Server Side Request Forgery (SSRF)

ip is vulnerable to Server Side Request Forgery SSRF. The vulnerability is due to some IP addresses being improperly categorized via the isPublic, isPrivate, and isLoopback methods, which allows an attacker to perform Server-Side Request Forgery SSRF if an application utilizes the library to...

Information Disclosure

org.jenkins-ci.plugins:teamconcert is vulnerable to Information Disclosure. A remote authenticated attacker is able to check for the existence of an attacker-specified file path on the Jenkins controller file system due to missing permission checks, resulting in disclosure of sensitive informatio...

Remote Code Execution (RCE)

Microsoft.WindowsDesktop.App.Runtime is vulnerable to Remote Code Execution RCE. The vulnerability is due to how WPF applications load and render XPS documents which allows a local attacker to upload and execute malicious code on the system...

Code Injection

go is vulnerable to Code Injection. The vulnerability causes CSS contexts to unexpectedly close if templates contains multiple actions separated by a '/' are included which could result in injections of unexpected HTML...

Denial Of Service (DoS)

libncurses.so is vulnerable to Denial Of Service DoS. The vulnerability exists via malformed data in a terminfo database file which allows an attacker to trigger a memory corruption causing an application crash...

Denial Of Service (DoS)

github.com/golang/go is vulnerable to Denial of Service DoS attacks. Unusual patterns of input data cause the upcomingHeaderNewlines function to parse HTTP and MIME headers which allocates more memory than required, causing the application to crash via memory exhaustion...

Authentication Bypass

gradio is vulnerable to Authentication Bypass. The vulnerability exists due to the use of hard coded private ssh keys when sharing demos, which allows an attacker to gain access to other demos on the system...

Authentication Bypass

PHP is vulnerable to Authentication Bypass. The vulnerability exists because the Passwordverify function always returns true with some hashes, allowing an attacker to modify password hashes...

Cross-site Scripting (XSS)

react-admin is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the dangerouslySetInnerHTML attribute in RichTextField.tsx does not sanitize on the client side. If the data isn't sanitized server-side, the RichTextField attribute allows an attacker to inject and execute...

Denial Of Service (DoS)

openssl is vulnerable to Denial Of Service DoS. The vulnerability exists because if a recipe cms recipient public key is invalid, the new filter bio is freed and the function returns a NULL result indicating a failure The public API function BIOnewNDEF is a helper function used for streaming ASN....

Denial Of Service (DoS)

golang.org/x/text is vulnerable to denial of service. The vulnerability exists in the ParseAcceptLanguage function of parse.go, allowing an attacker to cause an application crash through the maliciously crafted Accept-Language header...

Insecure Cookie

PHP is vulnerable to Insecure Cookie. The vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a Host- or Secure- cookie by PHP applications...

Server-Side Request Forgery

org.apache.xmlgraphics:batik-bridge is vulnerable to server-side request forgery. The vulnerability exists in DefaultExternalResourceSecurity because the constructor logic does not properly restrict external resources, which allows remote attackers to cause SSRF bypass and gain access to...

Denial Of Service (DoS)

linux-aws is vulnerable to denial of service. The vulnerability exists in nfnetlinkqueue.c because, in the case of an nfqueue not properly validate which allows an attacker to crash the application via malicious input...

Non-Responsive Delegation Attack' (NRDelegation Attack)

unbound:edge is vulnerable to non-responsive delegation attack. The attacker can cause a resolver to spend a lot of time/resources resolving records under a malicious delegation point where a considerable number of unresponsive NS records reside...

Information Leak

Linux Kernel is vulnerable to information leak. It is possible due to a flaw in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel, allowing a local attacker with a special user privilege CAPSYSADMIN or CAPSYSRAWIO to create issues with confidentiality...

Denial Of Service (DoS)

next is vulnerable to denial of service. The vulnerability exists in the extended function of getClonableBody in body-streams.ts due to some unhandled rejections when a connection is canceled with the edge runtime which allows an attacker to cause an application crash...

Cross-site Scripting (XSS)

grafana is vulnerable to cross-site scripting. The vulnerability exists in the unified alerting feature which allows an attacker to elevate privileges by tricking an authenticated admin to click on a link...

Regular Expression Denial Of Service (ReDoS)

split-html-to-chars is vulnerable to regular expression denial of service. The vulnerability exists in Splitter function in index.js because the html inputs are not properly sanitized due to insufficient regular expression complexity applied when splitting html to letters for animation which allo...

Server-side Request Forgery (SSRF)

Grafana is vulnerable to server-side request forgery. The vulnerability allows someone to bypass these security configurations if a malicious datasource running on an allowed host returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request...

Remote Code Execution (RCE)

rh-dotnet is vulnerable to Remote Code Execution Vulnerability...

Information Disclosure

phpmyadmin/phpmyadmin is vulnerable to information disclosure. An attacker can gain sensitive information through the lang parameter,pmaparameter, and the cookie section by providing malicious invalid requests...

Privilege Escalation

kernel is vulnerable to privilege escalation. The vulnerability exists due to an out of bounds write due to a missing bounds check...

Improper Access Control

github.com/golang/go is vulnerable to improper access control. A remote attacker is able to exploit the vulnerability by imposing as an actor who is supposed to be creating branches but not tags, then tricking the library to misinterpret branch names that falsely appear to be version tags...

Denial Of Service (DoS)

qemu is vulnerable to Denial Of Service DoS. The vulnerability exists in the floppy disk emulator of QEMU allows privileged user to crash the QEMU...

Denial Of Service (DoS)

qemu is vulnerable to Denial Of Service DoS. The vulnerability exists due to a heap buffer overflow was found in the floppy disk emulator of QEMU in fdctrltransferhandler in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system...

Heap Corruption

chrome is vulnerable to heap corruption. The vulnerability exists due to a use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page...

Function Spoofing

firefox is vulnerable to function spoofing. By displaying a form validity message in the correct location at the same time as a permission prompt such as for geolocation, the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the...

Information Disclosure

openjdk is vulnerable to information disclosure. A low privileged attacker with network access is able to gain unauthorized access to critical data or complete access to openjdk...

Denial Of Service (DoS)

apache2 is vulnerable to denial of service. The vulnerability exists due to a null pointer dereference during HTTP/2 request processing...

Server-Side Forgery Request

xstream is vulnerable to Server-Side Forgery Request. An attacker can manipulate the processed input stream and replace or inject objects, that result in a server-side forgery request...

Symlink Attack

tar is vulnerable to Symlink Attack. An attacker is able to write files to arbitrary locations on the file system via a malicious tar file...

Denial Of Service (DoS)

unbound is vulnerable to denial of service. There is no available reproducer or proof of concept for this issue, nor it was ever proven the buffer overflow can happen in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impac...

Denial Of Service (DoS)

postgresql is vulnerable to denial of service DoS. The vulnerability exists through the lack of bounds check during the modification of certain SQL array values, allowing authenticated database users write arbitrary bytes to a wide area of server memory...

Privilege Escalation

kernel is vulnerable to privilege escalation. A use-after-free in doepollctl and eploopcheckproc of eventpoll.c allows an attacker to obtain additional execution privileges...

Information Disclosure

curl is vulnerable to information disclosure. The libcurl does not strip off user credentials from the URL when automatically populating the HTTP request header field in outgoing HTTP requests, allowing a malicious user to retrieve sensitive data from the server in second HTTP request...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists by triggering AP to send IAPP location updates for stations before the required authentication process has completed...

Denial Of Service (DoS)

linux is vulnerable to denial of service DoS. The vulnerability exists through a memory leak if PERFEVENTIOCSETFILTER is used...

Open Redirection

notebook is vulnerable to open redirection. An attacker may send a malicious link to a notebook server resulting in a redirection of users to third-party sites...

Denial Of Service (DoS)

linux is vulnerable to denial of service DoS. The vulnerability exists through a failure of the file system metadata validator in XFS, causing an inode with a valid, user-creatable extended attribute to be flagged as corrupt...

Arbitrary Code Execution

kernel is vulnerable to arbitrary code execution. The vulnerability exists through an out of bounds write in i2c driver leads to local escalation of privilege...

Privilege Escalation

kernel is vulnerable to privilege escalation. The DAX hugepages not considered during mremap, allowing a local attacker to obtain higher privileges on the system...

Remote Code Execution (RCE)

ICU is vulnerable to remote code execution RCE. The vulnerability exists through an integer overflow in UnicodeString::doAppend...

Information Disclosure

Kernel is vulnerable to information disclosure. The vulnerability exists due to incomplete Spectre-RSB mitigation which allows an attacker to gain access to sensitive information...

Privilege Escalation

microcodectl is vulnerable to privilege escalation. The vulnerability exists through the Special Register Buffer Data Sampling SRBDS module...

XML External Entities (XXE)

log4net is vulnerable to XML external entity attacks. External DTDs are enabled by default and allow attackers to perform XXE attacks using malicious XML data and documents...

Information Disclosure

python is vulnerable to information disclosure. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address tha...

XML External Entity

dom4j is vulnerable to XML external entity attacks. The default SaxReader does not disable external DTDs and External Entities by default, allowing an attacker to access local or internal network resources, or perform requests on behalf of the server...

Remote Code Execution (RCE)

PHP is vulnerable to remote code execution RCE. It was discovered that the fix for CVE-2011-4885 released via RHSA-2012:0071, RHSA-2012:0033, and RHSA-2012:0019 for php packages in Red Hat Enterprise Linux 4, 5, and 6 respectively introduced an uninitialized memory use flaw. A remote attacker cou...

Denial Of Service (DoS)

glibc is vulnerable to denial of service. It was found that the glibc addmntent function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab mounted file systems table file. If such utilities had the setuid bit set, a local attacker could use th...