Remote Code Execution (RCE)

The nokogiri gem is susceptible to Remote Code Execution RCE. These vulnerabilities are possible because the gem contains a version of the libxml2 C package which is affected by CVE-2017-7375 and CVE-2017-7376 respectively. These vulnerabilities allow a malicious user to pass a XML file to execut...

Timing Attack

jasypt is vulnerable to timing attacks. The attacks are possible because it uses Arrays.equals to verify passwords with different lengths, thereby revealing the time taken to compare the passwords...

Remote Code Execution (RCE) Through Deserialization

Jackson-databind is vulnerable to remote code execution attacks. These attacks are possible during bean deserialization and attackers are able to execute code and commands...

Denial Of Service (DoS) Through Null Pointer Dereference

OpenSSL is vulnerable to denial of service DoS attacks. A malicious user can pass PKCS7 blob to the system to cause a null pointer dereference that can cause the system to crash...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service. The vulnerability exists in the d2iECPrivateKey function due to a use-after-free which allows an attacker to crash the application via a malformed Elliptic Curve private-key file...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. A malicious user can pass a malicious ASN.1 encoded RSA PSS certificate to the system that can cause a null pointer dereference that can lead to the system crashing...

Weak Cryptographic Protection Mechanisms

OpenSSL has weak cryptographic protection mechanism. The way that the BNsqr function in OpenSSL is implemented is incorrect. It doesn't not calculate the square of a BIGNUM value making it easier for attackers to get past the protection mechanism...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service attacks. The attacks are due to a flaw in the way OpenSSL does the SSLv2 handshake messages. Therefore, when it has SSLv2 and EXPORT-grade cipher suites enabled, attackers can send malicious SSLv2 CLIENT-MASTER-Key messages to cause server failures...

Information Disclosure

mcrypt is vulnerable to information exposure. The vulnerability exists because TLS, SSH, and IPSec protocols have missing validate birthday bound which allows to remote attack access confidential information in system...

Denial Of Service (DoS)

OpenDaylight Service Function Chaining SFC is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of name resolution or references and allows an attacker to exploit incorrect resolutions to cause a Denial of Service DoS...

Credential Leakage

org.keycloak, keycloak-core is vulnerable to Credential Leakage. The vulnerability is due to a lack of proper validation and enforcement when administrators change the LDAP Connection URL without requiring re-entry of the currently configured LDAP bind credentials. The vulnerability allows an...

Remote Code Execution (RCE)

jenkins-core is vulnerable to Remote Code Execution. The vulnerability is due to unsafe deserialization of Java objects. This flaw allows attackers to execute arbitrary code via a crafted serialized Java object, which could trigger an LDAP query to a third-party server...

Improper Certificate Validation

github.com/hashicorp/vault is vulnerable to Improper Certificate Validation. The vulnerability is due to insufficient validation of client certificates when a non-CA certificate is configured as trusted. This flaw leads to authentication bypass using the TLS certificate auth method with non-CA...

Information Exposure

sanitize-html is vulnerable to Information Exposure. The vulnerability is due to the parsing of CSS through the style attribute without disabling source maps, which can allow attackers to infer the file system structure and dependencies of the server...

Path Traversal

Jenkins Matrix Project Plugin is vulnerable to Path Traversal. The vulnerability is caused due to improper sanitization of user-defined axis names in multi-configuration projects. This could allow an attacker to manipulate or replace the config.xml files with arbitrary content, resulting in Path...

Denial Of Service (DoS)

openjdk is vulnerable to Denial of Service DoS. The vulnerability applies to Java deployments, primarily clients running sandboxed Java Web Start applications or applets, that load untrusted code e.g., code from the internet and rely on the Java sandbox for security. Successful exploitation can...

JSON Web Token (JWT) Algorithm Confusion

fast-jwt is vulnerable to JWT Algorithm Confusion. The vulnerability is caused by a missing validation on publicKeyPemMatcher constant defined in fast-jwt/src/crypto.js which is used to match all common PEM formats for public keys. An attacker can craft a malicious JWT token utilizing the HS256...

Heap Buffer Overflow

curl is vulnerable to Heap Buffer Overflow. The vulnerability is due to the SOCKS5 proxy handshake. If the hostname is longer then 255 bytes, curl switches to local name resolution, and passes the resolved address to the proxy. If the SOCKS5 handshake is slow, the long hostname is directly copied...

Denial Of Service (DoS)

python3.9 is vulnerable to Denial of Service DoS attacks. This vulnerability exists due to a flaw in the way the plistlib module parses certain Apple Property List plist files in binary format. A remote attacker can exploit this vulnerability by sending a specially crafted plist file, which could...

Arbitrary Code Execution

langchain is vulnerable to Arbitrary Code Execution. The vulnerability is due to the usage of the exec python function in PythonAstREPLTool.run which can be exploited to execute arbitrary Python code through prompt injection...

Access Restriction Bypass

chromium is vulnerable to Access Restriction Bypass. The vulnerability exists due to inappropriate implementation in Blink in Google Chrome which allows a remote attacker to perform arbitrary read/write via a crafted HTML page...

Remote Code Execution (RCE)

redis is vulnerable to Remote Code Execution RCE. This vulnerability occurs due to a flaw in the way that Redis handles cJSON and cmsgpack libraries. An attacker can exploit this vulnerability to cause Redis to crash or to execute arbitrary code...

Prototype Pollution

tough-cookie is vulnerable to Prototype Pollution. The vulnerability exists due to improper domain sanitization when using the CookieJar with rejectPublicSuffixes=false which allows an attacker to modify the base prototype, resulting in Prototype Pollution...

Improper Access Control

Jenkins Core is vulnerable to Improper Access Control. The vulnerability exists due to loading the context actions via POST request, which allows an attacker to craft a URL and perform unauthorized actions on behalf of an unexpected user...

Use After Free

libcurl.so is vulnerable to Use After Free. Even when the CURLOPTPOSTFIELDS option is enabled, libcurl may mistakenly use the read callback CURLOPTREADFUNCTION while performing HTTPS transfers to request data to send. The application might misbehave and send the incorrect data or use memory that ...

Path Traversal

git is vulnerable to Path Traversal. In the windows port of Git, no localized messages are shipped with the installer. As a result, Git is expected not to localize messages at all, and skips the gettext initialization which could be exploited...

Denial Of Services (DoS)

engine.io is vulnerable to Denial Of Services DoS. The vulnerability exists due to the uncaught exception that occurs in the handleUpgrade function of server.ts and userver.ts when providing an invalid query param, which allows an attacker to crash the application through a maliciously crafted...

Cross-Site Scripting (XSS)

ckeditor4 is vulnerable to Cross-Site Scripting XSS attacks. A web page with missing Content Security Policy configuration, initializing the editor on an element other than as a base, allows an attacker to inject and execute malicious javascript on victim's browser...

Incorrect ECC Calculation

Go is vulnerable to Incorrect ECC Calculation in its crypto/elliptic package. The vulnerability is due to defects in the functions ScalarBaseMult and ScalarMult in p256asm.go and p256ordinv.go files while performing P256 Curve implementation of Elliptic-curve cryptography ECC. The functions do no...

Information Disclosure

curl is vulnerable to Information Disclosure. curls HSTS support allows the use of HTTPS instead of HTTP but the HSTS could fail when used subsequently on the same command line leading to Cleartext Transmission which allows an attacker to gain sensitive information of the system...

Command Injection

org.apache.sling:org.apache.sling.jcr.base is vulnerable to Command Injection. The vulnerability exists in the getRepository and getRepositoryFromURL functions of RepositoryAccessor.java because it allows a remote attacker to access data stored in a remote location via JDNI or RMI. An application...

Information Disclosure

imagemagick is vulnerable to Information Disclosure. A remote unauthenticated attacker is able to gain access to embed the content of an arbitrary file when it parses a PNG image, resulting in disclosure of sensitive information...

Remote Code Execution(RCE)

git is vulnerable to Remote Code ExecutionRCE. When parsing gitattributes, multiple integer overflows may occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge, causing overflows to be triggered via a...

Regular Expression Denial Of Service (ReDoS)

loofah is vulnerable to regular expression denial of service. The vulnerability exists due to the insecure regex pattern used for the attrnode.value attribute in the scrubattributes function of scrub.rb, allowing an attacker to crash the application by providing malicious SVG attributes...

Denial Of Service (DoS)

xen is vulnerable to denial of service. The vulnerability exists due to the large memory allocation in the library, allowing an attacker to create many nodes more than the maximum allowed size and path length by accessing many nodes inside a transaction...

Information Disclosure

System.Data.SqlClient and Microsoft.Data.SqlClient packages in the .NET framework are vulnerable to information disclosure. The vulnerability occurs during heavy load, which lets an attacker access arbitrary data from asynchronously executed queries...

Arbitrary Code Execution Via Authorization Bypass

Pebble Templates is vulnerable to arbitrary code execution via authorization bypass. The vulnerability exists in BlacklistMethodAccessValidator.java because the methods that are allowed to access by pebble are not properly handled which allows an attacker to bypass and execute arbitrary codes...

Path Traversal

dcmtk is vulnerable to path traversal, A remote attacker is able to write DICOM files into arbitrary directories under controlled names...

Denial Of Service (DoS)

curl is vulnerable to denial of service attacks. A malicious user is able to cause an application crash due to improper validation of syntactic correctness of the input, which makes the server return a 400 Bad Request response...

Privilege Escalation

moodle/moodle is vulnerable to privilege escalation. The vulnerability exists due to application does not properly impose security restrictions in assigning roles which allows a remote attacker to escalate privileges on the system...

Out-of-bounds Write

vim:sid is vulnerable to Out-of-bounds Write. It causes a memory access error when substitute expression changes window...

SQL Injection

Prestashop is vulnerable to SQL injection. The vulnerability is due to the file config/smarty.config.inc.php improperly neutralizing SQL code. An attacker can chain this vulnerability to then call the PHP eval function, executing arbitrary code...

Remote Code Execution (RCE)

Redis is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of the input allowing an attacker to inject maliciously crafted script into the system...

Regular Expression Denial Of Service (ReDoS)

terser is vulnerable to regular expression denial of service. The vulnerability exists in index.js and evaluate.js because regular expressions used are not properly handled which allows an attacker to send crafted requests which causes an application crash...

Denial Of Service (DoS)

xen is vulnerable to denial of service. The vulnerability exists because the Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend which leads to a memory corruption causing an application crash...

Privilege Escalation

linux is vulnerable to privilege escalation. The vulnerability exists due to a lack of sanitization of access to the kernel debugger when booted in secure boot environments allowing an attacker to bypass UEFI Secure Boot restrictions...

Denial Of Service (DoS)

linux is vulnerable to denial of service. The vulnerability exists because the emsusbstartxmit in emsusb.c in the Linux kernel has a double free which allows an attacker to crash the application...

Privilege Escalation

linux-gcp:focal is vulnerable to privilege escalation. The vulnerability exists in afllc.c which allows an attacker to craft and inject malicious attacks...

Information Disclosure

kernel is vulnerable to information disclosure. The vulnerability exists due to a flaw was found in the Linux SCTP stack allowing an attacker to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send...

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization with modsed in contexts where the input to modsed may be very large, modsed may make excessively large memory allocations and trigger an abort...