Denial Of Service (DoS)

firefox is vulnerable to denial of service DoS. The vulnerability exists as a use-after-free UAF occurs when removing data about origins...

Remote Code Execution (RCE)

Microsoft.WindowsDesktop.App.Runtime is vulnerable to remote code execution. The vulnerability is due to parsing maliciously crafted xps files, as the library does not properly implement the allow-list of legal types when calling the read method, allowing an attacker to instantiate unexpected typ...

Arbitrary Shell Command Execution In The Groovy Scripting Engine

The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script...

Denial Of Service (DoS)

github.com/grafana/grafana is vulnerable to Denial Of Service DoS. The vulnerability exists due to executing concurrent mixed queries through the executeConcurrentQueries function of query.go, which allows an attacker to cause an application crash by calling the query API directly...

Prototype Pollution

superjson, is vulnerable to prototype pollution. The vulnerability exists through the 'getDeep' function in 'accessDeep.ts' file allowing an attacker to exploit the vulnerability by injecting arbitrary code on the server...

Denial Of Service

elasticsearchis vulnerable to Denial Of Service. The vulnerability exists due to an uncontrolled recursion in the Grok parser...

Regular Expression Denial Of Service (ReDoS)

jquery-validation is vulnerable to regular expression denial of service. The vulnerability exists in addMethod in url2.js due to insufficient regular expression complexity which allows an attacker to cause a ReDoS...

Privilege Escalation

busybox is vulnerable to privilege escalation. Winbindd doesn't start when allow trusted domains is off allowing remote attackers to bypass restrictions and gain unauthorized access...

Command Injection

ImageMagick is vulnerable to Command Injection. The vulnerability exists via video:vsync or video:pixel-format options in VIDEO encoding/decoding which allows an attacker to inject and execute arbitrary codes into the system...

Prototype Pollution

chart.js is vulnerable to prototype pollution. The vulnerability exists through the lack of sanitization of the options parameter, allowing an attacker to inject and overwrite arbitrary properties...

Denial Of Service (DoS)

ImageMagick is vulnerable to Denial Of Service DoS. The vulnerability exists due to a heap based buffer overflow in the extra examples because the buffer size is not properly handled which allows an attacker to cause an application crash...

Denial Of Service

openssl is vulnerable to denial of service. The vulnerability exists due to the system constructing valid ASN1STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1STRING array...

Remote Code Execution (RCE)

log4j-core is vulnerable to Remote Code Execution RCE. Lack of limiting JNDI access to data source names allows an attacker with privilege to modify logging configuration to send malicious configuration via JDBC Appender with a data source referencing a JNDI URI...

Integer Overflow

ImageMagick is vulnerable to Integer Overflow. The vulnerability exists due to improper casting of double to sizet which allows an attacker to cause an application crash...

Sql Injection

org.postgresql, postgresql is vulnerable to Sql Injection. The vulnerability is caused due to not escaping user provided literal parameter values in SQL query when using configuration option PreferQueryMode=SIMPLE. An attacker can exploit this vulnerability to inject SQL to alter the query by...

Information Disclosure

python is vulnerable to information disclosure. It is because the cookie domain check returns incorrect results...

Privilege Escalation

apache2 is vulnerability to privilege escalation. An attacker may exploit the vulnerability by sending a crafted method through HTTP/2 which will bypass validation and be forwarded by modproxy, which can lead to request splitting or cache poisoning...

Information Disclosure

elasticsearch is vulnerable to information disclosure. The vulnerability exists when Document or Field Level Security is used, as search queries do not properly preserve security permissions when executing certain complex queries...

Prototype Pollution

angularjs is vulnerable to prototype pollution. An attacker is able to add or modify properties of the Object.prototype by using a malicious proto object in the merge function, resulting in possible execution of arbitrary code...

Insecure Session Management

spring-vault-core is vulnerable to Insecure Session Management. The vulnerability exists because the library does not properly hide sensitive information from logs after a revocation failure, which allows an attacker to insert sensitive information into a log file when it attempts to revoke a Vau...

Denial Of Service (DoS)

elasticsearch is vulnerable to Denial Of Service DoS. The vulnerability is caused due to a lack of exception handling while calling the simulate pipeline API. The script processor of an ingest pipeline fails to handle malformed scripts. This can lead to an elastic node crash and ultimately deny...

Deserialization Of Untrusted Data

jackson-databind is vulnerable to deserialization of untrusted data. A Polymorphic Typing issue existed in the library as DefaultTransactionManagerLookup and JNDIConnectionSource was missing from the validator function.. This only occurs when Default Typing is enabled either globally or for a...

Cross-Site Scripting (XSS)

jquery is vulnerable to cross-site scripting XSS. When passing a HTML containing elements to one of jQuery's DOM manipulation methods i.e. .html, .append, and others, untrusted code may potentially be executed...

Remote Code Execution (RCE)

log4j is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of LDAP and other JNDI related endpoints allowing an attacker who can control log messages or log message parameters to inject and execute arbitrary code via remote LDAP servers when message looku...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to Denial Of Service DoS. The vulnerability exists in the Server: Optimizer component, allowing an attacker to crash the application through the multiple protocols...

Information Disclosure

OpenSSL is vulnerable to information disclosure. It is possible because a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key can be recovered using a Bleichenbacher padding oracle attack after an attacker is notified with status of...

HTTP Request Smuggling

webrick is vulnerable to HTTP request smuggling. The vulnerability exists as the request parser allows invalid Transfer-Encoding header values of close and keep-alive to be parsed and interpreted incorrectly...

Remote Code Execution (RCE)

Electron is vulnerable to remote code execution RCE attacks. When IFRAME elements and "nativeWindowOpen: true" or "sandbox: true" option are used, it is possible for an attacker to launch web preferences vulnerability leading to remote code execution...

Denial Of Service

mariadb is vulnerable to denial of service. The vulnerability exists due to the system allowing unauthenticated user with access via multiple protocols to compromise MySQL Server...

Cross-site Scripting (XSS)

anywhere is vulnerable to cross-site scripting XSS attacks. The library uses a version of the serve-index package that is vulnerable to CVE-2015-8856, allowing a malicious user to inject and execute arbitrary Javascript...

Denial-of-Service (DoS)

jbossweb is vulnerable to denial of service DoS. The vulnerability exists because of an incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb, leading to DoS...

Remote Code Execution (RCE)

spring-beans is vulnerable to remote code execution. Using Spring Parameter Binding with non-basic parameter types, such as POJOs, allows an unauthenticated attacker to execute arbitrary code on the target system by writing or uploading arbitrary files e.g .jsp files to a location that can be...

Information Disclosure

github.com/grafana/google-sheets-datasource is vulnerable to Information Disclosure. The vulnerability is due to improper error message sanitization in googlesheets.go during the client.GetSpreadsheet function call. This potentially expose the Google Sheet API-key that is configured for the data...

Remote Code Execution (RCE) Through Jakarta Multipart Parser

struts2-core is vulnerable to remote code execution RCE. The vulnerability exists due to the improper handling on the Content-Type header when an invalid Content-Type is received, in conjunction with the use of the Jakarta based file upload Multipart parser. An exception will be thrown on invalid...

Improper Input Validation

github.com/hashicorp/vault is vulnerable to Improper Input Validation. The vulnerability is due to the transit secrets engine which allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. This could allow an attacker to potentially decrypt arbitrary...

Cross-site Scripting (XSS)

bootstrap is vulnerable to cross-site scripting XSS attacks. The attacks exist because the data-target attribute uses user-supplied input which is then interpreted directly using standard HTML entities encoding...

Buffer Overflow

apache2 is has buffer overflow. An attacker is able to cause the vulnerability by sending a crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts...

Cross-site Scripting (XSS)

jQuery-UI is vulnerable to cross-site scripting. The value of 'of' option of the '.position' in 'position.js' is not properly encoded, which allows a malicious attacker to inject and execute arbitrary Javascript...

Denial Of Service (DoS)

ImageMagick is vulnerable to Denial Of Service DoS. The vulnerability exists in DrawPrimitive function of draw.c which allows an attacker to pass a specially crafted SVG file that leads to a segmentation fault leading to an application crash...

Integer Overflows

SQLite is vulnerable to an integer overflow in sqlite3strvappendf in printf.c...

Symlink Bypass

github.com/opencontainers/runc is vulnerable to Symlink Attack. The vulnerability exists because the proc and sysfs attributes do not properly check whether the destination is a symlink or not, which allows an attacker to bypass the AppArmor or SELinux when /proc inside the container is symlinked...

Insecure Path Defaults

OpenSSL has Insecure Path Defaults. When installed on a Windows machine, the default OPENSSLDIR is C:/usr/local which is world writable. This allows an attacker to modify OpenSSL's default configuration, insert CA certificates, modify or even replace existing engine modules, etc...

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of service. An attacker is able to crash the server via a malicious SessionHeader sent by an origin server...

Information Disclosure

github.com/weaveworks/tf-controller is vulnerable to Information Disclosure. A flaw in Weave GitOps Terraform Runners tf-runner allows an authenticated remote attacker to acquire user information in pod logs due to accidentally displaying sensitive data by the victim. The functions tfexec.ShowPla...

Deserialization Of Untrusted Data

org.springframework.kafka, spring-kafka is vulnerable to Deserialization Of Untrusted Data. The vulnerability is caused by not setting ErrorHandlingDeserializer when checkDeserExWhenKeyNull or checkDeserExWhenValueNull container properties are set to true. An attacker can construct a malicious...

Authorization Bypass

hangfire is vulnerable to authorization bypass. Remote attackers are able to gain access to hangfire dashboard from outside of the server because no authorization filters are being used by default...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to Denial of Service DoS attacks. A malicious authenticated attacker is able to cause a hang or frequently repeatable crash via multiple protocols to compromise MySQL Server...

Remote Code Execution (RCE)

dolibarr/dolibarr is vulnerable to remote code execution. Attackers are able to perform remote code execution because the application doesn't properly escape backticks in the website builder module...

Denial Of Service (DoS) Through Out Of Bounds Read

OpenSSL is vulnerable to denial of service DoS attacks. The vulnerability exists when a truncated packet causes an out-of-bounds OOB read on an SSL/TLS server/client on a 32-bit host using a specific cipher such as CHACHA20/POLY1305 or RC4-MD5 cipher...

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of serviceDoS attacks. This is because of the way Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted...