Improper Input Validation

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interprete...

Authentication Bypass

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws t...

Arbitrary Code Execution

java is vulnerable to arbitrary code execution. The vulnerability exists through Libraries...

Information Disclosure

An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. CVE-2011-1096 JBoss Web Services leaked side-channe...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user...

Denial Of Service (DoS)

httpd is vulnerable to denial of service DoS attacks. The vulnerability exists as Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security...

Cross-site Scripting (XSS) Or Information Disclosure

Apache Tomcat is vulnerable to cross-site scripting XSS attacks and information disclosure. It permits invalid characters when parsing the HTTP request line. Attackers can exploit it, in conjunction with a proxy that also permits the invalid characters but with a different interpretation, to inje...

Arbitrary Code Execution

nss-util is vulnerable to arbitrary code execution. A heap-based buffer overflow flaw was found in the way NSS parsed certain ASN.1 structures. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash, or execute arbitrary code,...

Improper Certificate Common Name Verification Allows Spoofing SSL Servers

org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...

Denial Of Service (DoS)

libvirt is vulnerable to denial of service DoS attacks. The vulnerability exists as Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via a spoof...

Information Disclosure

kernel-rt is vulnerable to information disclosure attacks. The vulnerability exists as the Linux kernel before 3.12.2 does not properly use the getdumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a...

Request Smuggling

jetty is vulnerable to request smuggling. An integer overflow in the chunk length parsing causes a large chunk size to be interpreted as a smaller chunk size. As a result, the content in the chunk body is interpreted as a pipelined request which can be exploited by an attacker to bypass...

Remote Code Execution (RCE)

drupal/core is vulnerable to remote code execution RCE attacks. The vulnerability exists due to the lack of sanitization applied to URL endpoints where array objects can be supplied to request parameters, allowing a potential compromise of the PHP application, and even the underlying operating...

Remote Code Execution (RCE)

jackson-databind is vulnerable to remote code execution RCE attacks. Attackers can exploit an incomplete fix of CVE-2017-7525 and CVE-2017-17485 to bypass the blacklist during Jackson deserialization. In order to be vulnerable to this attack, either the use of @JsonTypeInfouse =...

Remote Code Execution (RCE)

Jackson-databind is vulnerable to remote code execution RCE attacks. Attackers can exploit an incomplete fix of CVE-2017-7525 to bypass the blacklist when Spring libraries are available on the class path. In order to be vulnerable to this attack, either the use of @JsonTypeInfouse =...

Improper Input Validation

postcss is vulnerable to Improper Input Validation. The vulnerability is due to the REBADBRACKET in tokenize.js which does not account for carriage returns \r. This means that any CSS containing a carriage return character \r would not be matched by this regular expression, potentially allowing...

Denial Of Service (DoS)

redis is vulnerable to Denial of Service DoS attacks. This vulnerability occurs when a replica sends a specially crafted message to the master. If the message is valid, the master could be tricked into entering an infinite loop. This could prevent the master from serving requests from other...

Remote Code Execution (RCE)

nilsteampassnet/teampass is vulnerable to Remote Code Execution RCE. The vulnerability exists due to lack of restrictions of certain input fields which are directly inserted into a tp.config.php which allows an attacker to inject and execute malicious PHP code...

LDAP Injection

org.bouncycastle is vulnerable to LDAP injection. The vulnerability exists because the engineGetCRLs function in X509LDAPCertStoreSpi.java does not properly validate the X.509 certificates, allowing an attacker to insert malicious certificate's subject name with special characters such as...

Authentication Bypass

gradio is vulnerable to Authentication Bypass. The vulnerability exists due to the use of hard coded private ssh keys when sharing demos, which allows an attacker to gain access to other demos on the system...

Authentication Bypass

PHP is vulnerable to Authentication Bypass. The vulnerability exists because the Passwordverify function always returns true with some hashes, allowing an attacker to modify password hashes...

Authentication Bypass

Concrete CMS is vulnerable to authentication bypass. The vulnerability exists due to lack of authentication checks in the password.legacysalt parameter in User.php which allows an attacker to bypass permission checks to access the system...

Denial Of Service (DoS)

golang.org/x/text is vulnerable to denial of service. The vulnerability exists in the ParseAcceptLanguage function of parse.go, allowing an attacker to cause an application crash through the maliciously crafted Accept-Language header...

Server-Side Request Forgery

org.apache.xmlgraphics:batik-bridge is vulnerable to server-side request forgery. The vulnerability exists in DefaultExternalResourceSecurity because the constructor logic does not properly restrict external resources, which allows remote attackers to cause SSRF bypass and gain access to...

Use-After-Free

libexpat.so is vulnerable to use-after-free. The vulnerability is possible because the raw names will be pointing into the stored entity value instead of the parse buffer in doContent method of the file xmlparse.c, which doesn't release the consumed memory...

Denial Of Service (DoS)

next is vulnerable to denial of service. The vulnerability exists in the extended function of getClonableBody in body-streams.ts due to some unhandled rejections when a connection is canceled with the edge runtime which allows an attacker to cause an application crash...

Remote Code Execution (RCE)

org.grails, grails-databinding is vulnerable to remote code execution. The vulnerability exists in the isOkToBind function of SimpleDataBinder.groovy, allowing an attacker to execute code by gaining access to the class loader...

CRLF Injection

undici is vulnerable to CRLF Injection. The vulnerability exists due to the lack of sanitization used in the request path url in the request class of request.js, allowing an attacker to inject and execute malicious request headers when that header contains the \r\n characters...

Denial Of Service (DoS)

org.springframework.security:spring-security-oauth2-client is vulnerable to denial of service DoS attacks. An attacker is able to cause resource exhaustion via sending multiple requests initiating the authorization request for the authorization code grant using a single session or multiple...

Cross Site Scripting (XSS)

busybox is vulnerable to Cross Site Scripting XSS. The vulnerability exists due to arbitrary code execution which allows an attacker to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal...

Remote Code Execution (RCE)

rh-dotnet is vulnerable to Remote Code Execution Vulnerability...

Remote Code Execution (RCE)

Apache Chainsaw in log4j is vulnerable to remote code execution. The vulnerability exists due to a deserialization of untrusted object vulnerability allowing an attacker to execute maliciously scripted code via the system...

Log Injection

Spring Framework is vulnerable to privilege escalation. The vulnerability exists due to lack of secure validations of user input which allows a malicious user to inject additional log files...

Improper Input Validation

Java SE is vulnerable to improper input validation. An attacker can perform service disruption through the JSSE component in the oracle GraalVM enterprise edition...

Information Disclosure

openjdk is vulnerable to information disclosure. A low privileged attacker with network access is able to gain unauthorized access to critical data or complete access to openjdk...

Server-Side Forgery Request

xstream is vulnerable to Server-Side Forgery Request. An attacker can manipulate the processed input stream and replace or inject objects, that result in a server-side forgery request...

Remote Code Execution (RCE)

Oracle Java SE is vulnerable to remote code execution. A flaw was found in the way the Library component of OpenJDK handled JAR files containing multiple MANIFEST.MF files. Such JAR files could cause signature verification process to return an incorrect result, possibly allowing tampering with...

Authorization Bypass

grafana is vulnerable to authorization bypass. The team sync HTTP API allows any authenticated user to add external groups to existing teams. This vulnearbilitycan be abused to grant a user team arbitrary permissions...

Denial Of Service (DoS)

jetty-io is vulnerable to denial of service. An attacker is able to send a large TLS frame with data length of more than 17408, resulting in high CPU consumption and a potential application crash...

Remote Code Execution

velocity-engine-core is vulnerable to remote code execution. The Uberspector fails to prevent access to java.lang.ClassLoader methods and allows an attacker that is able to modify Template contents to execute arbitrary Java code or run arbitrary system commands with the same privileges as the...

Remote Code Execution (RCE)

tomcat9 is vulnerable to remote code execution RCE. The vulnerability exists through the incomplete fix for CVE-2020-9484, with a configuration edge case that was highly unlikely to be used...

Denial Of Service(DoS)

chromium, sid is vulnerable to Denial of ServiceDoS. Inappropriate implementation in V8 in Google Chrome allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Remote Code Execution

struts2-core is vulnerable to remote code execution. Tag attributes can be used to perform a double evaluation when forced OGNL evaluation is applied, by using the %... syntax. This can lead to remote code execution when an attacker provides a malicious input to be evaluated...

Information Disclosure

PHP is vulnerable to Information Disclosure. Reading past the allocated buffer is possible when using certain mbstring functions to convert multi-byte encodings...

Arbitrary Code Execution

kernel is vulnerable to arbitrary code execution. The vulnerability exists through an out of bounds write in i2c driver leads to local escalation of privilege...

Cross-Site Scripting (XSS)

prismJS is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary javascript via the url function of Previewers plugin...

Privilege Escalation

kernel is vulnerable to privilege escalation. The DAX hugepages not considered during mremap, allowing a local attacker to obtain higher privileges on the system...

Privilege Escalation

kernel is vulnerable to arbitrary code execution. An out-of-bounds memory access via mmio ring buffer allows an attacker to escalate privilege or crash the system...

Privilege Escalation

kernel is vulnerable to privilege escalation. A buffer overflow in the mwifiexcmdappendvsietlv function in drivers/net/wireless/marvell/mwifiex/scan.c allows an attacker to gain higher privileges or cause a denial of service condition...

Information Disclosure

python is vulnerable to information disclosure. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address tha...