33588 matches found
Directory Traversal
Overview coursevault-preview is a Preview course material files from a configured directory Affected versions of this package are vulnerable to Directory Traversal via improper validation in the resolveSafe utility. An attacker can access files outside the intended directory by supplying crafted...
Improper Privilege Management
Overview Affected versions of this package are vulnerable to Improper Privilege Management in the createUser process in auth/proxy.go when proxy authentication is enabled and default settings include non-empty commands. An attacker can gain unauthorized execution capabilities and access to...
Improper Privilege Management
Overview Affected versions of this package are vulnerable to Improper Privilege Management in the createUser process in auth/proxy.go when proxy authentication is enabled and default settings include non-empty commands. An attacker can gain unauthorized execution capabilities and access to...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization in the resourceGetHandler process. An attacker can access the full content of text files within their authorized scope by sending requests to the /api/resources endpoint, bypassing the intended download permission...
Missing Authorization
Overview github.com/filebrowser/filebrowser/v2/http is a web file browser. Affected versions of this package are vulnerable to Missing Authorization in the resourceGetHandler process. An attacker can access the full content of text files within their authorized scope by sending requests to the...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization due to the withHashFile handler not re-checking the share owner's current permissions. An attacker can access previously created share links and download files without authentication by using a valid but outdated...
Incorrect Authorization
Overview github.com/filebrowser/filebrowser/v2/http is a web file browser. Affected versions of this package are vulnerable to Incorrect Authorization due to the withHashFile handler not re-checking the share owner's current permissions. An attacker can access previously created share links and...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the Matches function due to improper use of strings.HasPrefix for path matching without ensuring a directory boundary. An attacker can gain unauthorized access to files in directories with names that share a commo...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the Matches function due to improper use of strings.HasPrefix for path matching without ensuring a directory boundary. An attacker can gain unauthorized access to files in directories with names that share a commo...
Directory Traversal
Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Directory Traversal in the safeextractall function. An attacker can write files outside the intended extraction directory by crafting a malicious tar archiv...
Incorrect Authorization
Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Incorrect Authorization in the configuration for SSL certificate and key file paths due to incorrect option name checks. An attacker can gain unauthorized...
Arbitrary Argument Injection
Overview Affected versions of this package are vulnerable to Arbitrary Argument Injection through the Runner.exec process. An attacker can execute arbitrary OS commands on the server by uploading or renaming a file with a crafted filename containing shell metacharacters, which are unsafely...
Use of Password Hash With Insufficient Computational Effort
Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Use of Password Hash With Insufficient Computational Effort via the user/info, user/update, and spend/users API endpoints, which return password hash fields in responses to...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the processing of XCOFF object files. An attacker can execute unauthorized code or commands by convincing a user to process a specially crafted file. Remediation A fix was pushed into the master branch but...
Embedded Malicious Code
Overview @velora-dex/sdk is a SDK for the Velora API Affected versions of this package are vulnerable to Embedded Malicious Code that delivers a malicious payload through dist/index.js. An attacker uploaded a compromised version of the package directly to the npm registry. The payload runs a...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the AES-CFB-128 process on x86-64 systems with AVX-512 and VAES support when processing partial cipher blocks. An attacker can cause a crash and application termination by providing input buffers that end at a memo...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free in the DANE client authentication process. An attacker can cause memory corruption, application crashes, or potentially execute arbitrary code by manipulating TLSA records with both PKIX-TA/PKIX-EE and DANE-TA certificate...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the delta CRL processing when the required CRLNumber extension is missing. An attacker can cause an application crash by supplying a specially crafted malformed CRL file. Note: This is only exploitable if the...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the CMSdecrypt function. An attacker can cause a crash by submitting a crafted CMS EnvelopedData message with a missing optional parameters field in the RSA-OAEP SourceFunc algorithm identifier. Notes: - This...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the CMSdecrypt function. An attacker can cause a crash by submitting a specially crafted CMS EnvelopedData message with a missing optional parameters field in the KeyEncryptionAlgorithmIdentifier, leading to ...
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the RSASVE encapsulation process. An attacker can obtain sensitive information by supplying an invalid RSA public key and triggering the use of uninitialized memory contents as...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the hexadecimal conversion process of excessively large OCTET STRING values in X.509 certificate extensions such as Subject Key Identifier or Authority Key Identifier. An attacker can cause a crash, execute...
Cross-site Scripting (XSS)
Overview std/html/template is a Go standard library package std/html/template Affected versions of this package are vulnerable to Cross-site Scripting XSS. Go Vulnerability Report: Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect...
Allocation of Resources Without Limits or Throttling
Overview std/crypto/x509 is a Go standard library package std/crypto/x509 Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: During chain building, the amount of work that is done is not correctly limited when a large...
Allocation of Resources Without Limits or Throttling
Overview std/archive/tar is a Go standard library package std/archive/tar Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted...
Allocation of Resources Without Limits or Throttling
Overview std/crypto/tls is a Go standard library package std/crypto/tls Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: If one side of the TLS connection sends multiple key update messages post-handshake in a singl...
Improper Handling of Case Sensitivity
Overview std/crypto/x509 is a Go standard library package std/crypto/x509 Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity. Go Vulnerability Report: When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly...
Allocation of Resources Without Limits or Throttling
Overview std/crypto/x509 is a Go standard library package std/crypto/x509 Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: Validating certificate chains which use policies is unexpectedly inefficient when certificat...
Time-of-check Time-of-use (TOCTOU) Race Condition
Overview std/internal/syscall/unix is a Go standard library package std/internal/syscall/unix Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition. Go Vulnerability Report:On Linux, if the target of Root.Chmod is replaced with a symlink while the chm...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the baggage header extraction process. An attacker can cause excessive CPU and memory allocations by sending numerous baggage header lines, even if each individual value remains...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the baggage header extraction process. An attacker can cause excessive CPU and memory allocations by sending numerous baggage header lines, even if each individual value remains...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the baggage header extraction process. An attacker can cause excessive CPU and memory allocations by sending numerous baggage header lines, even if each individual value remains...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the baggage header extraction process. An attacker can cause excessive CPU and memory allocations by sending numerous baggage header lines, even if each individual value remains...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the baggage header extraction process. An attacker can cause excessive CPU and memory allocations by sending numerous baggage header lines, even if each individual value remains...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the baggage header extraction process. An attacker can cause excessive CPU and memory allocations by sending numerous baggage header lines, even if each individual value remains...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the baggage header extraction process. An attacker can cause excessive CPU and memory allocations by sending numerous baggage header lines, even if each individual value remains...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the baggage header extraction process. An attacker can cause excessive CPU and memory allocations by sending numerous baggage header lines, even if each individual value remains...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to improper validation in the certificateknown function. An attacker can bypass certificate trust verification by presenting an end entity certificate with a distinguished name and subject key...
Improper Enforcement of Behavioral Workflow
Overview Affected versions of this package are vulnerable to Improper Enforcement of Behavioral Workflow in the TLS 1.3 implementation, which processes ApplicationData records before receiving the Finished message. An attacker can bypass certificate-based client authentication by omitting the...
Missing Report of Error Condition
Overview Affected versions of this package are vulnerable to Missing Report of Error Condition in the verify-blob-attestation module when used without --check-claims flag. An attacker can cause the system to incorrectly report successful verification of attestations with malformed payloads or...
Missing Report of Error Condition
Overview github.com/sigstore/cosign/cmd/cosign/cli/verify is a package that aims to make signatures invisible infrastructure. Affected versions of this package are vulnerable to Missing Report of Error Condition in the verify-blob-attestation module when used without --check-claims flag. An...
Missing Report of Error Condition
Overview Affected versions of this package are vulnerable to Missing Report of Error Condition in the verify-blob-attestation module when used without --check-claims flag. An attacker can cause the system to incorrectly report successful verification of attestations with malformed payloads or...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper handling of user-supplied input in the list fields on page values and the Special:CargoTables interface. An attacker can execute arbitrary JavaScript in the context of other users by injecting...
Missing Authorization
Overview @delmaredigital/payload-puck is a Puck visual page builder plugin for Payload CMS Affected versions of this package are vulnerable to Missing Authorization via the createPuckPlugin function. An attacker can gain unauthorized access to sensitive data and perform unauthorized modifications...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the ?describe page when user-supplied input is reflected in the response without proper sanitization. An attacker can execute JavaScript in the context of a victim's browser by convincing the user to click a...
Deserialization of Untrusted Data
Overview monai is an AI Toolkit for Healthcare Imaging Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the algofrompickle function in monai/auto3dseg/utils.py. An attacker can execute arbitrary code by providing a crafted pickle file that is deserialized...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the rendering of Mustache navigation templates when user-controlled values are interpolated into the href attribute without proper URL scheme validation. An attacker can execute arbitrary JavaScript in the...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the rendering of Mustache navigation templates when user-controlled values are interpolated into the href attribute without proper URL scheme validation. An attacker can execute arbitrary JavaScript in the...
Origin Validation Error
Overview Affected versions of this package are vulnerable to Origin Validation Error through the lack CORS checks Host and Origin header validation on incoming HTTP connections. An attacker can gain unauthorized access to local or private-network servers by tricking a victim into visiting a...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the customQuery argument in the detailPlus endpoint. An attacker can execute arbitrary SQL commands by supplying crafted input remotely. Remediation There is no fixed version for tech.powerjob:powerjob-server-starter...