Cross-site Scripting (XSS)

Apache HTTP Server is vulnerable to cross-site scripting XSS attacks. The vulnerability exists in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticat...

Session Hijacking

tomcat-util is vulnerable to session hijacking attacks. The vulnerability exists due to tomcat-util incorrectly treating single quotes as delimiters in cookies, allowing sensitive information such as session ID to be leaked. This issue is also CVE-2007-3385...

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due to a type confusion in boundfunction handling which could lead to memory corruption and allow an attacker in memory to execute arbitrary code in the context of the authenticated user. This CVE ID is different from...

HTTP Request Smuggling

jetty-http is vulnerable to http request smuggling. The application uses a parser that is too tolerant with deviations from the HTTP header specifications, allowing a malicious user cause a http request smuggling attack through the bad length parsing...

Remote Code Execution (RCE)

primefaces is vulnerable to remote code execution RCE. It uses weak encryption on the PrimeSecret and PrimeOracle which allows expression language injection and remote code execution...

Remote Code Execution (RCE)

The nokogiri gem is susceptible to remote code execution RCE attacks. The attacks exist because the library uses the C package libxml2 which is vulnerable to CVE-2017-0663, allowing a malicious user to pass a XML file to execute arbitrary code or crash the application...

Denial Of Service (DoS) Through Embedded C Library

The nokogiri gem is using libxml2 which is vulnerable to CVE-2016-3627. CVE-2016-3627 is a denial of service DoS vulnerability. It is possible because the xmlStringGetNodeList and xmlParserEntityCheck functions fail to detect a recursive loop when it is used in recovery mode, causing stack...

Heap-based Buffer Overflow Through Embedded C Dependency

The nokogiri gem contains a libxml2 package which is vulnerable to heap-based buffer overflow. The vulnerability is due to CVE-2016-1839 which is caused when a malicious XML file is passed to xmllint in xmlDictAddString...

Database Overwrite

mysql-connector-java is vulnerable to database overwrite. The library does not clear the cache of preparedstatements after there has been a catalog change, allowing a malicious user to use cached prepared SQL statements against a new catalog...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks and possibly other attacks. A malicious user can pass a reused session ticket to the system that can cause a double free that can lead to the system crashing...

Chain Certificate Forgery

OpenSSL is vulnerable to chain certificate forgery. A malicious user can bypass the certificate verification process, enabling the user to use a valid leaf certificate and "issue" an invalid certificate...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible because the AES-NI functionality for TLS 1.1 and 1.2 can cause an application crash through CBC data...

Denial Of Service (DoS) Through Null Pointer Dereference

OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible when SSLMODERELEASEBUFFERS is enabled because OpenSSL does not correctly manage a buffer point during recursive calls...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. A malicious user can cause a memory leak by seeking to connect to the system with an invalid username. By opening multiple invalid connections this way, the malicious user can cause the system to run out of memory...

Denial Of Service (DoS) Via Integer Overflow

OpenSSL is vulnerable to Denial Of Service DoS attacks. A malicious user can cause an integer overflow via the MDC2Update function which can lead to an integer overflow. A malicious user can make use of this to cause a heap corruption or a denial of service...

Class Loader Manipulation With CookieInterceptor

Struts 2 Core is vulnerable to class loader manipulation vulnerability. The vulnerability exists because the getClass method does not properly restrict access to cookies as it accepts all cookie names when "\" is used to configure cookiesName parameter which allows remote attackers to manipulate...

Server-Side Request Forgery (SSRF)

org.apache.cxf, cxf-rt-databinding-aegis is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due improper URL sanitisation which allows an attacker to perform SSRF attacks on web services that take at least one parameter of any type. Users of other data bindings, including the...

Arbitrary Code Execution

pillow is vulnerable to Arbitrary Code Execution. The vulnerability is due to an improper neutralization/sanitization of keys passed to the PIL.ImageMath.eval function environment parameter. An attacker can execute arbitrary code if they have control over the keys passed to PIL.ImageMath.eval...

Insecure Protocol Handling

github.com/golang/go is vulnerable to Insecure Protocol Handling. The vulnerability exists in the repoRootFromVCSPaths function of vcs.go when using go get to fetch a module with the .git suffix. It may unexpectedly fallback to the insecure git:// protocol if the module is unavailable via the...

Denial Of Service (DoS)

org.springframework: spring-web is vulnerable to Denial Of Service DoS. The vulnerability is due to a lack of validation for HTTP methods in DefaultServerRequestObservationConvention.java. This allows an attacker to inject specially crafted HTTP requests that may cause Denial of Service. Note tha...

Heap-based Buffer Overflow

wireshark is vulnerable to Heap-based Buffer Overflow. The vulnerability is caused due to a component NetScreen file parser which could crash. An attacker can crash Wireshark by injecting a malformed packet onto the wire or making a user to read a malformed packet trace file...

Denial Of Service

grpc is vulnerable to Denial Of Service. The vulnerability is due to improper error handling in TCP server which allows an attacker to initiate number of concurrent connections with the server leading to denial of service...

Memory Leaks

binutils is vulnerable to Memory Leaks. The vulnerability occurs in parsestabstructfields within stabs.c which allows a malicious attacker to cause a denial of service locally...

Denial Of Service (DoS)

github.com/golang/go is vulnerable to Denial Of Service DoS. The vulnerability exists because handshakeclient.go does not set a max RSA key size, which can lead to extremely large RSA keys in certificate chains causing a client to expend significant CPU time to verify signatures. The fix sets the...

Code Injection

go is vulnerable to Code Injection. The vulnerability exists when running an untrusted module which contains directories with newline characters in their names which allows an attacker to inject and execute arbitrary commands...

Prototype Pollution

xlsx is vulnerable to Prototype Pollution. The vulnerability exists due to the lack of checks for user inputed specially crafted files, which allows an attacker to inject malicious properties, resulting in prototype pollution...

Arbitrary Code Execution

github.com/golang/go is vulnerable to Arbitrary Code Execution. JavaScript templates do not consider backticks as string delimiters and do not escape them properly, which allows an attacker to bypass sanitization and execute arbitrary code on the system...

SQL Injection

moodle/moodle is vulnerable to SQL Injection. The vulnerability is due to improper SQL sanitization in lib.php, allowing an authenticated attacker to inject and execute malicious SQL queries when viewing a users recent courses, leading to Information Disclosure...

Denial Of Service (DoS)

kernel-rt is vulnerable to Denial Of Service DoS. The vulnerability exists due to the incorrect TLB flush issue in the library, which leads to random memory corruption or data leaks, allowing an attacker to cause an application crash...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to Denial of Service DoS attacks. Successful attacks of this vulnerability allows an authenticated attacker to cause a hang or frequently repeatable crash...

Denial Of Service (DoS)

protobuf is vulnerable to Denial Of Service DoS. The vulnerability is due to multiple instances of non-repeated embedded message inputs with repeated or unknown fields which cause the objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage...

Prototype Pollution

flat is vulnerable to prototype pollution. The vulnerability exists in the unflatten function of index.js, due to the improper checks for the key1 variable which allows an attacker to modify object prototype attributes...

Integer Overflow

ImageMagick is vulnerable to Integer Overflow. The vulnerability exists outside the range of representable values of type unsigned long at coders/pcl.c which allows an attacker to send crafted or untrusted input causing an overflow...

Denial Of Service (DoS)

libdhcp.so is vulnerable to Denial Of Service DoS. The vulnerability exists when the function optioncodehashlookup is called from addoption in option.c due to the option's refcount field which allows an attacker to crash the application via malicious input...

Privilege Escalation

linux is vulnerable to Privilege Escalation. The vulnerability exists in nftablesapi.c function in nftables cross-table in the linux kernel which will allow a local privileged attacker to cause a use-after-free problem at the time of table deletion...

Denial Of Service (DoS)

github.com/golang/net is vulnerable to Denial Of Service DoS. The vulnerability exists in goAway function in server.go because the server errors are not properly handled which allows an attacker to cause an application crash...

Denial Of Service (DoS)

chrome is vulnerable to denial of service. The vulnerability exists due to a use after free in WebGPU in Google Chrome allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SQL Injection

prestashop/prestashop is vulnerable to SQL injection. An attacker is able to execute arbitrary SQL queries on the target system via sending specifically crafted input through the vulnerable fetch and save methods which in turn call PHP's Eval function...

Arbitrary Code Execution

commons-configuration2 is vulnerable to Arbitrary Code Execution. The vulnerability exists because the getDefaultPrefixLookups function of ConfigurationInterpolator.java does not properly disable the default interpolation prefix lookups such as dns, url, and script during variable interpolation,...

Man-in-the-Middle (MitM)

curl is vulnerable to man-in-the-middle attacks. The vulnerability exists due to the lack of message verification in krb5, allowing an attacker to inject data to the client...

Denial Of Service (DoS)

MariaDB is vulnerable to denial of service. The vulnerability exists due to a deadlock indsxbstream.cc, crashing the system when an error occurs streamctxt-destfile == NULL while executing the method xbstreamopen...

Unchecked Return Value

ntfs-3g is vulnerable to unchecked return value. The vulnerability exists due to an invalid return code in fusekernmount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G when using libfuse-lite...

Cross-Site Request Forgery (CSRF)

XXL Job Core is vulnerable to cross-site request forgery. The vulnerability exists in xxl-job-admin component due to less restrictions of user permissions which allows an attacker to perform unauthorized actions...

Information Disclosure

moodle is vulnerable to information disclosure. The vulnerability exists due to the $hiddenfields not properly set in user/profile.php and in user/view.php allowing the description user field to be seen even when it is set to hidden...

Time-of-check To Time-of-Use (TOCTOU)

grunt is vulnerable to Time-of-check To Time-of-Use TOCTOU. The vulnerability exists in file.copy function in file.js because the permissions are not properly handled in both source and destination directories which allows an attacker to access and write arbitrary files...

XML External Entity (XXE) Injection

NiFi Standard Processors is vulnerable to xml external entity injection. The vulnerability exists in multiple components because EvaluateXPath, EvaluateXQuery and ValidateXml processors do not restrict XXE references when configured with default values which allows an attacker to send malicious X...

Cross-Site Scripting (XSS)

Liferay Layout SEO Web is vulnerable to stored cross-site scripting. The vulnerability exists in getOpenGraphTag function in OpenGraphTopHeadDynamicInclude.java due to lack of html escaping which allows an attacker to inject and execute arbitrary javascript...

Remote Code Execution (RCE)

jenkins-2-plugins is vulnerable to remote code execution. The vulnerability exists due to a sandbox bypass allowing attackers to execute arbitrary code on the system...

Denial Of Service (DoS)

Red Hat Product Security has rated this issue as having Moderate security impact and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 6 and 7, hence, marked as Out-of-Support-Scope. For additional information, refer to the Issue Severity...

Spoofing Attack

swagger-ui-react is vulnerable to spoofing attack. The vulnerability allows remote attackers to acquire remote OpenAPI definitions by persuading the victim to open a specifically crafted URL...