Path Traversal

samba is vulnerable to Path Traversal. An attacker could exploit this vulnerability by creating a malicious file with a specially crafted path and then uploading the file to a Samba share. When a user downloads the file, the Samba server will resolve the path to the file on the underlying...

Out-of-bounds Read

libopensc.so is vulnerable to out-of-bounds reads. The vulnerability exists in card-myeid.c because it does not properly validate symmetric keys, which allows an attacker to send maliciously crafted responses to the APDU and read information outside of the intended range...

Heap Buffer Overflow

Google Chrome is vulnerable to Heap Buffer Overflow. The vulnerability exists in the vp8 encoding in libvpx in the library, which allows an attacker to cause heap corruption via a maliciously crafted HTML page...

HTTP Request/Response Smuggling

gevent is vulnerable to HTTP Request/Response Smuggling. The vulnerability is caused by a missing validation check on trailers in processing of chunked requests in the WSGI application on keep-alive connections. This can lead to an attacker carefully crafting invalid trailers in chunked requests...

Remote Code Execution

Microsoft .NET 7.0 and .NET 6.0 are vulnerable to Remote Code Execution RCE. The vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file which may lead to RCE...

SQL Injection

cacti is vulnerable to SQL Injection attacks. An attacker could exploit this vulnerability by sending a specially crafted SQL injection payload to a vulnerable Cacti server. This payload could allow the attacker to escalate their privileges to the root user or execute arbitrary code on the server...

Man-in-the-Middle (MitM)

open-vm-tools is vulnerable to Man-in-the-Middle MitM attacks. This vulnerability can be exploited by an attacker with man-in-the-middle MITM network positioning between vCenter and the ESXi host hosting the virtual machine to bypass SAML token signature verification, to perform VMware Tools Gues...

Timing Attack

python3.9 is vulnerable to Improper Access Control. The vulnerability exists due to a flaw in the way the hmac.comparedigest function in the Lib/hmac.py module compares two message digests. An attacker can exploit this vulnerability to distinguish between different message digests, which could be...

Denial Of Service (DoS)

mariadb is vulnerable to Denial of Service DoS attacks. The vulnerability occurs when MariaDB attempts to print a warning message for a query that fails. If the query contains a NULL value, MariaDB could dereference a NULL pointer and crash...

Leak Of Webhook Secret Token

gitlab is vulnerable to Leak Of Webhook Secret Token. The vulnerability exists because the project maintainer could leak a webhook secret token by changing the webhook URL to an endpoint, allowing them to capture request headers...

Authentication Bypass

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine...

Authentication Bypass

gitlab is vulnerable to Authentication Bypass. The vulnerability allows an attacker to bypass 2FA for LDAP users and access some specific pages with Basic Authentication...

Remote Code Execution (RCE)

gitlab is vulnerable to Remote Code Execution RCE. The vulnerability exists becuse the library does not properly validate image files, allowing an attacker to inject and execute malicious command through the file parser...

Insufficient Data Validation

chromium is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the insufficient data validation in Extensions, allowing an attacker to convince user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension...

Remote Code Execution (RCE)

suricata is vulnerable to Remote Code Execution RCE. Lack of proper checking user input allows an attacker who controls an external source of Lua rules to upload and execute malicious code on the system...

Improper Certificate Validation

cryptography is vulnerable to Improper Certificate Validation. The vulnerability exists due to the parseextsopts function in ssh.py because loading ssh certificates generated with ssh-keygen or SSHCertificateBuilder yields unexpected results which potentially allows an attacker to perform...

Regular Expression Denial Of Service (ReDoS)

django is vulnerable to Regular Expression Denial of Service ReDoS. A remote attacker is able to cause denial of service conditions through the EmailValidator or URLValidator functions via submitting a large number of domain name labels of emails and URLs...

Denial Of Service (DoS)

openssl is vulnerable to Denial of Service DoS. The vulnerability causes applications using 'OBJobj2txt' directly, or use any OpenSSL subsystem with no message size limit to experience notable to very long delays when processing those messages, which may lead to a Denial of Service...

Authentication Bypass

n8n is vulnerable to Authentication Bypass. The vulnerability is due to a lack of authentication in auth.ts when the url contains .svg, resulting in information disclosure...

Denial Of Services (DoS)

openssl is vulnerable to Denial Of Services DoS. The vulnerability exists due to the bug in the AES-XTS cipher decryption implementation for 64 bit ARM platform, which reads the past input buffer, leading to an application crash...

Improper Input Validation

OpenJDK is vulnerable to Improper Input Validation. An attacker can access to critical data or complete access to all Oracle Java SE and Oracle GraalVM Enterprise Edition accessible data through the multiple protocols...

Integer Overflow

chromium is vulnerable to interger overflow. A malicious attacker could perform a sandbox escape via a crafter html page by comprimising the renderer process leading to interger overflow...

Memory Corruption

firefox is vulnerable to Memory Corruption. The vulnerability occurs if multiple instances of resource exhaustion happens at the incorrect time, the garbage collector could cause memory corruption and a potentially exploitable crash...

Remote Code Execution (RCE)

net.sourceforge.htmlunit:htmlunit is vulnerable to Remote Code Execution RCE. The vulnerability exists in the transform function in XSLTProcessor.java, which allows an attacker to upload and execute malicious code on the system...

Denial Of Services (DoS)

graphql-java is vulnerable to Denial Of Services DoS. An attacker can send a maliciously crafted GraphQL query that causes excessive stack consumption, which can lead to an application crash...

Double Free

curl is vulnerable to Double Free. Two threads sharing the same HSTS data could end up doing a double-free or use-after-free due to missing mutexes or thread locks. This was introduced without consideration for sharing across separate threads, which could lead to a double-free or use-after-free...

Cross-site Scripting (XSS)

cacti is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the improper escaping of error message during template import preview in the xmlpath field in the templatesimport.php, allowing an attacker to inject and execute malicious javascript...

Arbitrary Code Execution

webkitgtk is vulnerable to Arbitrary Code Execution. Processing maliciously crafted web content may lead to arbitrary code execution which allows a remote attacker to create a specially crafted web page and trick the victim into opening it, triggering type confusion, and execute arbitrary code on...

Information Disclosure

Linux kernel is vulnerable to Information Disclosure. The vulnerability exists because the internal memory locations could be returned to userspace, allowing an attacker with permission to insert eBPF code into the kernel, which leads to a leak of internal kernel memory details when handling...

Denial Of Service (DoS)

github.com/containerd/containerd is vulnerable to Denial of Service DoS. The vulnerability exists because the onUntarJSON function in importer.go does not properly limit the number of bytes read for specific files when importing an OCI image, allowing an attacker to cause an application crash...

Denial Of Service (DoS)

go is vulnerable to Denial of Service DoS attacks. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files, causing the application to crash...

Information Disclosure

linux is vulnerable to Information Disclosure. An attacker is able to gain access to leaked kernel pointers remotely via l2capparseconfreq function of net/bluetooth/l2capcore.c, resulting in disclosure of sensitive information...

Denial Of Service (DoS)

kernel is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the smb2ioctlqueryinfo function of fs/cifs/smb2ops.c, in Common Internet File System CIFS due to an incorrect return from the memdupuser function. This flaw allows a local, privileged attacker to crash the system...

Denial Of Service (DoS)

bind is vulnerable to Denial of Service DoS. The vulnerability exists because Bind incorrectly handled a large number of UPDATE messages which allows a remote attacker to use this issue to cause Bind to consume resources, resulting in a denial of service...

Authentication Bypass

github.com/KubeOperator/KubeOperator is vulnerable to Authentication Bypass. The vulnerability exists because the V1 function of v1api.go does not properly handle the online application routing permissions, allowing an attacker to bypass the system's preset permission settings to access some API...

XML External Entity (XXE)

swift is vulnerable to XML External Entity XXE attacks. The vulnerability allows a remote authenticated attacker to access potentially sensitive data in S3 buckets by persuading the S3 API into returning arbitrary file contents from the host server...

Information Disclosure

kernel is vulnerable to Information Disclosure. This vulnerability occurs in some IntelR processors due to return predictor targets being shared non-transparently between contexts. This allows a potential attacker to view and disclose sensitive information through local access...

Cross-site Scripting (XSS)

nextcloud-desktop is vulnerable to cross-site scripting. An attacker can inject and execute malicious HyperText Markup Language into the Desktop Client application...

Heap Buffer Overflow

Chromium and Electron are vulnerable to a Heap Buffer Overflow. The vulnerability is caused by an out of bounds heap memory write which can result in an application crash...

Authentication Bypass

github.com/prometheus/exporter-toolkit is vulnerable to authentication bypass. It is possible to bypass the security mechanisms by poisoning the built-in authentication cache when an attacker has access to the web.yml file and user's hashed bcrypted passwords...

Denial Of Service (DoS)

grub2 is vulnerable to Denial Of Service DoS. The vulnerability exists in grub2 package because of the unicode sequences not properly validate which may lead to a segmentation fault and an application crash...

Use After Free

linux-azure, linux-aws, linux-gcp, linux-oracle and linux-kvm is vulnerable to Use After Free. The vulnerability exists in mm/mremap.c via a stale tlb because of a rmap lock is not held during a pud move...

Privilege Escalation

rh-mysql80-mysql is vulnerable to privilege escalation. A high privileged attacker with network access via multiple protocols to compromise MySQL server, resulting in unauthorized update, insert or delete access to some of MySQL server accessible data...

Arbitrary Code Execution

nodejs is vulnerable to Arbitrary Code Execution. The vulnerability exists because the IP addresses are not properly handled which allows an attacker to perform DNS rebinding and execute arbitrary code...

Denial Of Service (DoS)

firefox is vulnerable to denial of service. The vulnerability exists if the Garbage Collector was in a specific state, leading to memory corruption and potentially result in an application crash...

Out-of-bounds Write

libtiff.so is vulnerable to out-of-bound write. The vulnerability exists due to a heap based buffer overflow in uint32t parameter in tifdir.c which allows an attacker to submit a malicious code file into the system and perform out of bound writes...

Denial Of Service (DoS)

mediawiki is vulnerable to denial of service. The vulberability exists in HTMLUserTextField where the attacker will code a specially crafted code to expose the existence of the hidden users...

Arbitrary Code Execution

webkitgtk is vulnerable to Arbitrary Code Execution. The vulnerability exists due to a out-of-bounds write issue which allows an attacker to send maliciously crafted web content that may lead to arbitrary code execution...

Denial Of Service (DoS)

php is vulnerable to Denial Of Service DoS. The vulnerability exists due to the phar uncompressor code which recursively uncompress quines gzip files, resulting in an infinite loop and deplete the system resource...

Denial Of Service (DoS)

kafka-clients is vulnerable to denial of service. An attacker can crash the application through the OutOfMemoryException in the readArray function of ByteBufferAccessor.java by providing large amounts of memory on brokers...