38332 matches found
Remote Code Execution (RCE)
ckeditor4 is vulnerable to remote code execution. The vulnerability exists due to lack of sanitization malformed HTML allowing an attacker to inject maliciously crafted script...
Packet Injection
kernel is vulnerable to packet injection. The vulnerability exists due to a flaw was found in the Linux kernels implementation of wifi fragmentation handling which allows an attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where...
Denial Of Service (DoS)
python is vulnerable to denial of service DoS. The vulnerability exists as Lib/zipfile.py allows ZIP bomb attacks which allows an attacker to cause an application crash...
Arbitrary Code Injection
shopware/platform and shopware/core are vulnerable to Arbitrary Code Injection. The vulnerability exists in multiple functions of SecurityExtension.php because the inputs are properly checked which allows an attacker to inject and execute arbitrary code into the system...
Cross-Site Scripting (XSS)
bootstrap is vulnerable to cross-site scripting XSS attacks. The library does not properly sanitize the target option in scrollspy.js, allowing a malicious user to inject and execute arbitrary Javascript...
Regular Expression Denial Of Service (ReDoS)
angular is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability exists due to inefficient regular expression complexity in the input type element which allows an attacker to crash the application by submitting maliciously crafted input...
Denial Of Service (DoS)
rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Optimizer component, allowing attacker to cause an application crash through the multiple protocols...
Denial Of Service (DoS)
systemd is vulnerable to denial of service. An attacker is able to crash the application using an excessive size value involving strdupa and alloca for a pathname...
Regular Expression Denial Of Service (ReDoS)
micromatch is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due a regex expression with inefficient complexity within the micromatch.braces method. An attacker can submit a large payload without a closing bracket, which results in Regular Expression Denial of...
Signature Validation Bypass
jsonwebtoken is vulnerable to signature validation bypass. The lack of algorithm definition in the jwt.verify function leads to signature validation bypass due to defaulting to the none algorithm for signature verification, which allows an attacker to bypass the verification mechanism...
Packet Injection
kernel is vulnerable to packet injection. The vulnerability exists due to the WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network...
Remote Code Execution
fsevents is vulnerable to Remote Code Execution. The vulnerability is caused by loading a fsevents binary from an arbitrary AWS S3 bucket during installation. This S3 bucket URL was vulnerable to take over by malicious actors, but a security researcher claimed the bucket URL to protect against...
HTTP Request Smuggling
guzzlehttp/psr7 is vulnerable to HTTP Request Smuggling. The vulnerability exists in assertHeader function of MessageTrait.php due to improper header parsing which allows an attacker to sneak in a newline \n into both the header name and value, resulting in HTTP cache poisoning and phishing attac...
Remote Code Execution
xalan:xalan is vulnerable to remote code execution. An attacker is able to corrupt Java class files generated by the internal XSLTC compiler and execute harmful Java bytecodes on the host machine due to an integer truncation flaw which occurs during XSLT style sheet processing...
Cross-site Scripting (XSS)
bootstrap is vulnerable to cross-site scripting XSS attacks. The vulnerability exists due to the lack of sanitization of the target property in affix.js, allowing XSS attacks...
Denial Of Service (DoS)
rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Optimizer component, allowing attacker to cause an application crash through the multiple protocols...
Denial Of Service (DoS)
rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Optimizer component, allowing attacker to cause an application crash through the multiple protocols...
Remote Code Execution (RCE)
openjdk17 is vulnerable to remote code execution. It allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to...
Denial Of Service (DoS)
firefox:devel is vulnerable to denial of service. A document could have caused a use-after-free of a language service object during a process shutdown, leading to an application crash...
Cross Site Scripting (XSS)
bootstrap is vulnerable to Cross Site Scripting XSS. The vulnerability is cause due to a missing validation and sanitization in the href attribute of the tag in the carousel component in the data-slide and data-slide-to attributes. This can enable attackers to execute arbitrary JavaScript within...
Buffer Overflow
rsyslog is vulnerable to buffer overflow. The vulnerability exists because when there is a check for the maximum number of octets, digits are written to a heap buffer even when the octet count is over the maximum which leads to a memory corruption...
HTTP Request Smuggling (HRS)
gunicorn is vulnerable to HTTP Request Smuggling HRS. The vulnerability is due to improper processing of Transfer-Encoding headers by treating them as chunked regardless of the specified encoding , which allows attackers to bypass security restrictions and access restricted endpoints by crafting...
Prefix Truncation Attack (Terrapin Attack)
libssh is vulnerable to Terrapin attack. The vulnerability is due to mishandling of the handshake phase and sequence numbers in the SSH Binary Packet Protocol BPP with certain OpenSSH extensions. This allows an attacker to bypass integrity checks and omit packets during extension negotiation, and...
Denial Of Service (DoS)
rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the C API component, allowing an attacker to cause an application crash though the multiple protocols...
Signature Verification Bypass
Oracle Java SE and Oracle GraalVM Enterprise Edition product of Oracle Java SE their component: Libraries are vulnerable to signature verification bypass. The vulnerability is possible due to a flawed implementation of ECDSA verification code rewritten from native C++ code, allowing an attacker t...
Server-Side Request Forgery (SSRF)
axios is vulnerable to server-side request forgery SSRF. The vulnerability exists due to a lack of validation of the URL that is passed via the request from client, allowing the attacker to bypass a proxy and submit requests on behalf of the server by providing a URL that responds with a redirect...
Remote Code Execution (RCE)
firefox and thunderbird are vulnerable to Remote Code Execution RCE. An out of date graphics library likely contained vulnerabilities that could potentially be exploited to upload and execute malicious code on the system...
Remote Code Execution
spring-cloud-function-context is vulnerable to remote code execution. The routing functionality allows a user to provide a malicious SpEL as a routing-expression which would allow arbitrary OS commands to be executed remotely...
Path Traversal
apache2 has path traversal. The vulnerability exists due to a flaw found in a change made to path normalization...
Prototype Pollution
jquery is vulnerable to prototype pollution attacks. The vulnerability exists as it is possible to overwrite Object.prototype with arbitrary object properties...
Information Disclosure
puppet is vulnerable to information disclosure. The vulnerability exists due to HTTP credential leaking when following HTTP redirects to a different host...
Arbitrary Code Execution
Apache Commons Collections ACC library is vulnerable to arbitrary code execution. The vulnerability is possible because it directly uses ACC, or contains ACC, in the classpath, allowing a malicious user to inject and execute arbitrary code upon deserialization...
Denial Of Service (DoS)
elasticsearch is vulnerable to Denial of service attack. The vulnerability is due to the search API which allows specially crafted query strings to cause a stack overflow...
Path Traversal
github.com/grafana/grafana is vulnerable to path traversal. The vulnerability exists in the getPluginAssets function in plugins.go, allowing an attacker to access local files through the URL paths such as /public/plugins/...
Privilege Escalation
openssh is vulnerable to privilege escalation. The vulnerability exists due to insecure initialization...
Privilege Escalation
github.com/portainer/portainer is vulnerable to privilege escalation. The vulnerability exists due to an insecure permissions in the isValidStackFile function allowing non-admin user to spawn new containers critical capabilities such as SYSMODULE, which can be used to take over the Docker host...
Denial Of Service (DoS)
log4j-core is vulnerable to denial of service DoS. The vulnerability exists because previous mitigation for CVE-2021-44228 is incomplete in certain non-default configurations. An attacker can send a malicious Thread Context Map MDC input data in JNDI Lookup pattern using a non-default Pattern...
Regular Expression Denial Of Service (ReDoS)
axios is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists in trim in utils.js due to inefficient regular expression complexity which allows an attacker to crash the application by submitting a malicious string as a header...
HTTP Request Smuggling
apache2 is vulnerable to HTTP Request Smuggling. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch and a non-specific pattern matches some portion of the user-supplied request-target data and is then re-inserted into the proxied...
Cross-site Scripting (XSS)
jquery-ui is vulnerable to cross-site scripting attacks. The vulnerability exists in the widget function in checkboxradio.js due to a lack of input sanitization which allows a malicious attacker to inject and execute malicious javascript...
Denial Of Service (DoS)
rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Data Dictionary component, allowing attacker to cause an application crash through the multiple protocols...
Object Injection
wordpress is vulnerable to object injection. An attacker with the admin privilege can bypass explicit or additional hardening under certain conditions through object injection...
Regular Expression Denial Of Service (ReDoS)
react-native-reanimated is vulnerable to regular expression denial of service attacks. Improper usage of the regular expression in the parser of Colors.js allows remote attackers to cause denial of service conditions via a maliciously crafted input...
Cross-Site Scripting (XSS)
Bootstrap is vulnerable to cross-site scripting XSS. An attacker is able to inject arbitrary Javascript into a victim's browser via the tooltip data-viewport attribute, to steal session tokens or perform unwanted actions on behalf of the user...
Remote Code Execution (RCE)
postgresql is vulnerable to remote code execution. The vulnerability exists due to a lack of santization of the implementation of the expected interface of the class before instantiating it which allows an attacker to execute remote code...
Information Disclosure
github.com/hashicorp/vault is vulnerable to information disclosure. The vulnerability is due to insufficient input validation or improper handling of malformed payloads, which allows an attacker to expose sensitive information by triggering logging of secret data during secret creation or update...
Cross-Site Scripting (XSS)
github.com/grafana/grafana is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to improper sanitization of user inputs in the originalUrl parameter which allows an attacker to inject and execute arbitrary JavaScript...
Information Disclosure
github.com/grafana/grafana is vulnerable to information disclosure. An authenticated attacker is able to view confidential data by querying for a specific team ID because the the library exposes multiple API endpoints without proper user authorization, allowing a malicious user to gain access to...
Arbitrary Code Execution
dozer is vulnerable to arbitrary code execution attacks. It incorrectly uses a reflection-based approach to type conversion which allows attackers to execute code through serialized objects...
HTTP Request Smuggling
apache2 is vulnerable to HTTP Request Smuggling. The vulnerability exists as the inconsistent interpretation of HTTP requests in modproxyajp allows an attacker to smuggle requests to the AJP server it forwards requests to...