Lucene search
K
OsvMost viewed

908338 matches found

OSV
OSV
added 2024/04/02 7:34 p.m.67 views

GO-2024-2668 Login username enumeration in github.com/IceWhaleTech/CasaOS-UserService

The Casa OS Login page has a username enumeration vulnerability in the login page that was patched in Casa OS v0.4.7. The issue exists because the application response differs depending on whether the username or password is incorrect, allowing an attacker to enumerate usernames by observing the...

7.5CVSS6.3AI score0.00618EPSS
Exploits1References1
OSV
OSV
added 2024/03/06 11:23 a.m.67 views

BIT-GITLAB-2020-10085

GitLab 12.3.5 through 12.8.1 allows Information Disclosure. A particular view was exposing merge private merge request titles...

5.3CVSS5AI score0.00929EPSS
Exploits0References3
OSV
OSV
added 2024/03/06 10:53 a.m.67 views

BIT-CODEIGNITER-2022-39284

CodeIgniter is a PHP full-stack web framework. In versions prior to 4.2.7 setting $secure or $httponly value to true in Config\Cookie is not reflected in setcookie or Response::setCookie. As a result cookie values are erroneously exposed to scripts. It should be noted that this vulnerability does...

4.3CVSS4.3AI score0.00825EPSS
Exploits1References6
OSV
OSV
added 2024/03/06 10:52 a.m.67 views

BIT-APACHE-2022-28614 read beyond bounds via ap_rwrite()

The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using aprwrite or aprputs, such as with modluas r:puts function. Modules compiled and distributed separately from Apache HTTP Server that use t...

5.3CVSS7.1AI score0.04428EPSS
Exploits0References7
OSV
OSV
added 2023/11/02 10:4 p.m.67 views

GO-2023-2162 SQL Injection in List Endpoints in github.com/flyteorg/flyteadmin

A malicious user can send a REST request to a List endpoint with filters that contain custom SQL statements. This can result in SQL injection...

8.8CVSS6.4AI score0.00929EPSS
Exploits0References1
OSV
OSV
added 2023/10/24 7:21 p.m.67 views

GHSA-5PR3-M5HM-9956 WPS Server Side Request Forgery vulnerability

Summary The OGC Web Processing Service WPS specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request Forgery. Details This vulnerability requires: The WPS extension to be installed The WPS security setting...

8.6CVSS9.1AI score0.67715EPSS
Exploits0References5
OSV
OSV
added 2023/03/29 12:0 a.m.67 views

DLA-3371-1 unbound - security update

Bulletin has no description...

7.5CVSS7AI score0.01259EPSS
Exploits0
OSV
OSV
added 2023/02/18 12:0 a.m.67 views

DSA-5354-1 snort - security update

Bulletin has no description...

8.6CVSS5.8AI score0.02367EPSS
Exploits0
OSV
OSV
added 2022/12/02 10:25 p.m.67 views

GHSA-RP2V-V467-Q9VQ GuardDog vulnerable to arbitrary file write when scanning a specially-crafted PyPI package

Impact Running GuardDog against a specially-crafted package can allow an attacker to write an arbitrary file on the machine where GuardDog is executed. This is due to a path traversal vulnerability when extracting the .tar.gz file of the package being scanned, which exists by design in the...

5.8CVSS6.6AI score0.0059EPSS
Exploits0References7
OSV
OSV
added 2022/11/08 4:49 p.m.67 views

GO-2022-1098 Denial of service in message decoding in github.com/btcsuite/btcd

Erroneous message decoding can cause denial of service. Improper checking of maximum witness size during node message decoding prevented nodes in Lightning Labs lnd before 0.15.2-beta to sync...

9.8CVSS9.2AI score0.01195EPSS
Exploits1References4
OSV
OSV
added 2022/07/15 3:28 p.m.67 views

GHSA-RPXG-HG79-H8Q9 SQL Injection in typo3 extension "LUX - TYPO3 Marketing Automation"

A SQL injection issue was discovered in the lux extension before 17.6.1, and 18.x through 24.x before 24.0.2, for TYPO3...

9.8CVSS9.9AI score0.25824EPSS
Exploits0References3
OSV
OSV
added 2022/07/13 12:0 a.m.67 views

GHSA-64X4-9HC6-R2H6 Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library

Summary The Azure Storage Encryption library in Java and other languages is vulnerable to a CBC Padding Oracle attack, similar to CVE-2020-8911. The library is not vulnerable to the equivalent of CVE-2020-8912, but only because it currently only supports AES-CBC as encryption mode. Severity...

4.7CVSS4.9AI score0.005EPSS
Exploits0References4
OSV
OSV
added 2022/06/09 1:15 p.m.67 views

PYSEC-2022-206

OAuthenticator is an OAuth token library for the JupyerHub login handler. CILogonOAuthenticator is provided by the OAuthenticator package, and lets users log in to a JupyterHub via CILogon. This is primarily used to restrict a JupyterHub only to users of a given institute. The allowedidps...

6.5CVSS1.5AI score0.00434EPSS
Exploits0References1
OSV
OSV
added 2022/05/24 5:0 p.m.67 views

GHSA-RJ7P-RFGP-852X Loop with Unreachable Exit Condition in Apache Thrift

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings...

7.5CVSS8.2AI score0.09082EPSS
Exploits0References43
OSV
OSV
added 2022/05/13 1:39 a.m.67 views

GHSA-RJ4P-7MM6-GM9J JBossWS vulnerable to uncontrolled recursion

DOMUtils.java in org.jboss.ws:jbossws-common does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested...

5CVSS7AI score0.02664EPSS
Exploits0References4
OSV
OSV
added 2021/11/23 6:18 p.m.67 views

GHSA-RHF5-F553-XG82 Password exposure in concrete5/core

Unauthorized individuals could view password protected files using viewinline in Concrete CMS previously concrete 5 prior to version 8.5.7. Concrete CMS now checks to see if a file has a password in viewinline and, if it does, the file is not rendered.For version 8.5.6, the following mitigations...

7.5CVSS7.6AI score0.01075EPSS
Exploits0References3
OSV
OSV
added 2021/06/16 5:4 p.m.67 views

GHSA-WPH3-44RJ-92PR elFinder before 2.1.59 contains multiple vulnerabilities leading to RCE

Impact We recently fixed several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with the minimal configuration. Patches The issues were addressed in our last release,...

9.8CVSS9.4AI score0.69934EPSS
Exploits5References7
OSV
OSV
added 2021/04/14 8:4 p.m.67 views

GO-2020-0018

UUIDs generated using NewV1 and NewV4 may not read the expected number of random bytes. These UUIDs may contain a significantly smaller amount of entropy than expected, possibly leading to collisions...

1.8AI score
Exploits0References3
OSV
OSV
added 2018/10/19 4:55 p.m.67 views

GHSA-MCFM-H73V-635M Undertow-core vulnerable to HTTP Request Smuggling

It was discovered in Undertow that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating t...

6.5CVSS6.1AI score0.02712EPSS
Exploits0References2
OSV
OSV
added 2018/01/15 4:29 p.m.67 views

CVE-2018-5702

Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...

8.8CVSS8AI score
Exploits0References7
OSV
OSV
added 2017/10/24 6:33 p.m.67 views

GHSA-QQXP-XP9V-VVX6 jquery-ui Tooltip widget vulnerable to XSS

Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...

4.3CVSS5.9AI score0.06463EPSS
Exploits0References13
OSV
OSV
added 2014/11/22 10:54 a.m.67 views

MGASA-2014-0483 Updated moodle package fixes security vulnerabilities

In Moodle before 2.6.5, without forcing encoding, it was possible that UTF7 characters could be used to force cross-site scripts to AJAX scripts although this is unlikely on modern browsers and on most Moodle pages MSA-14-0035. In Moodle before 2.6.5, an XSS issue through $searchcourse in...

7.5CVSS5.9AI score0.02427EPSS
Exploits0References18
OSV
OSV
added 2014/06/05 12:0 a.m.67 views

DLA-0003-1 openssl - security update

Bulletin has no description...

7.4CVSS6.8AI score0.99977EPSS
Exploits14
OSV
OSV
added 2026/06/17 8:17 p.m.66 views

UBUNTU-CVE-2026-55200

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.2CVSS7.5AI score0.00732EPSS
Exploits10References4
OSV
OSV
added 2025/04/16 4:54 p.m.66 views

GO-2025-3595 Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

6.5CVSS6.7AI score0.0045EPSS
Exploits0References3
OSV
OSV
added 2024/09/18 12:0 a.m.66 views

DLA-3891-1 mariadb-10.5 - security update

Bulletin has no description...

4.9CVSS5.6AI score0.00424EPSS
Exploits0
OSV
OSV
added 2024/09/13 10:0 p.m.66 views

RHSA-2019:2519 Red Hat Security Advisory: rh-php71-php security, bug fix, and enhancement update

Bulletin has no description...

8.1CVSS7.7AI score0.87883EPSS
Exploits30References135
OSV
OSV
added 2024/06/25 1:33 p.m.66 views

MAL-2024-4924 Malicious code in coloramas (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2024/05/14 6:40 p.m.66 views

CVE-2024-32002 Git's recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a .git/ directory...

9CVSS7.6AI score0.25334EPSS
Exploits32References10
OSV
OSV
added 2024/01/02 12:0 a.m.66 views

ALSA-2024:0001 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver CVE-2023-6856 Mozilla: Memory safety bugs fixed in Firefox 121, Firefo...

8.8CVSS8.8AI score0.20472EPSS
Exploits0References24
OSV
OSV
added 2023/11/28 11:28 p.m.66 views

GHSA-4GRX-2X9W-596C Marvin Attack: potential key recovery through timing sidechannels

The Marvin Attack is a timing sidechannel vulnerability which allows performing RSA decryption and signing operations as an attacker with the ability to observe only the time of the decryption operation performed withthe private key. A recent survey of RSA implementations found that the Rust rsa...

5.9CVSS5.4AI score0.00605EPSS
Exploits0References5
OSV
OSV
added 2023/08/27 2:0 p.m.66 views

OSV-2023-745 Heap-buffer-overflow in pcpp::SomeIpSdLayer::isDataValid

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61774 Crash type: Heap-buffer-overflow READ 4 Crash state: pcpp::SomeIpSdLayer::isDataValid pcpp::SomeIpLayer::parseSomeIpLayer pcpp::UdpLayer::parseNextLayer...

7.2AI score
Exploits0References1
OSV
OSV
added 2023/05/25 10:15 p.m.66 views

CVE-2023-2804

A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2mergedupsampleinternal function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could cra...

6.5CVSS7.2AI score0.012EPSS
Exploits1References6
OSV
OSV
added 2023/03/13 3:30 a.m.66 views

GHSA-HC6Q-2MPP-QW7J Cross-realm object access in Webpack 5

Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object...

9.8CVSS9.2AI score0.01421EPSS
Exploits0References6
OSV
OSV
added 2022/10/21 12:0 a.m.66 views

PSF-2022-11 Buffer overflow in the _sha3 module in Python 3.10 and older

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface...

9.8CVSS9.4AI score0.05193EPSS
Exploits1References4
OSV
OSV
added 2022/08/18 7:18 p.m.66 views

GHSA-MJVM-MHGC-Q4GP Incorrect parsing of EVM reversion exit reason in RPC

Impact A low severity security issue was discovered affecting parsing of the RPC result of the exit reason in case of EVM reversion. In release build, this would cause the exit reason being incorrectly parsed and returned by RPC. In debug build, this would cause an overflow panic. No action is...

6.5CVSS6.6AI score0.00947EPSS
Exploits0References5
OSV
OSV
added 2022/05/24 10:0 p.m.66 views

GHSA-Q98C-RQX7-7GHF Improper handling of untrusted branches in Gitea Jenkins Plugin

Jenkins Gitea Plugin prior to 1.1.2 did not implement trusted revisions, allowing attackers without commit access to the Git repo to change Jenkinsfiles even if Jenkins is configured to consider them to be untrusted...

7.5CVSS7.5AI score0.02135EPSS
Exploits0References5
OSV
OSV
added 2022/05/24 7:2 p.m.66 views

GHSA-2259-H742-5VR4 JBoss EJB Client information disclosure vulnerability

A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality...

4.3CVSS5.3AI score0.00743EPSS
Exploits0References2
OSV
OSV
added 2022/05/17 2:22 a.m.66 views

GHSA-23VV-V25H-QWQW Improper Input Validation in Apache Axis2

Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server WAS 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly...

7.5CVSS8.3AI score0.22372EPSS
Exploits3References9
OSV
OSV
added 2022/05/17 12:18 a.m.66 views

GHSA-4HXV-95RC-JQG7 nv-websocket-client allows attackers to spoof SSL/TLS servers via an arbitrary valid certificate

The Java WebSocket client nv-websocket-client does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL/TLS servers via an arbitrary valid certificate...

5.9CVSS5.5AI score0.0066EPSS
Exploits0References2
OSV
OSV
added 2022/05/13 1:11 a.m.67 views

GHSA-R9VV-XJ4W-G8M8 Apache ActiveMQ Artemis RCE Via Deserialization Gadget Chain

The getObject method of the javax.jms.ObjectMessage class in the 1 JMS Core client, 2 Artemis broker, and 3 Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects...

7.2CVSS8.3AI score0.06924EPSS
Exploits0References26
OSV
OSV
added 2022/04/06 12:1 a.m.66 views

GHSA-2V6V-Q994-XVXX Privilege escalation in beego

beego is an open-source, high-performance web framework for the Go programming language. An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally...

7.8CVSS7.5AI score0.00432EPSS
Exploits1References3
OSV
OSV
added 2022/02/11 11:26 p.m.66 views

GHSA-F5PG-7WFW-84Q9 CBC padding oracle issue in AWS S3 Crypto SDK for golang

Summary The golang AWS S3 Crypto SDK is impacted by an issue that can result in loss of confidentiality and message forgery. The attack requires write access to the bucket in question, and that the attacker has access to an endpoint that reveals decryption failures without revealing the plaintext...

5.6CVSS5.1AI score0.00348EPSS
Exploits1References10
OSV
OSV
added 2021/08/09 12:0 a.m.66 views

DLA-2734-1 curl - security update

Bulletin has no description...

4.3CVSS6.2AI score0.0627EPSS
Exploits2
OSV
OSV
added 2021/08/01 12:0 a.m.66 views

ASB-A-175193031

In futexsetuptimer and related functions of futex.c, there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.7AI score0.0083EPSS
Exploits0References2
OSV
OSV
added 2021/07/08 12:0 a.m.66 views

DSA-4937-1 apache2 - security update

Bulletin has no description...

9.8CVSS7.8AI score0.68067EPSS
Exploits0
OSV
OSV
added 2021/04/23 12:0 a.m.66 views

DSA-4899-1 openjdk-11 - security update

Bulletin has no description...

5.3CVSS6.1AI score0.03566EPSS
Exploits0
OSV
OSV
added 2021/04/12 2:15 p.m.66 views

PYSEC-2021-147

in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting XSS due to user input not being validated properly when processed by the server. Therefore, an attacker can inject arbitrary JavaScript code inside the application, and possibly steal a user’s sensitive...

5.4CVSS2.9AI score0.0066EPSS
Exploits1References3
OSV
OSV
added 2021/03/25 12:0 a.m.66 views

DLA-2608-1 jquery - security update

Bulletin has no description...

6.9CVSS7.2AI score0.99019EPSS
Exploits11
OSV
OSV
added 2020/07/07 4:34 p.m.66 views

GHSA-XQ5J-GW7F-JGJ8 CSRF Vulnerability in rails-ujs

There is a vulnerability in rails-ujs that allows attackers to send CSRF tokens to wrong domains. Versions Affected: rails = 5.2.4.3, rails = 6.0.3.1 Impact ------ This is a regression of CVE-2015-1840. In the scenario where an attacker might be able to control the href attribute of an anchor tag...

6.5CVSS7.6AI score0.01485EPSS
Exploits1References6
Total number of security vulnerabilities5000