Unsafe Number Generation

OpenSSL uses unsafe number generation. The library generates unsafe prime numbers, allowing a malicious user that can force a peer to perform multiple handshakes to conduct a man-in-the-middle attack...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. A malicious user can cause a memory leak by seeking to connect to the system with an invalid username. By opening multiple invalid connections this way, the malicious user can cause the system to run out of memory...

Denial Of Service (DoS) Via Integer Overflow

OpenSSL is vulnerable to Denial Of Service DoS attacks. A malicious user can cause an integer overflow via the MDC2Update function which can lead to an integer overflow. A malicious user can make use of this to cause a heap corruption or a denial of service...

Weak Cryptographic Protection

expat is vulnerable to having its cryptographic protection mechanisms defeated. This would only be possible when a parser that has not called XMLSetHashSalt or passed it a seed of 0. It is possible due to the use of the srand function...

Class Loader Manipulation With CookieInterceptor

Struts 2 Core is vulnerable to class loader manipulation vulnerability. The vulnerability exists because the getClass method does not properly restrict access to cookies as it accepts all cookie names when "\" is used to configure cookiesName parameter which allows remote attackers to manipulate...

Server-Side Request Forgery (SSRF)

org.apache.cxf, cxf-rt-databinding-aegis is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due improper URL sanitisation which allows an attacker to perform SSRF attacks on web services that take at least one parameter of any type. Users of other data bindings, including the...

Improper Authentication

OpenSSH is vulnerable to Improper Authentication. The vulnerability is due to destination constraints being incompletely applied due to their limitation to the first key when a PKCS11 token returns multiple keys, even though these constraints are specified during the addition of PKCS11-hosted...

Arbitrary Code Execution

pillow is vulnerable to Arbitrary Code Execution. The vulnerability is due to an improper neutralization/sanitization of keys passed to the PIL.ImageMath.eval function environment parameter. An attacker can execute arbitrary code if they have control over the keys passed to PIL.ImageMath.eval...

Cookie Mixed Case PSL Bypass

Curl is vulnerable to Cookie Mixed Case PSL Bypass. The vulnerability is caused due to a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List PSL. This allows a malicious HTTP server to set "super cookies" in curl that are passed back to more origi...

Denial Of Service (DoS)

org.springframework: spring-web is vulnerable to Denial Of Service DoS. The vulnerability is due to a lack of validation for HTTP methods in DefaultServerRequestObservationConvention.java. This allows an attacker to inject specially crafted HTTP requests that may cause Denial of Service. Note tha...

Heap-based Buffer Overflow

wireshark is vulnerable to Heap-based Buffer Overflow. The vulnerability is caused due to a component NetScreen file parser which could crash. An attacker can crash Wireshark by injecting a malformed packet onto the wire or making a user to read a malformed packet trace file...

Denial Of Service

grpc is vulnerable to Denial Of Service. The vulnerability is due to improper error handling in TCP server which allows an attacker to initiate number of concurrent connections with the server leading to denial of service...

Memory Leaks

binutils is vulnerable to Memory Leaks. The vulnerability occurs in parsestabstructfields within stabs.c which allows a malicious attacker to cause a denial of service locally...

Business Logic Errors

github.com/answerdev/answer is vulnerable to Business Logic Errors. The vulnerability exists due to a lack of server side logic for account deletion, which allows an authenticated attacker to delete the administrator account...

Denial Of Service (DoS)

github.com/golang/go is vulnerable to Denial Of Service DoS. The vulnerability exists because handshakeclient.go does not set a max RSA key size, which can lead to extremely large RSA keys in certificate chains causing a client to expend significant CPU time to verify signatures. The fix sets the...

Code Injection

go is vulnerable to Code Injection. The vulnerability exists when running an untrusted module which contains directories with newline characters in their names which allows an attacker to inject and execute arbitrary commands...

Regular Expression Denial Of Service (ReDoS)

word-wrap is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists due to the usage of an regular expression with inefficient time complexity, resulting in long parsing times...

Command Injection

go is vulnerable to Command Injection. The vulnerability allows templates containing actions in unquoted HTML attributes to be executed with empty inputs resulting in unexpected results when parsed potentially leading to allowing injection or arbitrary attributes into tags...

Path Traversal

git is vulnerable to Path Traversal. The vulnerability allows a path outside the working tree to be overwritten with partially controlled contents by feeding a crafted input into 'git apply --reject'...

Arbitrary Code Execution

github.com/golang/go is vulnerable to Arbitrary Code Execution. JavaScript templates do not consider backticks as string delimiters and do not escape them properly, which allows an attacker to bypass sanitization and execute arbitrary code on the system...

SQL Injection

moodle/moodle is vulnerable to SQL Injection. The vulnerability is due to improper SQL sanitization in lib.php, allowing an authenticated attacker to inject and execute malicious SQL queries when viewing a users recent courses, leading to Information Disclosure...

NULL Pointer Dereference

kernel is vulnerable to NULL Pointer Dereference. The vulnerability exists in the x86emulateinsn function of emulate.c while executing an illegal instruction in guest in the Intel CPU which allows an attacker cause an application crash...

Denial Of Service (DoS)

kernel-rt is vulnerable to Denial Of Service DoS. The vulnerability exists due to the incorrect TLB flush issue in the library, which leads to random memory corruption or data leaks, allowing an attacker to cause an application crash...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to Denial of Service DoS attacks. Successful attacks of this vulnerability allows an authenticated attacker to cause a hang or frequently repeatable crash...

Prototype Pollution

flat is vulnerable to prototype pollution. The vulnerability exists in the unflatten function of index.js, due to the improper checks for the key1 variable which allows an attacker to modify object prototype attributes...

Privilege Escalation

samba is vulnerable to privilege escalation. Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

Denial Of Service (DoS)

Linux Kernel is vulnerable to denial of service. The vulnerability exists due to the memory leaks in the ipv6renewoptions function of the IPv6 Handler component, allowing an attacker to cause an application crash...

Denial Of Service (DoS)

Linux Kernel is vulnerable to Denial Of Service DoS. The vulnerability exists due to the use after free in the l2capreassemblesdu function in l2capcore.c which allows an attacker to cause an application crash...

Improper Access Control

openjdk is vulnerable to improper access control. The vulnerability allows an attacker to perform unauthorized updates, insertions or deletions of some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data...

Regular Expression Denial Of Service (ReDoS)

loader-utils is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to insecure regular expression in the url variable of the interpolateName function in interpolateName.js. A remote attacker can cause denial of service via malicious regex...

Integer Overflow

ImageMagick is vulnerable to Integer Overflow. The vulnerability exists outside the range of representable values of type unsigned long at coders/pcl.c which allows an attacker to send crafted or untrusted input causing an overflow...

Denial Of Service (DoS)

libdhcp.so is vulnerable to Denial Of Service DoS. The vulnerability exists when the function optioncodehashlookup is called from addoption in option.c due to the option's refcount field which allows an attacker to crash the application via malicious input...

Privilege Escalation

rpm is vulnerable to Privilege Escalation. The vulnerability exists because of sets the desired permissions and credentials after installing a files in the system which allows a remote attacker to elevate privileges...

Denial Of Service (DoS)

github.com/golang/net is vulnerable to Denial Of Service DoS. The vulnerability exists in goAway function in server.go because the server errors are not properly handled which allows an attacker to cause an application crash...

SQL Injection

prestashop/prestashop is vulnerable to SQL injection. An attacker is able to execute arbitrary SQL queries on the target system via sending specifically crafted input through the vulnerable fetch and save methods which in turn call PHP's Eval function...

Arbitrary Code Execution

commons-configuration2 is vulnerable to Arbitrary Code Execution. The vulnerability exists because the getDefaultPrefixLookups function of ConfigurationInterpolator.java does not properly disable the default interpolation prefix lookups such as dns, url, and script during variable interpolation,...

Man-in-the-Middle (MitM)

curl is vulnerable to man-in-the-middle attacks. The vulnerability exists due to the lack of message verification in krb5, allowing an attacker to inject data to the client...

Information Disclosure

vim is vulnerable to information disclosure. A buffer over-read in function grabfilename is capable of crashing the software, memory modification, and possible remote execution...

Use After Free

kernel is vulnerable to use after free. The vulnerability exists due to a memory corruption in the hsofreenetdevice function of drivers/net/usb/hso.c which allows an attacker to escalate their privileges on the system...

Denial Of Service (DoS)

MariaDB is vulnerable to denail of service. The vulnerability exists due to a deadlock when executing the plugin/serveraudit/serveraudit.c method logstatementex...

Denial Of Service (DoS)

Envoy is vulnerable to denial of service. The vulnerability exists due to a segmentation fault in the GrpcHealthCheckerImpl allowing an attacker to crash the system by controlling an upstream host and also controlling the service discovery of that host via DNS, the EDS API, etc. and forcing the...

Remote Code Execution (RCE)

grub2 is vulnerable to remote code execution. The vulnerability exists due to a use-after-free vulnerability in grubcmdchainloader function which allows an attacker to gain access to restricted data...

Denial Of Service (DoS)

firefox is vulnerable to denial of service. The vulnerability exists due to incorrect assembly generation on arm64 leading to a register allocation problem which causes an application crash...

Information Disclosure

moodle is vulnerable to information disclosure. The vulnerability exists due to the $hiddenfields not properly set in user/profile.php and in user/view.php allowing the description user field to be seen even when it is set to hidden...

Cross-Site Scripting (XSS)

Liferay Layout SEO Web is vulnerable to stored cross-site scripting. The vulnerability exists in getOpenGraphTag function in OpenGraphTopHeadDynamicInclude.java due to lack of html escaping which allows an attacker to inject and execute arbitrary javascript...

Denial Of Service (DoS)

Red Hat Product Security has rated this issue as having Moderate security impact and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 6 and 7, hence, marked as Out-of-Support-Scope. For additional information, refer to the Issue Severity...

HTTP Request Smuggling (HRS)

twisted is vulnerable to http request smuggling. The vulnerability exists in twisted.web due to inconsistent interpretation of http requests which allows a remote attacker to conduct HTTP request smuggling attacks via a crafted request...

Denial Of Service (DoS)

.NET and Visual Studio are vulnerable to denial of service. The vulnerability exists due to a lack of sanitization allowing an attacker to crash the system...

Spoofing Attack

swagger-ui-react is vulnerable to spoofing attack. The vulnerability allows remote attackers to acquire remote OpenAPI definitions by persuading the victim to open a specifically crafted URL...

Privilege Escalation

kernel is vulnerable to privilege escalation. The vulnerability exists due to the lack of sanitization of access to the i915 Intel GPU...