Regular Expression Denial Of Service (ReDoS)

micromatch is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due a regex expression with inefficient complexity within the micromatch.braces method. An attacker can submit a large payload without a closing bracket, which results in Regular Expression Denial of...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Optimizer component, allowing attacker to cause an application crash through the multiple protocols...

Packet Injection

kernel is vulnerable to packet injection. The vulnerability exists due to the WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network...

Denial Of Service (DoS)

systemd is vulnerable to denial of service. An attacker is able to crash the application using an excessive size value involving strdupa and alloca for a pathname...

Cross-Origin Resource Sharing (CORS) Bypass

github.com/usememos/memos is vulnerable to Cross-Origin Resource Sharing CORS Bypass. The vulnerability is due to a CORS misconfiguration where an arbitrary origin is reflected with Access-Control-Allow-Credentials set to true, which may allow an attacker to perform cross-origin requests,...

HTTP Request Smuggling

guzzlehttp/psr7 is vulnerable to HTTP Request Smuggling. The vulnerability exists in assertHeader function of MessageTrait.php due to improper header parsing which allows an attacker to sneak in a newline \n into both the header name and value, resulting in HTTP cache poisoning and phishing attac...

Cross-site Scripting (XSS)

bootstrap is vulnerable to cross-site scripting XSS attacks. The vulnerability exists due to the lack of sanitization of the target property in affix.js, allowing XSS attacks...

Remote Code Execution

fsevents is vulnerable to Remote Code Execution. The vulnerability is caused by loading a fsevents binary from an arbitrary AWS S3 bucket during installation. This S3 bucket URL was vulnerable to take over by malicious actors, but a security researcher claimed the bucket URL to protect against...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Optimizer component, allowing attacker to cause an application crash through the multiple protocols...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Optimizer component, allowing attacker to cause an application crash through the multiple protocols...

Denial Of Service (DoS)

firefox:devel is vulnerable to denial of service. A document could have caused a use-after-free of a language service object during a process shutdown, leading to an application crash...

Remote Code Execution

xalan:xalan is vulnerable to remote code execution. An attacker is able to corrupt Java class files generated by the internal XSLTC compiler and execute harmful Java bytecodes on the host machine due to an integer truncation flaw which occurs during XSLT style sheet processing...

Remote Code Execution (RCE)

openjdk17 is vulnerable to remote code execution. It allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to...

Signature Validation Bypass

jsonwebtoken is vulnerable to signature validation bypass. The lack of algorithm definition in the jwt.verify function leads to signature validation bypass due to defaulting to the none algorithm for signature verification, which allows an attacker to bypass the verification mechanism...

Prefix Truncation Attack (Terrapin Attack)

libssh is vulnerable to Terrapin attack. The vulnerability is due to mishandling of the handshake phase and sequence numbers in the SSH Binary Packet Protocol BPP with certain OpenSSH extensions. This allows an attacker to bypass integrity checks and omit packets during extension negotiation, and...

Server-Side Request Forgery (SSRF)

axios is vulnerable to server-side request forgery SSRF. The vulnerability exists due to a lack of validation of the URL that is passed via the request from client, allowing the attacker to bypass a proxy and submit requests on behalf of the server by providing a URL that responds with a redirect...

Remote Code Execution (RCE)

firefox and thunderbird are vulnerable to Remote Code Execution RCE. An out of date graphics library likely contained vulnerabilities that could potentially be exploited to upload and execute malicious code on the system...

Signature Verification Bypass

Oracle Java SE and Oracle GraalVM Enterprise Edition product of Oracle Java SE their component: Libraries are vulnerable to signature verification bypass. The vulnerability is possible due to a flawed implementation of ECDSA verification code rewritten from native C++ code, allowing an attacker t...

Path Traversal

apache2 has path traversal. The vulnerability exists due to a flaw found in a change made to path normalization...

Prototype Pollution

jquery is vulnerable to prototype pollution attacks. The vulnerability exists as it is possible to overwrite Object.prototype with arbitrary object properties...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the C API component, allowing an attacker to cause an application crash though the multiple protocols...

HTTP Request Smuggling (HRS)

gunicorn is vulnerable to HTTP Request Smuggling HRS. The vulnerability is due to improper processing of Transfer-Encoding headers by treating them as chunked regardless of the specified encoding , which allows attackers to bypass security restrictions and access restricted endpoints by crafting...

Information Disclosure

puppet is vulnerable to information disclosure. The vulnerability exists due to HTTP credential leaking when following HTTP redirects to a different host...

Remote Code Execution

spring-cloud-function-context is vulnerable to remote code execution. The routing functionality allows a user to provide a malicious SpEL as a routing-expression which would allow arbitrary OS commands to be executed remotely...

Arbitrary Code Execution

Apache Commons Collections ACC library is vulnerable to arbitrary code execution. The vulnerability is possible because it directly uses ACC, or contains ACC, in the classpath, allowing a malicious user to inject and execute arbitrary code upon deserialization...

Cross-site Scripting (XSS)

React Router is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of untrusted input in the meta / APIs during server-side rendering, which allows an attacker to inject malicious script content into generated script:ld+json tags and execute arbitrary JavaScript...

Denial Of Service (DoS)

elasticsearch is vulnerable to Denial of service attack. The vulnerability is due to the search API which allows specially crafted query strings to cause a stack overflow...

Path Traversal

github.com/grafana/grafana is vulnerable to path traversal. The vulnerability exists in the getPluginAssets function in plugins.go, allowing an attacker to access local files through the URL paths such as /public/plugins/...

Privilege Escalation

github.com/portainer/portainer is vulnerable to privilege escalation. The vulnerability exists due to an insecure permissions in the isValidStackFile function allowing non-admin user to spawn new containers critical capabilities such as SYSMODULE, which can be used to take over the Docker host...

HTTP Request Smuggling

apache2 is vulnerable to HTTP Request Smuggling. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch and a non-specific pattern matches some portion of the user-supplied request-target data and is then re-inserted into the proxied...

Denial Of Service (DoS)

log4j-core is vulnerable to denial of service DoS. The vulnerability exists because previous mitigation for CVE-2021-44228 is incomplete in certain non-default configurations. An attacker can send a malicious Thread Context Map MDC input data in JNDI Lookup pattern using a non-default Pattern...

Regular Expression Denial Of Service (ReDoS)

angular is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability exists due to inefficient regular expression complexity in the angular.copy function. which allows an attacker to crash the application by submitting maliciously crafted input...

Cross-site Scripting (XSS)

jquery-ui is vulnerable to cross-site scripting attacks. The vulnerability exists in the widget function in checkboxradio.js due to a lack of input sanitization which allows a malicious attacker to inject and execute malicious javascript...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Data Dictionary component, allowing attacker to cause an application crash through the multiple protocols...

Privilege Escalation

openssh is vulnerable to privilege escalation. The vulnerability exists due to insecure initialization...

Regular Expression Denial Of Service (ReDoS)

axios is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists in trim in utils.js due to inefficient regular expression complexity which allows an attacker to crash the application by submitting a malicious string as a header...

Object Injection

wordpress is vulnerable to object injection. An attacker with the admin privilege can bypass explicit or additional hardening under certain conditions through object injection...

Cross-Site Scripting (XSS)

Bootstrap is vulnerable to cross-site scripting XSS. An attacker is able to inject arbitrary Javascript into a victim's browser via the tooltip data-viewport attribute, to steal session tokens or perform unwanted actions on behalf of the user...

Regular Expression Denial Of Service (ReDoS)

react-native-reanimated is vulnerable to regular expression denial of service attacks. Improper usage of the regular expression in the parser of Colors.js allows remote attackers to cause denial of service conditions via a maliciously crafted input...

Cross-Site Scripting (XSS)

github.com/grafana/grafana is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to improper sanitization of user inputs in the originalUrl parameter which allows an attacker to inject and execute arbitrary JavaScript...

Information Disclosure

github.com/hashicorp/vault is vulnerable to information disclosure. The vulnerability is due to insufficient input validation or improper handling of malformed payloads, which allows an attacker to expose sensitive information by triggering logging of secret data during secret creation or update...

Information Disclosure

github.com/grafana/grafana is vulnerable to information disclosure. An authenticated attacker is able to view confidential data by querying for a specific team ID because the the library exposes multiple API endpoints without proper user authorization, allowing a malicious user to gain access to...

Arbitrary Code Execution

dozer is vulnerable to arbitrary code execution attacks. It incorrectly uses a reflection-based approach to type conversion which allows attackers to execute code through serialized objects...

Cross Site Scripting (XSS)

bootstrap is vulnerable to Cross Site Scripting XSS. The vulnerability is cause due to a missing validation and sanitization in the href attribute of the tag in the carousel component in the data-slide and data-slide-to attributes. This can enable attackers to execute arbitrary JavaScript within...

Denial Of Service (DoS)

werkzeug is vulnerable to Denial of Service DoS attacks. An attacker is able to cause denial of service conditions by sending a crafted multipart data segment with many file parts to an endpoint which uses request.data, request.form, request.files, or request.getdata, causing high resource usage,...

HTTP Request Smuggling

apache2 is vulnerable to HTTP Request Smuggling. The vulnerability exists as the inconsistent interpretation of HTTP requests in modproxyajp allows an attacker to smuggle requests to the AJP server it forwards requests to...

Server Side Request Forgery (SSRF)

ip is vulnerable to Server Side Request Forgery. The vulnerability is due to the isPublic function's failure to interpret and classify hexadecimal IP address representations. If an application utilizes the isPublic or isPrivate functions to determine if an address is public, an attacker can prefo...

Denial Of Service (DoS)

apache2 is vulnerable to denial of service. apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may...

Remote Code Execution (RCE)

postgresql is vulnerable to remote code execution. The vulnerability exists due to a lack of santization of the implementation of the expected interface of the class before instantiating it which allows an attacker to execute remote code...

Privilege Escalation

sqlite3 is vulnerable to privilege escalation. The vulnerability exists through a problem during handling sub-queries with both a correlated WHERE clause and a HAVING 0 clause where the parent query is itself an aggregate...