Lucene search
K
OsvMost viewed

909636 matches found

OSV
OSV
•added 2024/05/14 7:29 a.m.•72 views

BIT-PHP-2024-2756 __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix

Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a Host- or Secure- cookie by PHP applications...

6.5CVSS7.3AI score0.3786EPSS
Exploits0References7
OSV
OSV
•added 2024/04/02 7:34 p.m.•72 views

GO-2024-2668 Login username enumeration in github.com/IceWhaleTech/CasaOS-UserService

The Casa OS Login page has a username enumeration vulnerability in the login page that was patched in Casa OS v0.4.7. The issue exists because the application response differs depending on whether the username or password is incorrect, allowing an attacker to enumerate usernames by observing the...

7.5CVSS6.3AI score0.00618EPSS
Exploits1References1
OSV
OSV
•added 2024/03/06 11:23 a.m.•72 views

BIT-GITLAB-2020-10084

GitLab EE 11.6 through 12.8.1 allows Information Disclosure. Sending a specially crafted request to the vulnerabilityfeedback endpoint could result in the exposure of a private project namespace...

5.3CVSS5AI score0.0091EPSS
Exploits0References3
OSV
OSV
•added 2023/11/30 7:15 a.m.•72 views

PYSEC-2023-250

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation made it possible for an attacker to modify the HTTP request e.g. to insert a new header or create a new HTTP request if the attacker controls the HTTP version. The vulnerability only occurs if the...

5.3CVSS5.1AI score0.00874EPSS
Exploits1References4
OSV
OSV
•added 2023/11/29 8:15 p.m.•72 views

CVE-2023-48952

An issue in the boxdeserializereusing function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

7.5CVSS6.5AI score
Exploits0References1
OSV
OSV
•added 2023/10/26 3:15 p.m.•72 views

CVE-2023-45869

ILIAS 7.25 2023-09-12 allows any authenticated user to execute arbitrary operating system commands remotely, when a highly privileged account accesses an XSS payload. The injected commands are executed via the exec function in the execQuoted method of the ilUtil class...

9CVSS6.7AI score0.00765EPSS
Exploits1References2
OSV
OSV
•added 2023/10/23 7:15 a.m.•72 views

CVE-2023-43622

An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...

7.5CVSS7.4AI score
Exploits0References2
OSV
OSV
•added 2023/08/24 2:15 a.m.•72 views

CVE-2023-32559

A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsyn...

7.5CVSS7.3AI score
Exploits0References3
OSV
OSV
•added 2023/06/01 4:4 p.m.•72 views

CVE-2023-32324 OpenPrinting CUPS vulnerable to heap buffer overflow

OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service DoS attack. A buffer overflow vulnerability in the function formatlogline could allow remote attackers to cause a DoS ...

7.5CVSS6.6AI score0.01473EPSS
Exploits1References4
OSV
OSV
•added 2023/03/30 8:16 p.m.•72 views

GHSA-7X45-PHMR-9WQP Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location

Summary An unsafe extraction is being performed using shutil.unpackarchive from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location. This vulnerability is sometimes called a TarSlip or a ZipSlip variant. Details Unpacking files using the...

8.5CVSS8.7AI score0.00883EPSS
Exploits1References7
OSV
OSV
•added 2023/01/10 12:0 a.m.•72 views

DSA-5313-1 hsqldb - security update

Bulletin has no description...

9.8CVSS8.7AI score0.03519EPSS
Exploits1
OSV
OSV
•added 2022/09/28 12:0 a.m.•72 views

DSA-5243-1 lighttpd - security update

Bulletin has no description...

7.5CVSS7.5AI score0.02714EPSS
Exploits5
OSV
OSV
•added 2022/05/24 5:9 p.m.•72 views

GHSA-VJCM-J85R-7P68 DNN File Upload Vulnerability

DNN formerly DotNetNuke through 9.4.4 has a File upload vulnerability via bypassing client-side file extension check...

6.5CVSS6.4AI score0.01815EPSS
Exploits3References5
OSV
OSV
•added 2022/04/04 9:40 p.m.•72 views

GHSA-7VRM-3JC8-5WWM Incorrect Comparison in Vyper

Impact bytestrings can have dirty bytes in them, resulting in the word-for-word comparison to give incorrect results, e.g. vyper b1: Bytes32 = b"abcdef" b1 = sliceb1, 0, 1 b2: Bytes32 = b"abcdef" t: bool = b1 == b2 incorrectly evaluates to True even without dirty nonzero bytes, because there is n...

7.5CVSS5.9AI score0.0097EPSS
Exploits0References4
OSV
OSV
•added 2022/01/06 9:8 p.m.•72 views

GHSA-F8X6-M9F5-FFP8 Unrestricted Upload of File with Dangerous Type in unisharp/laravel-filemanager

This affects the package unisharp/laravel-filemanager prior to version 2.6.2. The upload function does not sufficiently validate the file type when uploading. An attacker may be able to reproduce the following steps: - Install a package with a web Laravel application. - Navigate to the Upload...

6.7CVSS8.9AI score0.01821EPSS
Exploits0References7
OSV
OSV
•added 2022/01/01 12:15 a.m.•72 views

PYSEC-2022-25

UltraJSON aka ujson through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode. Exploitation can, for example, use a large amount of indentation...

5.5CVSS3.4AI score0.0155EPSS
Exploits1References5
OSV
OSV
•added 2021/10/12 10:2 p.m.•72 views

GHSA-267X-W5HX-8HJR Integer Overflow or Wraparound in OpenCV

In opencv/modules/imgcodecs/src/grfmtpxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects OpenCV 3.3 corresponding with OpenCV-Python version 3.3.0.9 and...

8.8CVSS8.8AI score0.02699EPSS
Exploits0References7
OSV
OSV
•added 2021/10/02 12:0 a.m.•72 views

DLA-2776-1 apache2 - security update

Bulletin has no description...

9.8CVSS8.4AI score0.99999EPSS
Exploits5
OSV
OSV
•added 2021/06/08 8:11 p.m.•72 views

GHSA-XX8F-QF9F-5FGW Remote code execution in zendframework and laminas-http

Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend Framework is no longer...

9.8CVSS9.7AI score0.75313EPSS
Exploits3References6
OSV
OSV
•added 2020/11/29 12:0 p.m.•72 views

RUSTSEC-2020-0088 MPMCConsumer/Producer allows sending non-Send type across threads

Affected versions of this crate unconditionally implemented Sync and Send traits for MPMCConsumer and MPMCProducer types. This allows users to send types that do not implement Send trait across thread boundaries, which can cause a data race. The flaw was corrected in the 2.0.1 release by adding T...

5.5CVSS5.2AI score0.00377EPSS
Exploits1References3
OSV
OSV
•added 2020/07/01 12:0 a.m.•72 views

OSV-2020-662 UNKNOWN READ in wmem_strdup_printf

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13725 Crash type: UNKNOWN READ Crash state: wmemstrdupprintf dissectparametersequence dissectrtpssubmessagev2...

7.2AI score
Exploits0References1
OSV
OSV
•added 2020/06/03 9:58 p.m.•72 views

GHSA-9722-RR68-RFPG Upload whitelisted files to any directory in OctoberCMS

Impact An attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the...

3.4CVSS3.5AI score0.0118EPSS
Exploits3References5
OSV
OSV
•added 2019/08/29 12:15 p.m.•72 views

CVE-2019-15782

WebTorrent before 0.107.6 allows XSS in the HTTP server via a title or file name...

6.1CVSS6AI score
Exploits0References3
OSV
OSV
•added 2019/08/13 9:15 p.m.•72 views

CVE-2019-9517

Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write many of the byt...

7.5CVSS2.9AI score
Exploits0References47
OSV
OSV
•added 2019/02/16 12:0 a.m.•72 views

DLA-1679-1 php5 - security update

Bulletin has no description...

9.8CVSS7.9AI score0.65116EPSS
Exploits11
OSV
OSV
•added 2017/10/24 6:33 p.m.•72 views

GHSA-QQXP-XP9V-VVX6 jquery-ui Tooltip widget vulnerable to XSS

Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...

4.3CVSS5.9AI score0.06463EPSS
Exploits0References13
OSV
OSV
•added 2016/09/16 5:59 a.m.•72 views

CVE-2016-2179

The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service memory consumption by maintaining many crafted DTLS sessions simultaneously, related to...

7.5CVSS5.4AI score
Exploits0References23
OSV
OSV
•added 2011/09/22 12:0 a.m.•72 views

DSA-2310-1 linux-2.6 - several issues

Bulletin has no description...

9.1CVSS7.5AI score0.05689EPSS
Exploits13
OSV
OSV
•added 2009/05/06 12:0 a.m.•72 views

DSA-1794-1 linux-2.6 - multiple vulnerabilities

Bulletin has no description...

10CVSS6.2AI score0.1673EPSS
Exploits20
OSV
OSV
•added 2008/03/06 12:0 a.m.•72 views

DSA-1503-2 kernel-source-2.4.27 - several vulnerabilities

Bulletin has no description...

7.8CVSS6.8AI score0.05605EPSS
Exploits9
OSV
OSV
•added 2007/10/02 12:0 a.m.•72 views

DSA-1381-2 linux-2.6

Bulletin has no description...

7.2CVSS5.9AI score0.0082EPSS
Exploits0
OSV
OSV
•added 2004/07/22 12:0 a.m.•72 views

DSA-532 libapache-mod-ssl - several vulnerabilities

Bulletin has no description...

7.5CVSS6.3AI score0.37681EPSS
Exploits0
OSV
OSV
•added 2026/06/11 6:49 a.m.•71 views

MAL-2026-5617 Malicious code in sysnu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eac9873e59ffdf79c56fd4f9366b56e0532f87dc00c4380fae18d714785b0bc8 On require / CLI invocation, sysnu performs two install-time-equivalent actions on Windows hosts. First, if python is not on PATH, index.js lines 42-...

5.6AI score
Exploits0References2
OSV
OSV
•added 2024/10/22 12:6 p.m.•71 views

BIT-PYTHON-2023-27043

The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...

5.3CVSS6.5AI score0.02507EPSS
Exploits1References47
OSV
OSV
•added 2024/09/13 9:32 p.m.•71 views

RHSA-2024:4719 Red Hat Security Advisory: httpd:2.4 security update

Bulletin has no description...

9.8CVSS8.8AI score0.99957EPSS
Exploits1References19
OSV
OSV
•added 2024/06/28 3:28 p.m.•71 views

GO-2024-2537 Rancher 'Audit Log' leaks sensitive information in github.com/rancher/rancher

Rancher 'Audit Log' leaks sensitive information in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, pleas...

8.4CVSS6.5AI score0.01882EPSS
Exploits1References1
OSV
OSV
•added 2024/06/06 12:21 p.m.•71 views

CGA-2P5W-7GJQ-WWX3

Bulletin has no description...

7.5CVSS7AI score0.01042EPSS
Exploits0
OSV
OSV
•added 2024/05/09 6:50 p.m.•71 views

RLSA-2024:2778 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: Out of bounds read in aresreadline CVE-2024-25629 nghttp2: CONTINUATION frames DoS CVE-2024-28182 nodejs: using the fetch function to...

8.2CVSS6.9AI score0.87211EPSS
Exploits2References6
OSV
OSV
•added 2024/05/06 1:4 p.m.•71 views

RLSA-2024:1687 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTT...

9.8CVSS7.4AI score0.03168EPSS
Exploits0References8
OSV
OSV
•added 2024/03/06 10:59 a.m.•71 views

BIT-NGINX-2022-41741 NGINX ngx_http_mp4_module vulnerability CVE-2022-41741

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttpmp4module that might allow a local attacker to corrupt NGINX worker memory, resulting in...

7.8CVSS7.2AI score0.00756EPSS
Exploits2References8
OSV
OSV
•added 2024/03/06 10:57 a.m.•71 views

BIT-APACHE-2020-1927

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL...

6.1CVSS7.1AI score0.56691EPSS
Exploits0References28
OSV
OSV
•added 2024/03/06 10:55 a.m.•71 views

BIT-APACHE-2021-33193 Request splitting via HTTP/2 method injection and mod_proxy

A crafted method sent through HTTP/2 will bypass validation and be forwarded by modproxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48...

7.5CVSS7.8AI score0.46179EPSS
Exploits1References14
OSV
OSV
•added 2024/03/06 10:55 a.m.•71 views

BIT-APACHE-2021-34798 NULL pointer dereference in httpd core

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

7.5CVSS8.7AI score0.64509EPSS
Exploits0References18
OSV
OSV
•added 2023/04/04 3:30 p.m.•71 views

GHSA-GQ63-P39P-JRJF Withdrawn: SQL injection in Yii 2

Withdrawn Advisory This advisory has been withdrawn because the issue originates from a product built on Yii2, not the Yii2 Framework itself. This link is maintained to preserve external references. Original Description SQL injection vulnerability found in Yii Framework Yii 2 Framework before...

9.8CVSS9.7AI score0.01822EPSS
Exploits1References5
OSV
OSV
•added 2023/02/28 12:0 a.m.•71 views

ALSA-2023:0953 Moderate: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS8AI score0.02453EPSS
Exploits1References4
OSV
OSV
•added 2023/02/13 8:49 p.m.•71 views

CVE-2023-25572 React-Admin vulnerable to Cross-Site-Scripting attack on `<RichTextField>`

react-admin is a frontend framework for building browser applications on top of REST/GraphQL APIs. react-admin prior to versions 3.19.12 and 4.7.6, along with ra-ui-materialui prior to 3.19.12 and 4.7.6, are vulnerable to cross-site scripting. All React applications built with react-admin and usi...

5.4CVSS5.3AI score0.00694EPSS
Exploits1References7
OSV
OSV
•added 2022/03/24 12:18 a.m.•71 views

GHSA-2F5V-8R3F-8PWW Improper access control allows admin privilege escalation in Argo CD

Impact Impacts for versions starting with v1.0.0 All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level. To perform the following exploits, an authorized Argo CD use...

9.9CVSS8.6AI score0.01201EPSS
Exploits1References7
OSV
OSV
•added 2022/01/21 6:53 p.m.•71 views

GHSA-82V2-MX6X-WQ7Q Incorrect Default Permissions in log4js

Impact Default file permissions for log files created by the file, fileSync and dateFile appenders are world-readable in unix. This could cause problems if log files contain sensitive information. This would affect any users that have not supplied their own permissions for the files via the mode...

5.5CVSS5.6AI score0.00302EPSS
Exploits0References7
OSV
OSV
•added 2021/04/13 3:17 p.m.•71 views

GHSA-WHQ6-MJ2R-MJQC OS Command Injection in lsof

All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input...

9.8CVSS9.6AI score0.02642EPSS
Exploits1References2
OSV
OSV
•added 2019/06/06 3:30 p.m.•71 views

GHSA-G95F-P29Q-9XW4 Duplicate Advisory: Regular Expression Denial of Service in braces

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-cwfw-4gq5-mrqx. This link is maintained to preserve external references. Original Description Versions of braces prior to 2.3.1 are vulnerable to Regular Expression Denial of Service ReDoS. Untrusted input may...

3.7CVSS5.3AI score
Exploits0References3
Total number of security vulnerabilities5000