Stored XSS

Grafana is vulnerable to Stored XSS. The vulnerability is due to not sanitizing the SVG image output displayed on the browser leading to arbitrary JavaScript to be executed in the context of the currently authorized user. The attacker with an editor role can achieve vertical privilege escalation ...

Sensitive Information Disclosure

webpack is vulnerable to Sensitive Information Disclosure. The vulnerability exists because ImportParserPlugin.js does not restrict cross-realm object access and mishandles the magic comment feature, allowing an attacker who controls a property of an untrusted object to obtain access to the real...

Side-Channel Attack

openssl is vulnerable to side channel attacks. The library falls back to non-side channel resistant code paths when an OpenSSL EC group is constructed without a cofactor present, using explicit parameters instead of a named curve. This can result in the recovery of the full key during an ECDSA...

Unauthenticated Access

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update...

Use-After-Free

chromium is vulnerable to use-after-free. The vulnerability is possible because of a flaw in the Service Worker API component, which leads to heap use-after-free...

Denial Of Service (DoS)

libcurl.so is vulnerable to denial of service DoS. The vulnerability is due to a flaw in the 'globbing' feature, which causes integer overflow and out-of-bounds read if the input is a malicious one...

Improper Verification Of Cryptographic Signature

github.com/minio/minio is vulnerable to authorization bypass. The vulnerability is due to improper signature verification due to the ability to use arbitrary secrets to upload objects if the attacker has prior WRITE permissions and access to the access key and bucket name...

Denial Of Service (DoS)

python3 is vulnerable to denial of service. An attacker is able to craft a TAR archive that results in an infinite loop when parsed in tarfile.open due to a lack of header validation in procpax...

Server-Side Request Forgery (SSRF)

django is vulnerable to server-side request forgery. The vulnerability exists due to the inadequate validation of leading zeroes in IPv4 addresses in the validateipv4address function...

Arbitrary Code Execution

php-cgi is susceptible to arbitrary code execution. An attacker can inject arbitrary script because it does not properly handle the query strings without an = equals sign character, leading to malicious code execution with the privileges of the PHP interpreter...

Improper Authorization

github.com/hashicorp/vault is vulnerable to Improper Authorization. The vulnerability is due to the JWT auth method improperly validating the audience and role-bound claims, allowing invalid logins to succeed when they should have been rejected...

Information Disclosure

github.com/openshift/origin is vulnerable to information disclosure. The vulnerability is possible because kubernetes watch cache does not return the correct data in a multi tenant environment, revealing the data of a user to another user...

Arbitrary Code Execution Or Denial Of Service (DoS)

OpenSSL is vulnerable to arbitrary code execution or denial of service attacks. Due to a flaw, an attacker can use a certificate which leads to a crash or execution of arbitrary code upon verification or re-encoding of certificate by OpenSSL...

Denial Of Service (DoS) Through Memory Leak

ImageMagick is vulnerable to denial of service DoS attacks. Leveraging a flaw in the ReadDIBImage function, attackers can pass a dib file to the application to cause memory leaks...

Remote Code Execution (RCE)

Joplin is vulnerable to remote code execution. The vulnerability is due to the application not validating the schema or protocol of existing links. An attacker can upload a malicious markdown file with links, which will be opened by shell.openExternal when a user opens the markdown file, resultin...

Denial Of Service (DoS)

Python is vulnerable to denial of serviceDoS attacks. This is because the implementation of catastrophic backtracking. A remote authenticated user could trigger a denial of service condition via backtracking in 'difflib.ISLINEJUNK' method in difflib which may leads to a application crash...

Path Traversal

aws-java-sdk-s3 is vulnerable to path traversal. The vulnerability exists due to the insufficient guard logic used for the download directory in the leavesRoot function of TransferManager.java, allowing an attacker to access files from the S3 bucket that is one level up in the file system by...

Remote Code Execution (RCE)

Redis is vulnerable to remote code execution. The vulnerability exists due to heap-based Lua stack to be overflowed. An attacker is able to crash the system by sending a maliciously crafted script to the system...

Denial Of Service (DoS)

libressl is vulnerable to denial of service. The vulnerability exists due to a bug in the BNmodsqrt function which goes into an infinite loop which then causes an application crash...

Same-Origin Policy Bypass

chromium is vulnerable to Same-Origin Policy Bypass. The vulnerability exists due to the insufficient policy enforcement in Intents of the library, allowing an attacker to bypass same origin policy via a maliciously crafted HTML page...

Arbitrary Code Execution

ppp is vulnerable to arbitrary code execution. eap.c has an rhostname buffer overflow in the eaprequest and eapresponse functions, allowing an attacker to execute arbitrary code on the host OS via the vulnerability...

Directory Traversal

Tomcat is vulnerable to directory traversal. The methods getResource, getResourceAsStream, and getResourcePaths in ServletContext do not correctly validate that the paths given to them do not contain "/..". However the impact of the directory traversal is limited as "/../" is rejected. This allow...

Open Redirect

rails is vulnerable to open redirect. A remote attacker is able to redirect users to a malicious websites via a crafted X-Forwarded-Host header in combination with a certain "allowed host" format in host authorization middleware...

Access Control Bypass

rsync is vulnerable to access control bypass. A remote attacker is able to bypass access restrictions as the daemon does not check for fnamecmp filenames in the daemonfilterlist data structure in recvfiles function in receiver.c. The sanitizepaths protection mechanism is also not applied to...

Privilege Escalation

open-vm-tools is vulnerable to Privilege Escalation. The vulnerability is a file descriptor hijack within the vmware-user-suid-wrapper allowing a malicious attacker to simulate user inputs...

Path Traversal

Apache HTTP Server is vulnerable to path traversal attacks. An attacker could use a path traversal attack to map URLs to the files outside of the document root are not protected by the “require all denied” directive in the Apache configuration file...

Remote Code Execution (RCE)

Node.js was vulnerable to Remote Code Execution, XSS, application crashes due to missing input validation of host names returned by Domain Name Servers in the Node.js DNS library which can lead to output of wrong hostnames leading to Domain Hijacking and injection vulnerabilities in applications...

Privilege Escalation

github.com/moby/moby is vulnerable to privilege escalation. The vulnerability exists due to insecure permission which allows an attacker to traverse directory contents and execute programs...

Directory Traversal

ruby is vulnerable to directory traversal. It mishandles path checking within File.fnmatch functions...

Cross-site Scripting (XSS)

org.keycloak:keycloak-services is vulnerable to Cross-site Scripting XSS attacks. A remote attacker is able to insert an arbitrary URI into an error page via the oob OAuth endpoint due to incorrect null-byte handling...

Time-of-check To Time-of-use (TOCTOU)

networkd-dispatcher is vulnerable to time-of-check-time-of-use. The vulnerability exists in the vulnerable systemd unit which allows an attacker to replace scripts that elieves to be owned by root user...

Remote Code Execution (RCE)

tar is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization on the path of the entries when extracting tar files which allows an attacker to execute remote codes...

Denial Of Service (Dos)

python is vulnerable to denial of service. A null pointer dereference vulnerability was found in the certificate parsing code in Python. This causes a denial of service to applications when parsing specially crafted certificates. This vulnerability is unlikely to be triggered if application enabl...

Integer Overflow

OpenSSL is vulnerable to integer overflows. It exists due to a mishandling of overflow in rsaz512sqr for the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli...

Server Side Request Forgery (SSRF)

org.springframework:spring-web is vulnerable to Open Redirect. The vulnerability is due to insufficient validation checks of the host URL within UriComponentsBuilder.java. If an application utilizes the host validation checks, an attacker can perform an open redirect or Server-Side Request Forger...

Privilege Escalation

froxlor/froxlor is vulnerable to Privilege Escalation. The vulnerability is caused by improper handling of symbolic links. An attacker could write arbitrary data to the home directory and escalate privileges...

Privilege Escalation

openjdk is vulnerable to privilege escalation. The vulnerability exists due to a network access via multiple protocols to compromise which allows an attacker to upgrade their privilege and to gain elevated access to resources that are normally protected from an application or user...

Cross-site Scripting (XSS)

bootstrap is vulnerable to Cross-site Scripting XSS. The library does not properly sanitize the parent variable in collapse.js, allowing a malicious user to inject and execute arbitrary Javascript...

Regular Expression Denial Of Service (ReDoS)

angular is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability exists due to inefficient regular expression complexity in the resource service which allows an attacker to crash the application by submitting maliciously crafted input...

Prototype Pollution

json5 is vulnerable to prototype pollution. The vulnerability exists in the internalize function in parse.js due to not restricting keys named proto which allows an attacker to inject specially crafted strings to pollute the prototype of the resulting object...

Integer Overflow

github.com/opencontainers/runc is vulnerable to integer overflows. The vulnerability exists in containerlinux.go due to insecure handling of null bytes in mount sources which allows an attacker to bypass the namespace restrictions of the container by adding their ownNetlink payload which disables...

Remote Code Execution (RCE)

dovecot is vulnerable to remote code execution RCE. The vulnerability exists due to an improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writes...

Arbitrary Code Execution

mariadb-galera is vulnerable to arbitrary code execution attacks. The vulnerability exists as Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before...

Packet Injection

kernel is vulnerable to packet injection. The vulnerability exists due to a flaw was found in the Linux kernels implementation of wifi fragmentation handling which allows an attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where...

Arbitrary Code Injection

shopware/platform and shopware/core are vulnerable to Arbitrary Code Injection. The vulnerability exists in multiple functions of SecurityExtension.php because the inputs are properly checked which allows an attacker to inject and execute arbitrary code into the system...

Denial Of Service (DoS)

python is vulnerable to denial of service DoS. The vulnerability exists as Lib/zipfile.py allows ZIP bomb attacks which allows an attacker to cause an application crash...

Regular Expression Denial Of Service (ReDoS)

angular is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability exists due to inefficient regular expression complexity in the input type element which allows an attacker to crash the application by submitting maliciously crafted input...

Denial Of Service (DoS)

org.apache.tomcat:tomcat is vulnerable to denial of service attacks. A malicious user is able to cause denial of service conditions, when running over an untrusted network because EncryptInterceptor does not provide protection against DoS attacks...

Remote Code Execution (RCE)

ckeditor4 is vulnerable to remote code execution. The vulnerability exists due to lack of sanitization malformed HTML allowing an attacker to inject maliciously crafted script...

Cross-Site Scripting (XSS)

bootstrap is vulnerable to cross-site scripting XSS attacks. The library does not properly sanitize the target option in scrollspy.js, allowing a malicious user to inject and execute arbitrary Javascript...