905908 matches found
CVE-2024-24015
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL via /sys/user/exit...
GHSA-6HRG-QMVC-2XH8 joblib vulnerable to arbitrary code execution
The package joblib from 0 and before 1.2.0 is vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
GHSA-HXRM-9W7P-39CC Cookie parsing failure
A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.The security update addresses...
GHSA-WXCC-2F3Q-4H58 Grafana Alerting VictorOps integration could be exposed to users with Viewer permission
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15...
CVE-2025-0518
Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/afpan.C . This issue affects FFmpeg: 7.1. Issue was fixed: ...
BIT-GITLAB-2024-2191 Improper Access Control in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows merge request title to be visible publicly despite being set as project members only...
GHSA-4QHC-V8R6-8VWM HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability
HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. A large number of these requests may lead to denial-of-service. Fixed in Vault 1.15.2, 1.14.6, and 1.13.10...
BIT-2023-46118
RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it vulnerable for denial of service DoS attacks with very large messages. An authenticated user with sufficient credentials can publish a very large messages over the HTTP API...
PYSEC-2023-184
opencv-python-headless versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-python-headless v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2...
GHSA-WC9W-WVQ2-FFM9 Server Side Request Forgery in Grafana
The avatar feature in Grafana github.com/grafana/grafana/pkg/api/avatar 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue that allows remote code execution. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result t...
GHSA-269G-PWP5-87PP TemporaryFolder on unix-like systems does not limit access to created files
Vulnerability The JUnit4 test rule TemporaryFolder contains a local information disclosure vulnerability. Example of vulnerable code: java public static class HasTempFolder @Rule public TemporaryFolder folder = new TemporaryFolder; @Test public void testUsingTempFolder throws IOException...
GO-2025-3603 Query smuggling in ch-go library in github.com/ClickHouse/ch-go
Query smuggling in ch-go library in github.com/ClickHouse/ch-go...
BIT-MYSQL-CLIENT-2023-52968
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fixfieldsifneeded under mysqlderivedprepare when derived is not yet prepared, leading to a findfieldintable crash...
BIT-MYSQL-CLIENT-2023-52970
MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., 11.0 through 11.0., and 11.1 through 11.4. crashes in Itemdirectviewref::derivedfieldtransformerforwhere...
BIT-HAPROXY-2024-53008
Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...
BIT-GITLAB-2024-11668 Insufficient Session Expiration in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. Long-lived connections could potentially bypass authentication controls, allowing unauthorized access to streaming results...
CVE-2024-6595 Uncontrolled Search Path Element in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2 where it was possible to upload an NPM package with conflicting package data...
CVE-2024-24025
An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: upload. An attacker can pass in specially crafted filename parameter to perform arbitrary File download...
GO-2023-2158 Google Sheet API key disclosure in github.com/grafana/google-sheets-datasource
Error messages for the Google Sheets data source plugin were improperly sanitized. The Google Sheet API-key could potentially be exposed...
GHSA-CMHX-CQ75-C4MJ Regular Expression Denial of Service in System.Text.RegularExpressions
A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981...
BIT-GITLAB-2024-2880 Improper Access Control in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2 in which a user with admingroupmember custom role permission could ban group members...
GHSA-G3WG-6MCF-8JJ6 Local Temp Directory Hijacking Vulnerability
Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the...
BIT-MYSQL-CLIENT-2023-52971
MariaDB Server 10.10 through 10.11. and 11.0 through 11.4. crashes in JOIN::fixallsplittingsinplan...
BIT-MYSQL-CLIENT-2025-21490
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
CVE-2024-5257 Improper Access Control in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.0.4 and from 17.1 prior to 17.1.2 where a Developer user with admincomplianceframework custom role may have been able to modify the URL for a group namespace...
BIT-APACHE-2024-24795 Apache HTTP Server: HTTP Response Splitting in multiple modules
HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue...
DLA-3408-1 jruby - security update
Bulletin has no description...
GHSA-C73W-4RCJ-2622 Typo3 API Install Tool vulnerable to Cross-site Scripting
Cross-site scripting XSS vulnerability in the Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...
BIT-GITLAB-2024-3115 Exposure of Sensitive Information to an Unauthorized Actor in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to access issues and epics without having an SSO session using Duo Chat...
BIT-APACHE-2023-38709 Apache HTTP Server: HTTP response splitting
Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58...
GHSA-7V28-G2PQ-GGG8 Ghost vulnerable to remote code execution in locale setting change
Impact A vulnerability in an upstream library means an authenticated attacker can abuse locale input to execute arbitrary commands from a file that has previously been uploaded using the file upload functionality in the post editor. Patches Fixed in 5.2.3, all 5.x sites should update as soon as...
GHSA-Q9XF-JWR4-V445 Authentication Bypass in Apache Tomcat
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...
GHSA-GCX5-3P5F-F8VP Prototype Pollution in jquery.cookie
jQuery Cookie 1.4.1 is affected by prototype pollution, which can lead to DOM cross-site scripting XSS...
OSV-2021-1066 UNKNOWN READ in helper_uc_tracecode
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36571 Crash type: UNKNOWN READ Crash state: helpeructracecode...
CVE-2025-2469 Debug Messages Revealing Unnecessary Information in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.9.6, and 17.10 before 17.10.4. The runtime profiling data of a specific service was accessible to unauthenticated users...
BIT-PYTHON-2024-12254 Unbounded memory buffering in SelectorSocketTransport.writelines()
Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...
BIT-GITLAB-2024-2874 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11 before 16.11.3, and 17.0 before 17.0.1. A runner registered with a crafted description has the potential to disrupt the loading of targeted GitLab web resources...
MAL-2023-8346 Malicious code in situs-slot-gacor-pragmatic-play-dijamin-menang-tahun-2023 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4cd7a331fb814fa537c53d27be98d58490ef24e73e0720abf83775b181ba3501 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-PH3V-2HQ5-5QFQ Code injection in RazorEngine
In the IsolatedRazorEngine component of Antaris RazorEngine through 4.5.1-alpha001, an attacker can execute arbitrary .NET code in a sandboxed environment if users can externally control template contents. NOTE: This vulnerability only affects products that are no longer supported by the maintain...
ASB-A-162844689
In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
GHSA-M454-3XV7-QJ85 CVE-2025-1386- Query smuggling in ch-go library
Impact When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream. Patches If you are using ch-go library, we...
BIT-REDMINE-2023-47258
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in a Markdown formatter...
GHSA-HC39-RJWP-QFFQ Apache Tomcat XSS Vulnerabilities in Examples Web Application
Multiple cross-site scripting XSS vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via...
GHSA-X6MJ-W4JF-JMGW Server Side Request Forgery (SSRF) in Kubernetes
The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery SSRF that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints...
CVE-2024-36469
Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one...
BIT-GITLAB-2024-1947 Improper Handling of Highly Compressed Data (Data Amplification) in GitLab
A denial of service DoS condition was discovered in GitLab CE/EE affecting all versions from 13.2.4 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. By leveraging this vulnerability an attacker could create a DoS condition by sending crafted API calls...
GHSA-G973-978J-2C3P Denial of Service in SheetJS Pro
SheetJS Pro through 0.16.9 allows attackers to cause a denial of service CPU consumption via a crafted .xlsx document that is mishandled when read by xlsx.js...
CVE-2024-42325
Zabbix API user.get returns all users that share common group with the calling user. This includes media and other information, such as login attempts, etc...
BIT-GITLAB-2024-4011 Improper Access Control in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows non-project member to promote key results to objectives...
GHSA-5MG8-W23W-74H3 Information Disclosure in Guava
A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava com.google.common.io.Files.createTempDir. The permissions granted to the directory created defau...