38355 matches found
Denial Of Service (DoS)
github.com/golang/go is vulnerable to Denial of Service DoS attacks. A malicious user is able to cause an infinite loop via integer overflows when calling any of the Parse functions which contain //line directives with very large line numbers, which can cause the application to crash...
Remote Code Execution (RCE)
net.sourceforge.htmlunit:htmlunit is vulnerable to Remote Code Execution RCE. The vulnerability exists in the transform function in XSLTProcessor.java, which allows an attacker to upload and execute malicious code on the system...
Double Free
curl is vulnerable to Double Free. Two threads sharing the same HSTS data could end up doing a double-free or use-after-free due to missing mutexes or thread locks. This was introduced without consideration for sharing across separate threads, which could lead to a double-free or use-after-free...
Authentication Bypass
Google Chrome is vulnerable to Authentication Bypass. The vulnerability exists due to the insufficient policy enforcement in Web Payments API, which allows an attacker to bypass navigation restrictions via a crafted HTML page...
Remote Code Execution (RCE)
SPIP is vulnerable to Remote Code Execution RCE. The vulnerability exists because of the improper sanitization of form values in the public area, allowing an attacker to inject and execute malicious code...
Denial Of Service (DoS)
go is vulnerable to Denial of Service DoS attacks. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files, causing the application to crash...
Privilege Escalation
github.com/containerd/containerd is vulnerable to Privilege Escalation. An authenticated attacker is able to use supplementary group access to bypass primary group restrictions in some cases where supplementary groups are not set up properly inside a container, which allows the attackers to acqui...
Heap-Based Buffer Overflow
ring:sid is vulnerable to Heap-Based Buffer Overflow. An attacker is able to cause buffer over read by parsing a specially crafted STUN message with unknown attribute via multiple functions. This only affects applications using STUN including PJNATH and PJSUA-LIB...
Regular Expression Denial Of Service (ReDoS)
http-cache-semantics is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists in the index.js because of insufficient regular expression complexity which allows an attacker to cause an application crash...
Use-After-Free
openssl is vulnerable to Use-After-Free. The vulnerability exists because there is a missing check for the return value from the initialization function which allows an attacker to cause an application crash...
Denial Of Service (DoS)
kernel-rt is vulnerable to Denial Of Service DoS. The vulnerability exists due to the incorrect TLB flush issue in the library, which leads to random memory corruption or data leaks, allowing an attacker to cause an application crash...
Use-after-free
kernel is vulnerable to Use-after-free. A race condition between the VTDISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free resulting in an application crash...
Authentication Bypass
github.com/KubeOperator/KubeOperator is vulnerable to Authentication Bypass. The vulnerability exists because the V1 function of v1api.go does not properly handle the online application routing permissions, allowing an attacker to bypass the system's preset permission settings to access some API...
Integer Wraparound
linux is vulnerable to an Integer Wraparound. The issue was discovered in l2capconfigreq in net/bluetooth/l2capcore.c which has an integer wraparound via L2CAPCONFREQ packets...
Information Disclosure
curl is vulnerable to Information Disclosure. An attacker may force the library to use an insecure clear-text HTTP step even when HTTPS is provided in the URL. The HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts ...
Information Disclosure
kernel is vulnerable to Information Disclosure. This vulnerability occurs in some IntelR processors due to return predictor targets being shared non-transparently between contexts. This allows a potential attacker to view and disclose sensitive information through local access...
Cross-Origin Resource Sharing (CORS)
quarkus-vertx-http is vulnerable to an insecure cross-origin resource sharing CORS policy. The vulnerability exists because the XMLHttpRequest has no event listeners registered on the object returned by the XMLHttpRequest upload property, allowing an attacker to send malicious GET and POST reques...
Information Disclosure
github.com/grafana/synthetic-monitoring-agent is vulnerable to information disclosure.The vulnerability exists in multiple functions due to default installation of synthetic-monitoring-agent which allows an attacker to communicate with the Synthetic Monitoring API via a debugging endpoint...
Authentication Bypass
github.com/prometheus/exporter-toolkit is vulnerable to authentication bypass. It is possible to bypass the security mechanisms by poisoning the built-in authentication cache when an attacker has access to the web.yml file and user's hashed bcrypted passwords...
Remote Code Execution
yiisoft/yii is vulnerable to remote code execution. The vulnerability exists in the wakeup function of CDbCriteria.php, due to improper deserialization of untrusted user input, which allows the attacker to control the state or the flow of execution...
Denial Of Service (DoS)
grub2 is vulnerable to Denial Of Service DoS. The vulnerability exists in grub2 package because of the unicode sequences not properly validate which may lead to a segmentation fault and an application crash...
Type Confusion
chromium is vulnerable to type confusion. The vulnerability exists in V8 in Google Chrome which allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Out-of-bound Write
Apache Commons BCEL is vulnerable to Out-of-bound Write. The vulnerability is due to ConstantPool.java and ConstantPoolGen.java improperly handing MAXCPENTRIES which allows an attacker to pass data to specific APIs and control the resulting bytecode causing out-of-bound writes...
Improper Verification Of Cryptographic Signature
Passport-saml is vulnerable to improper cryptographic signature verification. A remote attacker is able to bypass SAML authentication via an arbitrary IDP signed XML element, due to improper checks for a valid top-level signature in saml.ts...
Information Disclosure
squid is vulnerable to information disclosure. The vulnerability exits due to inconsistent handling of internal URIs, which allows an attacker to gain access to cache manager information in the file system via bypassing the manager ACL protection...
Memory Leak
bind is vulnerable to memory leak. By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources...
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service. The vulnerability exists in Compute function in batchkernels.cc because Unbatch Op kernel doesn't properly check if the input argument is a scalar which allows an attacker to send non-scalar input IDs causing an application crash...
Authentication Bypass
github.com/kubevela/kubevela is vulnerable to authentication bypass. The vulnerability exists in authentication.go because the users are allowed use the platformID to re-generate the JWT tokens which allows an attacker to bypass the authentication...
Denial Of Service (DoS)
chrome is vulnerable to denial of service. The vulnerability exists due to a memory corruption in FedCM which allows an attacker to crash the application via malicious input...
Denial Of Service (DoS)
chrome is vulnerable to denial of service. The vulnerability exists due to a use after free in WebGPU in Google Chrome allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Information Disclosure
rocketchip2.12 is vulnerable to information disclosure. The vulnerability exists due to the insecure cryptographic algorithm used in RocketCore.scala, allowing an attacker to gain sensitive information through the malicious Zk extensions...
Arbitrary Code Execution
xen is vulnerable to arbitrary code execution. The vulnerability exists in hw due to Mis-trained branch predictions for return instructions which allows an attacker to inject and execute arbitrary speculative codes under certain microarchitecture-dependent conditions...
SQL Injection
django is vulnerable to SQL injection. An attacker is able to execute arbitrary SQL commands via the Trunc and Extract database functions which allows an attacker to execute arbitrary sql queries...
Denial Of Service (DoS)
vim is vulnerable to denial of service. The vulnerability exists due to the usage of invalid index when looking for spell suggestions which causes out-of-bound reads which then lead to an application crash...
Privilege Escalation
chromium is vulnerable to privilege escalation. The vulnerability exists because the lack of implementation of the protection mechanism, allowing an attacker to exploit this flaw by providing malicious input...
Log Injection
org.apache.sling:org.apache.sling.api and org.apache.sling:org.apache.sling.commons.log is vulnerable to log injection. A remote attacker with privileges to forge logs, is able to inject fake logs and potentially corrupt log files, causing unintended behavior in the the system...
Denial Of Service (DoS)
MariaDB is vulnerable to denial of service. The vulnerability exists due to a deadlock indsxbstream.cc, crashing the system when an error occurs streamctxt-destfile == NULL while executing the method xbstreamopen...
Denial Of Service (DoS)
eap is vulnerable to denial of service. The vulnerability exists due to a flaw found in XNIO, specifically in the notifyReadClosed method allowing an attacker to crash the system via a flawed requests sent to a server, possibly causing log contention-related performance concerns or an unwanted di...
Authentication Bypass
Linux kernel is vulnerable to authentication bypass. The vulnerability exists because the users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process which allows an attacker to escalate their privileges and crash the system...
Denial Of Service (DoS)
.NET and Visual Studio are vulnerable to denial of service. The vulnerability exists due to a flaw in dotnet allowing an attacker to crash the system by applying MaxResponseHeadersLength limit for trailing headers to address a denial of service via excess memory allocations through the HttpClient...
Path Traversal
firefox is vulnerable to Path Traversal. A remote attacker is able to use the % character in filenames to store the data outside of the intended directory using windows environment variables, such as %HOMEPATH% or %APPDATA%...
Memory Corruption
firefox is vulnerable to memory corruption vulnerability. Crafted CMS messages are incorrectly processed, leading to invalid memory reads, and potentially further memory corruption...
Heap-based Buffer Overflow
tensorflow is vulnerable to heap-based buffer overflow. The use of AllocatedBytes in the insecure hash function AbslHashValue allows local authenticated attackers to cause heap-based buffer overflows resulting in denial of service conditions...
Denial Of Service (DoS)
libxml2.so is vulnerable to denial of service. The xmlBufCreateSize function of buf.c does not properly check types of buffer sizes, allowing an attacker to crash the application by providing large multi-gigabyte buffers...
Token Validation Bypass
Google OAuth Client is vulnerable to token validation bypass. The function IdTokenVerifier validate any token with custom payload as valid token if the token is properly signed...
Remote Code Execution (RCE)
jenkins-2-plugins is vulnerable to remote code execution. The vulnerability exists due to a sandbox bypass allowing attackers to execute arbitrary code on the system...
SQL Injection
github.com/flipped-aurora/gin-vue-admin is vulnerable to SQL injection. The vulnerability exists due to insecure handling of special elements used in an PostgreSQL Command in server/service/system/sysautocodepgsql.go. The vulnerability is only possible if the user is using PostgreSQL as the...
Buffer Overflow
glibc is vulnerable to buffer overflow. The vulnerability exists due to a memory corruption when the size of the buffer is exactly 1 which allows an attacker to control the input buffer and size passed to getcwd in a setuid program...
Insecure Access Control
linux is vulnerable to insecure access control. The vulnerability exists due to a flaw in kvms390guestsidaop in the arch/s390/kvm/kvm-s390.c function in KVM allowing an attacker to obtain unauthorized memory write access...
Denial Of Service (DoS)
firefox is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization allowing an attacker to crash the system...