption during a decode via a crafted JSON Web Encryption JWE token with a high compression ratio, aka a "JWT bomb." This is similar to CVE-2024-21319...

5.3CVSS7AI score0.00783EPSS
Exploits1References7
OSV
OSV
•added 2024/03/06 10:51 a.m.•78 views

BIT-APACHE-2022-37436 Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting

Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client...

5.3CVSS7.3AI score0.57941EPSS
Exploits0References3
OSV
OSV
•added 2023/04/21 6:30 p.m.•78 views

GHSA-3QJ8-93XH-PWH2 Duplicate Advisory: Starlette allows an unauthenticated and remote attacker to specify any number of form fields or files

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-74m5-2c7w-9w3x. This link is maintained to preserve external references. Original Description There MultipartParser usage in Encode's Starlette python framework before versions 0.25.0 allows an unauthenticated a...

7.5CVSS7.3AI score0.01288EPSS
Exploits0References5
OSV
OSV
•added 2022/11/02 11:44 p.m.•78 views

GO-2022-1086 Server-side request forger via X-Skipper-Proxy in github.com/zalando/skipper

An attacker can access the internal metadata server or other unauthenticated URLs by adding a specific header X-Skipper-Proxy to the http request...

9.8CVSS9.4AI score0.11004EPSS
Exploits3References3
OSV
OSV
•added 2022/02/11 11:17 p.m.•78 views

GHSA-Q9X4-Q76F-5H5J Unauthenticated users can exploit an enumeration vulnerability in Harbor (CVE-2019-19030)

Impact Sean Wright from Secureworks has discovered an enumeration vulnerability. An attacker can make use of the Harbor API to make unauthenticated calls to the Harbor instance. Based on the HTTP status code in the response, an attacker is then able to work out which resources exist, and which do...

5.3CVSS5.3AI score0.01891EPSS
Exploits1References3
OSV
OSV
•added 2021/04/14 8:4 p.m.•78 views

GO-2021-0076 Out-of-bounds write in github.com/evanphx/json-patch

A malicious JSON patch can cause a panic due to an out-of-bounds write attempt. This can be used as a denial of service vector if exposed to arbitrary user input...

7.7CVSS7.4AI score0.01952EPSS
Exploits0References2
OSV
OSV
•added 2020/10/01 12:0 a.m.•78 views

ASB-A-155288585

In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation...

9.3CVSS8.5AI score0.012EPSS
Exploits0References3
Total number of security vulnerabilities5000