Path Traversal

twig/twig is vulnerable to path traversal. The vulnerability exists in findTemplate function of FilesystemLoader.php because the template loading directories are not properly configured which allows an attacker to load templates outside the configured directory...

Denial Of Service (DoS)

go is vulnerable to Denial Of Service DoS. The vulnerability exists because of an index out of range in Float.GobDecode which allows a malicious user to cause an application crash...

Information Disclosure

notebook is vulnerable to information disclosure. Authenticated attackers are able to access sensitive files, when the server root directory's only protection from the server is being hidden. The issue is there because the requests directed through ContentsManager.allowhidden = False command only...

Privilege Escalation

logrotate is vulnerable to privilege escalation. The vulnerability exists due to a lack of verification of the permission of a state file which creates a world-readable permission file when it doesn't exists allowing an attacker to lock the state file and prevent any rotation...

Denial Of Service (DoS)

.NET and Visual Studio are vulnerable to Denial Of Service DoS. The vulnerability exists due to a flaw in dotnet allowing an attacker to crash the system by sending MyCookie=chunks-2147483647 without the actual cookie chunks, causing large allocations, exceptions, and excess CPU utilization on th...

Cross-site Scripting (XSS)

mautic/core is vulnerable to cross-site scriptingXSS attacks. Insufficient sanitizations for the user inputs in InstallService.php allow remote authenticated attackers to inject and execute malicious javascript...

Denial Of Service (DoS)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated...

Denial Of Service (DoS)

openjdk is vulnerable to denial of service attacks. The vulnerability exists in Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code which allows unauthenticated attacker with network access via multiple...

Sensitive Information Disclosure

Jenkins Pipeline is vulnerable to sensitive information disclosure. It allows attackers with Item/Read permission to retrieve the default password parameter value from jobs. A flaw was found in Jenkins pipeline-build-step where it revealed password parameter default values when generating a...

Denial Of Service (DoS)

zlib is vulnerable to Denial Of Service DoS. The vulnerability exists due to a memory corruption when deflating if the input has many distant matches which will results in corrupted output due to invalid distances, which leads to out-of-bound access, corrupting the memory and potentially crashing...

Privilege Escalation

linux is vulnerable to privilege escalation. The vulnerability exists due to a lack of sanitization of the namespace isolation...

Integer Overflow

apache2 is vulnerable to Integer Overflow. The vulnerability exists in httpd where it incorrectly limits the value of LimitXMLRequestBody option which can lead to an integer overflow and later causes an out-of-bounds write...

Remote Code Execution (RCE)

firefox is vulnerable to remote code execution. The vulnerability exists due to a lack of validation of access allowing and attacker to control the contents of an iframe sandboxed with allow-popups but not allow-scripts...

Denial Of Service (DoS)

Chrome is vulnerable to denial of service. The vulnerability exists due to a Use after free in Views...

Denial Of Service (DoS)

libsolv.so is vulnerable to denial of service. An attacker can cause an application crash through the heap-overflow in the propagate function of solver.c...

SQL Injection

Roundcube is vulnerable to cross-site scripting XSS attacks. Attacker are able to inject malicious scripts via search or searchparameters resulting in SQL injection...

Denial Of Service (DoS)

busybox is vulnerable to denial of service. The vulnerability exists because it does not properly sanitize while processing a crafted awk pattern in the clrvar function which causes an application crash...

Remote Code Execution (RCE)

chrome is vulnerable to remote code execution. The vulnerability exists due to an Insufficient validation of untrusted input in Intents...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. The vulnerability exists due to a use-after-free in drivers/infiniband/core/ucma.c...

Spoofing Attack

firefox is vulnerable to spoofing attack. The vulnerability exists due to the system entering fullscreen mode without notification or warning to the user...

Improper Input Validation

Java SE is vulnerable to improper input validation. An attacker can perform service disruption through the ImageIO component in the oracle GraalVM enterprise edition...

Denial Of Service (DoS)

openexr is vulnerable to denial of service. An integer overflow in OpenEXR/IlmImf/ImfHuf.cpp allows an attacker to crash the application...

Remote Code Execution (RCE)

chromium is vulnerable to remote code execution. The vulnerability exists due to a use after free security issue has been found in the Loader component...

Arbitrary Code Execution

libcurl before version 7.77.0 can be tricked into using already freed memory when a new TLS session is negotiated or a client certificate is requested on an existing connection. For example, this can happen when a TLS server requests a client certificate on a connection that was established witho...

Arbitrary Code Execution

unbound is vulnerable to arbitrary code execution. The vulnerability exists through an integer overflow in a size calculation in respip/respip.c. A flaw was found in unbound. An integer overflow in ubpackedrrsetkey function may lead to a buffer overflow of the allocated buffer if the size can be...

Type Confusion

chromium is vulnerable to type confusion. The vulnerability is triggered by performing integer data type conversion, creating an out-of-bounds condition that could cause arbitrary memory read/write primitive...

Information Disclosure

kernel is vulnerable to denial of service. A kernel pointer leak allows an attacker to determine the address of the iscsitransport structure due to the way access to sessions and handles is handled in the iSCSI driver...

Unauthorised Data Deletion

webkit2gtk is vulnerable to unauthorised data deletion. A user may be unable to fully delete browsing history. “Clear History and Website Data” did not clear the history in some circumstances...

Arbitrary Code Execution

chromium is vulnerable to arbitrary code execution. A use-after-free in Blink allows a remote attacker to exploit a heap corruption via a malicious HTML page...

Denial Of Service (DoS)

dnsmasq is vulnerable to denial of service. A heap-based buffer overflow in the rfc1035.c:extractname function allows an attacker to crash the application...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A buffer over-read in the function cryptoauthencextractkeys when a payload longer than 4 bytes is not aligned causes a system crash...

HTTP Request Smuggling

nginx is vulnerable to HTTP request smuggling. A remote attacker is able to smuggle HTTP requests via the ngx.location.capture API...

Use-after-free

kernel is vulnerable to use-after-free. Unprivileged users are able to create RAW sockets in AFIEEE802154 network protocol...

Remote Code Execution (RCE)

github.com/gogs/gogs is vulnerable to remote code execution RCE. The vulnerability exists through git hooks which are enabled by default...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service. The vulnerability exists because of an incorrect way of handling connection tracking functionality on ipv6 port 1720, allowing an attacker to cause an application crash through the out-of-bounds memory write...

Arbitrary Code Execution

SQLite is vulnerable to arbitrary code execution. A stack-based buffer overflow and integer overflow in the sqlite3VXPrintf function in printf.c allows an attacker to execute arbitrary code on the host OS due to improperly handling of precision and width values during floating-point conversions...

Arbitrary Code Execution

gdb is vulnerable to arbitrary code execution. The vulnerability exists through a stack buffer overflow when printing bad bytes in Intel Hex objects...

Information Disclosure

curl is vulnerable to information disclosure. The vulnerability exists as a part of a password may be prepended to the host name before the host name is resolved, leading to a leak of the partial password over the network and to DNS servers...

Information Disclosure

libvirt is vulnerable to information disclosure. A file descriptor for /dev/mapper/control is leaked into the QEMU process. This file descriptor allows for privileged operations to be made against device mapper on the host...

Information Disclosure

kernel is vulnerable to information disclosure. A logic bug was found in the Linux kernels implementation of SSBD. A bug in the logic handling can allow an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in pla...

Arbitrary Code Execution

kernel is vulnerable to arbitrary code execution. A heap-based buffer overflow in the mwifiexretwmmgetstatus function in drivers/net/wireless/marvell/mwifiex/wmm.c allows an attacker to execute arbitrary code on the system...

Remote Code Execution

jackson-databind is vulnerable to remote code execution. It was possible to use the org.jsecurity gadget type as a serialization gadget through polymorphic typing and execute arbitrary code on the system...

Denial Of Service (DoS)

Mozilla Firefox is vulnerable to denial of service attacks. It happens due to memory safety bugs fixed in Firefox...

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. The vulnerability exists as an integer underflow flaw was found in the way Firefox handled large JavaScript regular expressions. A web page containing malicious JavaScript could cause Firefox to access already freed memory, causing Firefox to cra...

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service. An off-by-two error was found in the setselection function of the Linux kernel. This could allow a local, unprivileged user to cause a denial of service when making a selection of characters in a UTF-8 console. Note: physical console access is require...

Information Disclosure

xen is vulnerable to privilege escalation. A guest operating system could issue a block device request and read or write arbitrary memory locations, which could lead to privilege escalation...

Arbitrary Code Execution

seamonkey is vulnerable to arbitrary code execution. The vulnerability exists as a web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey...

Arbitrary Code Execution

xorg-x11-server is vulnerable to arbitrary code execution. The vulnerability exists as two integer overflow flaws were found in the X.Org server's EVI and MIT-SHM modules. A malicious authorized client could exploit these issues to cause a denial of service crash, or potentially execute arbitrary...

Remote Code Execution (RCE)

pyyaml is vulnerable to remote code execution RCE attacks. The application uses the unsafe function yaml.load, allowing a malicious user to inject and execute arbitrary code by passing a yaml file. This vulnerability exists due to an incomplete fix for CVE-2017-18342...