905908 matches found
BIT-2023-4399
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts.However, the restriction can be bypassed used punycode encoding of the...
GHSA-5QJ8-6XXJ-HP9H Dompdf before v2.0.0 vulnerable to chroot check bypass
Dompdf prior to version 2.0.0 is vulnerable to a chroot check bypass, which could cause disclosure of png and jpeg files...
DLA-3444-1 mariadb-10.3 - security update
Bulletin has no description...
GO-2024-2486 HashiCorp Vault Improper Privilege Management in github.com/hashicorp/vault
HashiCorp Vault Improper Privilege Management in github.com/hashicorp/vault...
DSA-2268-1 iceweasel - several
Bulletin has no description...
GO-2024-2508 Enumeration of users in HashiCorp Vault in github.com/hashicorp/vault
Enumeration of users in HashiCorp Vault in github.com/hashicorp/vault...
DSA-3987-1 firefox-esr - security update
Bulletin has no description...
GHSA-79XF-67R4-Q2JJ safe-eval vulnerable to Sandbox Bypass due to improper input sanitization
All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation. Exploiting this vulnerability might result in remote code execution RCE. Vulnerable functions: defineGetter, stack,...
DLA-910-1 libreoffice - security update
Bulletin has no description...
BIT-GITLAB-2020-10073
GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was internally discovered that a potential denial of service involving permissions checks could impact a project home page...
BIT-VAULT-2023-5954 Vault Requests Triggering Policy Checks May Lead To Unbounded Memory Consumption
HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. A large number of these requests may lead to denial-of-service. Fixed in Vault 1.15.2, 1.14.6, and 1.13.10...
GHSA-RP65-9CF3-CJXR Inefficient Regular Expression Complexity in nth-check
There is a Regular Expression Denial of Service ReDoS vulnerability in nth-check that causes a denial of service when parsing crafted invalid CSS nth-checks. The ReDoS vulnerabilities of the regex are mainly due to the sub-pattern \s?:+-?\s\d+? with quantified overlapping adjacency and can be...
GHSA-97XG-PHPR-RG8Q Apache Commons BCEL vulnerable to out-of-bounds write
Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those...
BIT-GITLAB-2020-10075
GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error header was potentially susceptible to injection or potentially other vulnerabilities via unescaped input...
GHSA-G6W6-R76C-28J7 Incorrect Authorization in NATS nats-server
This advisory is canonically Problem Description NATS nats-server through 2022-02-04 has Incorrect Access Control, with unchecked ability for clients to authorize into any account, because of a coding error in a long-extant experimental feature. A client crafting the initial protocol-level...
CVE-2021-36769
A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. An attacker can cause the server to receive messages in a different order than they were sent a client...
BIT-APACHE-2022-23943 mod_sed: Read/write beyond bounds
Out-of-bounds Write vulnerability in modsed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions...
CVE-2024-22938
Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the init function in admin.class.php component...
DLA-0007-1 linux-2.6 - security update
Bulletin has no description...
BIT-GITLAB-2023-4700 Missing Authorization in GitLab
An authorization issue affecting GitLab EE affecting all versions from 14.7 prior to 16.3.6, 16.4 prior to 16.4.2, and 16.5 prior to 16.5.1, allowed a user to run jobs in protected environments, bypassing any required approvals...
GHSA-CQCC-MM6X-VMVW Persistent Cross-site Scripting vulnerability in PrivateBin
In PrivateBin polygon id="triangle" points="0,0 0,50 50,0" fill="00990...
GHSA-VGV8-5CPJ-QJ2F pymatgen vulnerable to arbitrary code execution when parsing a maliciously crafted JonesFaithfulTransformation transformation_string
Summary A critical security vulnerability exists in the JonesFaithfulTransformation.fromtransformationstr method within the pymatgen library. This method insecurely utilizes eval for processing input, enabling execution of arbitrary code when parsing untrusted input. This can be exploited when...
MAL-2025-21003 Malicious code in fs (npm)
The package fs was found to contain malicious code...
BIT-APACHE-2022-36760 Apache HTTP Server: mod_proxy_ajp Possible request smuggling
Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions...
CVE-2023-26044 ReactPHP's HTTP server continues parsing unused multipart parts after reaching limits
react/http is an event-driven, streaming HTTP client and server implementation for ReactPHP. Previous versions of ReactPHP's HTTP server component contain a potential DoS vulnerability that can cause high CPU load when processing large HTTP request bodies. This vulnerability has little to no impa...
BIT-APACHE-2021-41773 Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...
CVE-2024-22199 Django Template Engine Vulnerable to XSS
This package provides universal methods to use multiple template engines with the Fiber web framework using the Views interface. This vulnerability specifically impacts web applications that render user-supplied data through this template engine, potentially leading to the execution of malicious...
GHSA-PFVH-P8QP-9WW9 Gogs OS Command Injection vulnerability
Impact The malicious user is able to update a crafted config file into repository's .git directory in combination with crafted file deletion to gain SSH access to the server on case-insensitive file systems. All installations with repository upload enabled default on case-insensitive file systems...
DLA-2842-1 apache-log4j2 - security update
Bulletin has no description...
GHSA-G6XV-8Q23-W2Q3 SQL Injection in Gogs
Multiple SQL injection vulnerabilities in Gogs aka Go Git Service 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to 1 api/v1/repos/search, which is not properly handled in models/repo.go, or 2 api/v1/users/search, which is...
GHSA-H4MX-XV96-2JGM Cross-Site Scripting in TYPO3's Frontend Login Mailer
Meta CVSS: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C 4.9 Problem User submitted content was used without being properly encoded in HTML emails sent to users. The actually affected components were mail clients used to view those messages. Solution Update to TYPO3 versions 9.5.35...
CVE-2025-27152 Possible SSRF and Credential Leakage via Absolute URL in axios Requests
axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue...
GHSA-W2PM-R78H-4M7V OS Command Injection in Laravel Framework
OS Command injection vulnerability in function link in Filesystem.php in Laravel Framework before 5.8.17...
GHSA-FMVM-X8MV-47MJ Improper CSP in Image Optimization API for Next.js versions between 10.0.0 and 12.1.0
Next.js is a React framework. Starting with version 10.0.0 and prior to version 12.1.0, Next.js is vulnerable to User Interface UI Misrepresentation of Critical Information. In order to be affected, the next.config.js file must have an images.domains array assigned and the image host assigned in...
GHSA-W9MF-83W3-FV49 Keycloak vulnerable to Stored Cross site Scripting (XSS) when loading default roles
A Stored XSS vulnerability was reported in the Keycloak Security mailing list, affecting all the versions of Keycloak, including the latest release 18.0.1. The vulnerability allows a privileged attacker to execute malicious scripts in the admin console, abusing of the default roles functionality...
BIT-GITLAB-2024-9367 Allocation of Resources Without Limits or Throttling in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2, that allows an attacker to cause uncontrolled CPU consumption, potentially leading to a Denial of Service DoS condition while parsing templates to generate...
GHSA-Q28M-8XJW-8VR5 Puma's Keepalive Connections Causing Denial Of Service
This vulnerability is related to CVE-2019-16770. Impact The fix for CVE-2019-16770 was incomplete. The original fix only protected existing connections that had already been accepted from having their requests starved by greedy persistent-connections saturating all threads in the same process...
GHSA-66C4-2G2V-54QW Grafana org admin can delete pending invites in different org
Organization admins can delete pending invites created in an organization they are not part of...
MAL-2024-11458 Malicious code in solara.dll (npm)
--- -= Per source details. Do not edit below this line.=-...
DLA-3582-1 ghostscript - security update
Bulletin has no description...
CVE-2021-3448
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ...
BIT-GRAFANA-2024-8118 Grafana alerting wrong permission on datasource rule write endpoint
In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules...
BIT-APACHE-2022-22720 HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling...
BIT-2023-45145
Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask2 is used, this creates a race condition that enables, during a short period of time, another process...
CVE-2024-23646 Pimcore Admin Classic Bundle SQL Injection in Admin download files as zip
Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. The application allows users to create zip files from available files on the site. In the 1.x branch prior to version 1.3.2, parameter selectedIds is susceptible to SQL Injection. Any backend user with very basic...
BIT-TOMCAT-2020-13935
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 9.0.0 through 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service...
DSA-1058-1 awstats - missing input sanitising
Bulletin has no description...
BIT-GITLAB-2024-4201 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 16.10.7, all versions starting from 16.11 before 16.111.4, all versions starting from 17.0 before 17.0.2. When viewing an XML file in a repository in raw mode, it can be made to render as HT...
BIT-APACHE-2021-42013 Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...
PYSEC-2023-102
A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in PyFindObjects function...