Lucene search
K
OsvMost viewed

907757 matches found

OSV
OSV
added 2022/09/02 6:37 p.m.78 views

GO-2022-0963 Resource exhaustion in github.com/gagliardetto/binary

A memory allocation vulnerability can be exploited to allocate arbitrarily large slices, which can exhaust available memory or crash the program. When parsing data from untrusted sources of input e.g. the blockchain, the length of the slice to allocate is read directly from the data itself withou...

8.8CVSS7.9AI score0.00941EPSS
Exploits1References3
OSV
OSV
added 2022/02/11 11:17 p.m.78 views

GHSA-Q9X4-Q76F-5H5J Unauthenticated users can exploit an enumeration vulnerability in Harbor (CVE-2019-19030)

Impact Sean Wright from Secureworks has discovered an enumeration vulnerability. An attacker can make use of the Harbor API to make unauthenticated calls to the Harbor instance. Based on the HTTP status code in the response, an attacker is then able to work out which resources exist, and which do...

5.3CVSS5.3AI score0.01891EPSS
Exploits1References3
OSV
OSV
added 2021/04/14 8:4 p.m.78 views

GO-2021-0076 Out-of-bounds write in github.com/evanphx/json-patch

A malicious JSON patch can cause a panic due to an out-of-bounds write attempt. This can be used as a denial of service vector if exposed to arbitrary user input...

7.7CVSS7.4AI score0.01952EPSS
Exploits0References2
OSV
OSV
added 2020/09/02 5:29 p.m.78 views

GHSA-754H-5R27-7X3R RCE in Symfony

Description ----------- The CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X-Body-Eval and X-Body-File to control the restoration of cached responses. The class was initially written with surroga...

8CVSS8.7AI score0.03043EPSS
Exploits0References11
OSV
OSV
added 2020/03/04 12:0 a.m.78 views

DLA-2133-1 tomcat7 - security update

Bulletin has no description...

9.8CVSS8.1AI score0.9927EPSS
Exploits45
OSV
OSV
added 2018/10/17 8:7 p.m.78 views

GHSA-G8HW-794C-4J9G Path Traversal in org.springframework:spring-core

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources e.g. CSS, JS, images. When static resources are served from a file system on Windows as opposed to the classpath, or...

5.9CVSS7.3AI score0.35681EPSS
Exploits1References21
OSV
OSV
added 2025/04/01 8:18 a.m.77 views

BIT-GITLAB-2024-10307 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab EE/CE affecting all versions from 12.10 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A maliciously crafted file can cause uncontrolled CPU consumption when viewing the associated merge request...

5.5CVSS4.6AI score0.00245EPSS
Exploits0References3
OSV
OSV
added 2024/07/01 9:50 p.m.77 views

GO-2024-2912 Docker CLI leaks private registry credentials to registry-1.docker.io in github.com/docker/cli

Docker CLI leaks private registry credentials to registry-1.docker.io in github.com/docker/cli...

7.5CVSS7.4AI score0.01536EPSS
Exploits0References2
OSV
OSV
added 2024/04/15 6:30 a.m.77 views

GHSA-G9WG-98C2-QV3V TCPDF Cross-site Scripting vulnerability

TCPDF before 6.7.4 mishandles calls that use HTML syntax...

6.1CVSS6.1AI score0.00582EPSS
Exploits0References6
OSV
OSV
added 2024/01/09 7:35 p.m.77 views

GHSA-59J7-GHRG-FJ52 Microsoft ASP.NET Core project templates vulnerable to denial of service

A Denial of Service vulnerability exists in ASP.NET Core project templates which utilize JWT-based authentication tokens. This vulnerability allows an unauthenticated client to consume arbitrarily large amounts of server memory, potentially triggering an out-of-memory condition on the server and...

6.8CVSS8AI score0.02868EPSS
Exploits0References4
OSV
OSV
added 2023/11/03 5:15 a.m.77 views

PYSEC-2023-227

An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...

7.5CVSS7.1AI score0.01038EPSS
Exploits0References4
OSV
OSV
added 2023/08/04 4:15 p.m.77 views

PYSEC-2023-139

Sydent is an identity server for the Matrix communications protocol. Prior to version 2.5.6, if configured to send emails using TLS, Sydent does not verify SMTP servers' certificates. This makes Sydent's emails vulnerable to interception via a man-in-the-middle MITM attack. Attackers with...

5.3CVSS6.5AI score0.00229EPSS
Exploits0References7
OSV
OSV
added 2023/06/08 8:16 p.m.77 views

GO-2023-1839 Code injection via go command with cgo in cmd/go

The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved...

9.8CVSS8.5AI score0.01708EPSS
Exploits0References3
OSV
OSV
added 2023/04/01 12:0 a.m.77 views

ASB-A-261858325

In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00199EPSS
Exploits0References2
OSV
OSV
added 2023/03/10 3:30 a.m.77 views

GHSA-J83X-R9QQ-9G4V Froxlor is vulnerable to authentication bypass

Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor prior to 2.0.13...

9.8CVSS9.5AI score0.01073EPSS
Exploits1References4
OSV
OSV
added 2023/01/17 8:15 p.m.77 views

CVE-2022-37436

Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client...

5.3CVSS1.6AI score
Exploits0References2
OSV
OSV
added 2022/05/13 1:17 a.m.77 views

GHSA-J7MW-7CRR-658V Richfaces vulnerable to arbitrary code execution

The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language EL injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData...

9.8CVSS9.7AI score0.74171EPSS
Exploits6References10
OSV
OSV
added 2022/02/19 12:0 a.m.78 views

DSA-5083-1 webkit2gtk - security update

Bulletin has no description...

8.8CVSS7.8AI score0.16342EPSS
Exploits0
OSV
OSV
added 2022/02/10 8:46 p.m.77 views

GHSA-C7F6-4VX5-4263 Unrestricted Upload of File with Dangerous Type in Liferay Portal and Liferay DXP

Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix pack 18 and 7.2 before fix pack 6, does not restrict the size of a multipart/form-data POST action, which allows remote authenticated users to conduct denial-of-service attacks by uploading large files...

6.5CVSS6.2AI score0.02164EPSS
Exploits0References5
OSV
OSV
added 2021/10/12 9:59 p.m.77 views

GHSA-MPJM-V997-C4H4 Electron's sandboxed renderers can obtain thumbnails of arbitrary files through the nativeImage API

Impact This vulnerability allows a sandboxed renderer to request a "thumbnail" image of an arbitrary file on the user's system. The thumbnail can potentially include significant parts of the original file, including textual data in many cases. All current stable versions of Electron are affected...

6.8CVSS8.6AI score0.01017EPSS
Exploits0References5
OSV
OSV
added 2021/08/01 12:0 a.m.77 views

ASB-A-183188047

In fastrpcinternalinvoke of drivers/misc/fastrpc.c, there is a possible way for user-mode processes to send fastrpc kernel requests due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...

7.8CVSS8AI score0.00305EPSS
Exploits0References2
OSV
OSV
added 2019/02/20 3:29 a.m.77 views

CVE-2019-8942

WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an wpattachedfile Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image...

8.8CVSS7.1AI score
Exploits0References9
OSV
OSV
added 2011/09/08 12:0 a.m.77 views

DSA-2303-1 linux-2.6 - several issues

Bulletin has no description...

9.1CVSS7.5AI score0.05689EPSS
Exploits13
OSV
OSV
added 2024/03/06 10:56 a.m.76 views

BIT-APACHE-2021-26690 mod_session NULL pointer dereference

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by modsession can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service...

7.5CVSS8.5AI score0.65067EPSS
Exploits0References13
OSV
OSV
added 2024/03/06 10:53 a.m.76 views

BIT-APACHE-2022-22719 mod_lua Use of uninitialized value of in r:parsebody

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier...

7.5CVSS8.6AI score0.69803EPSS
Exploits0References16
OSV
OSV
added 2024/01/31 6:15 p.m.76 views

PYSEC-2024-29

OctoPrint is a web interface for 3D printer.s OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to change the password of other admin accounts, including their own, without having to repeat their password. An attacker who managed to hijack an adm...

4.9CVSS6.8AI score0.00519EPSS
Exploits0References3
OSV
OSV
added 2022/12/26 12:0 a.m.76 views

DLA-3249-1 mbedtls - security update

Bulletin has no description...

9.8CVSS5.8AI score0.02569EPSS
Exploits6
OSV
OSV
added 2022/12/22 5:41 p.m.76 views

GO-2022-1175 Exposure of local files in github.com/cortexproject/cortex

A malicious actor could remotely read local files by submitting to the Alertmanager Set Configuration API maliciously crafted inputs. Only users of the Alertmanager service where "-experimental.alertmanager.enable-api" or "enableapi: true" is configured are affected...

6.5CVSS6.2AI score0.00753EPSS
Exploits0References3
OSV
OSV
added 2022/10/23 12:0 a.m.76 views

DSA-5257-2 linux - regression update

Bulletin has no description...

7.2AI score
Exploits0
OSV
OSV
added 2022/09/10 12:0 a.m.76 views

GHSA-RHWX-HJX2-X4QR PDFKit vulnerable to Command Injection

The package pdfkit is vulnerable to Command Injection where the URL is not properly sanitized. Note: This issue was patched in 0.8.7.2, but the patch was discovered to be ineffective. The updated patch version is 0.8.7.2...

9.8CVSS9.5AI score0.38924EPSS
Exploits11References14
OSV
OSV
added 2022/07/12 7:39 p.m.76 views

GHSA-3HHC-QP5V-9P2J Active Record RCE bug with Serialized Columns

When serialized columns that use YAML the default are deserialized, Rails uses YAML.unsafeload to convert the YAML data in to Ruby objects. If an attacker can manipulate data in the database via means like SQL injection, then it may be possible for the attacker to escalate to an RCE. There are no...

9.8CVSS9.4AI score0.02386EPSS
Exploits1References8
OSV
OSV
added 2022/05/25 12:0 a.m.76 views

GHSA-RF6Q-VX79-MJXR Undertow Uncontrolled Resource Consumption

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final a...

7.5CVSS6.1AI score0.01175EPSS
Exploits0References4
OSV
OSV
added 2022/04/08 10:0 p.m.76 views

GHSA-QPP2-2MCP-2WM5 Unauthenticated user can list hidden document from multiple velocity templates in XWiki

Impact A guest user without the right to view pages of the wiki can still list documents by rendering some velocity documents. Patches The problem has been patched in XWiki versions 12.10.11, 13.4.4, and 13.9-rc-1. Workarounds There is no known workaround for this problem. References...

5.3CVSS5.1AI score0.00985EPSS
Exploits1References4
OSV
OSV
added 2022/02/27 12:0 a.m.76 views

GHSA-5875-P652-2PPM Exposure of Resource to Wrong Sphere in microweber

Exposure of Resource to Wrong Sphere in microweber prior to 1.3 allows users to add deleted products to a cart and buy it...

4.3CVSS4.7AI score0.00631EPSS
Exploits1References4
OSV
OSV
added 2022/02/11 11:27 p.m.76 views

GHSA-742W-89GC-8M9C containerd v1.2.x can be coerced into leaking credentials during image pull

Impact If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer otherwise known as a “foreign layer”, the default containerd resolver will follow that URL to attempt to download it. In v1.2.x but not 1.3.0 o...

6.1CVSS6.9AI score0.02209EPSS
Exploits1References9
OSV
OSV
added 2021/11/01 12:0 a.m.76 views

DSA-5000-1 openjdk-11 - security update

Bulletin has no description...

7.1CVSS6.4AI score0.14839EPSS
Exploits0
OSV
OSV
added 2021/09/16 3:15 p.m.76 views

CVE-2021-40438

A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

9CVSS1.2AI score0.99999EPSS
Exploits5References20
OSV
OSV
added 2021/08/24 3:15 p.m.76 views

CVE-2021-3712

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

7.4CVSS0.3AI score
Exploits0References21
OSV
OSV
added 2021/03/02 2:57 a.m.76 views

GHSA-W5HR-JM4J-9JVQ Sandbox escape through template_object in smarty

Sandbox protection could be bypassed through access to an internal Smarty object that should have been blocked. Sites that rely on Smarty Security features should upgrade as soon as possible. Please upgrade to 3.1.39 or higher...

7.5CVSS8.5AI score0.09436EPSS
Exploits1References10
OSV
OSV
added 2020/12/01 12:0 a.m.76 views

ASB-A-150693166

In auditfreelsmfield of auditfilter.c, there is a possible bad kfree due to a logic error in auditdatatoentry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS8.3AI score0.00213EPSS
Exploits0References2
OSV
OSV
added 2018/09/10 12:0 a.m.76 views

DLA-1500-1 openssh - security update

Bulletin has no description...

9.8CVSS6.7AI score0.58568EPSS
Exploits26
OSV
OSV
added 2017/10/24 6:33 p.m.76 views

GHSA-99CH-8MVP-G7M5 md2pdf allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename

converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename...

10CVSS7.1AI score0.02161EPSS
Exploits3References6
OSV
OSV
added 2017/10/24 6:33 p.m.76 views

GHSA-3M6R-39P3-JQ25 Doorkeeper is vulnerable to replay attacks

The Doorkeeper gem before 4.2.0 for Ruby might allow remote attackers to conduct replay attacks or revoke arbitrary tokens by leveraging failure to implement the OAuth 2.0 Token Revocation specification...

9.1CVSS9.1AI score0.04685EPSS
Exploits0References11
OSV
OSV
added 2016/04/21 10:59 a.m.76 views

CVE-2016-0643

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML...

3.3CVSS5.9AI score
Exploits0References22
OSV
OSV
added 2026/06/09 10:8 a.m.75 views

RHSA-2026:24381 Red Hat Security Advisory: kernel security update

Bulletin has no description...

7.8CVSS6.6AI score0.00378EPSS
Exploits4References20
OSV
OSV
added 2026/04/22 12:4 a.m.75 views

OSV-2026-609 Security exception in com.github.javaparser.ast.NodeList.forEach

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504814677 Crash type: Security exception Crash state: com.github.javaparser.ast.NodeList.forEach com.github.javaparser.ast.visitor.VoidVisitorAdapter.visit...

5.8AI score
Exploits0References1
OSV
OSV
added 2025/09/17 5:3 p.m.75 views

GO-2025-3950 Mattermost Missing Authorization vulnerability in github.com/mattermost/mattermost-server

Mattermost Missing Authorization vulnerability in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability...

6.5CVSS6.9AI score0.00242EPSS
Exploits0References3
OSV
OSV
added 2025/04/26 6:28 a.m.75 views

BIT-GITLAB-2024-12244 Missing Authorization in GitLab

An issue has been discovered in access controls could allow users to view certain restricted project information even when related features are disabled in GitLab EE, affecting all versions from 17.7 prior to 17.9.7, 17.10 prior to 17.10.5, and 17.11 prior to 17.11.1...

4.3CVSS4.3AI score0.00276EPSS
Exploits1References3
OSV
OSV
added 2024/08/21 5:15 p.m.75 views

CVE-2024-5762

Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.1CVSS8.1AI score
Exploits0References2
OSV
OSV
added 2024/06/24 7:4 p.m.75 views

SUSE-SU-2024:2185-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free bsc1225201. - CVE-2021-47496: Fix flipped sign in tlserrabort calls bsc1225354 -...

9.8CVSS8.1AI score0.17563EPSS
Exploits7References400
Total number of security vulnerabilities5000