Arbitrary Code Execution

nodejs is vulnerable to Arbitrary Code Execution. The vulnerability exists because the IP addresses are not properly handled which allows an attacker to perform DNS rebinding and execute arbitrary code...

Out-of-bounds Write

libtiff.so is vulnerable to out-of-bound write. The vulnerability exists due to a heap based buffer overflow in uint32t parameter in tifdir.c which allows an attacker to submit a malicious code file into the system and perform out of bound writes...

Heap-based Buffer Overflow

tcppreplay is vulnerable to heap-based buffer overflow. The vulnerability exists in the parsempls in get.c which allows an attacker to cause buffer overflows...

Denial Of Service (DoS)

mediawiki is vulnerable to denial of service. The vulberability exists in HTMLUserTextField where the attacker will code a specially crafted code to expose the existence of the hidden users...

Arbitrary Code Execution

webkitgtk is vulnerable to Arbitrary Code Execution. The vulnerability exists due to a out-of-bounds write issue which allows an attacker to send maliciously crafted web content that may lead to arbitrary code execution...

Denial Of Service (DoS)

kafka-clients is vulnerable to denial of service. An attacker can crash the application through the OutOfMemoryException in the readArray function of ByteBufferAccessor.java by providing large amounts of memory on brokers...

Denial Of Service (DoS)

jettison is vulnerable to Denial Of Service DoS. The vulnerability exists due to the stack overflow in the convertToJSONPrimitive function of DefaultConverter.java, allowing an attacker to cause an application crash by providing malicious input through the parser...

Improper Input Validation

chromium is vulnerable to improper input validation. The vulnerability exists due to improper input validation in Mojo extension, which allows a remote attacker to perform a sandbox escape via a crafted HTML page...

Authentication Bypass

github.com/kubevela/kubevela is vulnerable to authentication bypass. The vulnerability exists in authentication.go because the users are allowed use the platformID to re-generate the JWT tokens which allows an attacker to bypass the authentication...

Denial Of Service (DoS)

chrome is vulnerable to denial of service. The vulnerability exists due to a memory corruption in FedCM which allows an attacker to crash the application via malicious input...

Use-after-poison

MariaDB is vulnerable to an use-after-poison. The vulnerability exists due to lack of proper memory handling in sanitizercommoninterceptors.inc which allows an attacker to do a use-after-poison...

Denial Of Service (DoS)

vim is vulnerable to denial of service. The vulnerability exists due to the use after free in the library, allowing an attacker to crash the application by providing a malicious input...

Command Injection

s3-kilatstorage is vulnerable to command injection. The vulnerability exists due to a lack of sanitization of the input argument allowing an attacker to inject maliciously crafted OS command into the system...

Arbitrary Code Execution

xen is vulnerable to arbitrary code execution. The vulnerability exists in hw due to Mis-trained branch predictions for return instructions which allows an attacker to inject and execute arbitrary speculative codes under certain microarchitecture-dependent conditions...

Arbitrary Code Execution

xen is vulnerable to Arbitrary Code Execution. The vulnerability exists in Spectre variant under certain microarchitecture-dependent conditions which allows an attacker to inject and execute arbitrary speculative codes...

Use-After-Free

qemu is vulnerable to use-after-free. The vulnerability exists in USB EHCI controller emulation because EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets which allows an attacker to cause an application crash...

Command Injection

git-clone is vulnerable to command injection. The vulnerability exists due to the insecure usage of the --upload-pack feature of git. An attacker with the ability to control the options object provided to the clone function through the options.args array, is able to inject arbitrary commands to r...

SQL Injection

django is vulnerable to SQL injection. An attacker is able to execute arbitrary SQL commands via the Trunc and Extract database functions which allows an attacker to execute arbitrary sql queries...

Remote Code Execution (RCE)

openssl is vulnerable to remote code execution. The vulnerability exists due to the improper RSA implementation of AVX512IFMA instructions in X8664 CPUs, allowing an attacker to crash the application by providing a malicious input...

Denial Of Service (DoS)

vim is vulnerable to denial of service. The vulnerability exists due to the usage of invalid index when looking for spell suggestions which causes out-of-bound reads which then lead to an application crash...

Authentication Bypass

Linux kernel is vulnerable to authentication bypass. The vulnerability exists because the users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process which allows an attacker to escalate their privileges and crash the system...

Denial Of Service (DoS)

github.com/minio/minio is vulnerable to distributed denial of service attacks. The vulnerability exists in the serverMain function in server-main.go due to a lack of validation in client requests. This allows a malicious user to cause an application crash...

Denial Of Service (DoS)

libtiff is vulnerable to denial of service. The vulnerability exists due to a buffer overflow in the "invertImage" function in the component "tiffcrop" allowing an attacker to crash the system via the "invertImage"...

Denial Of Service (DoS)

mariadb is vulnerable to denial of service. getsortbytable in MariaDB allows an application crash via certain subquery uses of ORDER BY...

Command Injection

github.com/hashicorp/go-getter is vulnerable to command injection. The vulnerability exists in clone function in gethg.go due to improper handling of user input which allows an attacker to inject and execute arbitrary commands...

Path Traversal

firefox is vulnerable to Path Traversal. A remote attacker is able to use the % character in filenames to store the data outside of the intended directory using windows environment variables, such as %HOMEPATH% or %APPDATA%...

Denial Of Service (DoS)

protobuf is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization in google.protobuf.UnknownFieldSet parameter which allows a remote attacker to inject a malicious javascript into the system and crash. which allowing an attacker to...

Improper Access Control

github.com/awake1t/linglong is vulnerable to access control bypass. The vulnerability exists in the jwt.go due to the hard coded jwt token which allows an attacker to craft a malicious cookie and gain access to the system...

Out-of-bounds Write

Qt is vulnerable to Out-of-bounds Write. The vulnerability exists in QtPrivate::QCommonArrayOps::growAppend which allows an attacker who is able to submit a crafted image file to an application that uses qsvghandler could cause an out-of-bounds write and potential denial of service...

Heap-based Buffer Overflow

tensorflow is vulnerable to heap-based buffer overflow. The use of AllocatedBytes in the insecure hash function AbslHashValue allows local authenticated attackers to cause heap-based buffer overflows resulting in denial of service conditions...

Integer Overflow

org.springframework.security:spring-security-crypto is vulnerable to integer overflows. The encoder does not perform any salt rounds when the BCrypt class is used with the maximum work factor31, allowing a local authenticated attacker to cause an integer overflow error resulting in the attacker...

Cross-Site Scripting (XSS)

total.js is vulnerable to stored cross-site scripting. The vulnerability exists in upload function due to lack of sanitization which allows an attacker to execute arbitrary javascript via a javascript embedded PDF file...

Denial Of Service (DoS)

pjproject is vulnerable to denial of service. The vulnerability exists due to the library does not properly check the WAV file data length when it greater than 31-bit, allowing an attacker to crash the application by providing malicious WAV files...

Token Validation Bypass

Google OAuth Client is vulnerable to token validation bypass. The function IdTokenVerifier validate any token with custom payload as valid token if the token is properly signed...

Information Disclosure

curl is vulnerable to information disclosure. The vulnerability exists due to improper security validations which allows an attacker to gain access to credentials of other servers...

SQL Injection

github.com/flipped-aurora/gin-vue-admin is vulnerable to SQL injection. The vulnerability exists due to insecure handling of special elements used in an PostgreSQL Command in server/service/system/sysautocodepgsql.go. The vulnerability is only possible if the user is using PostgreSQL as the...

Regular Expression Denial Of Service (ReDoS)

ckeditor4 is vulnerable to regular expression denial of service. The vulnerability exists due to a lack of sanitization of the input validator regular expression in dialog...

Information Disclosure

moodle/moodle is vulnerable to information exposure. The vulnerability exists due to a lack of sanitization in output field in the manage.php file, allowing to read sensitive information in the system...

Denial Of Service (DoS)

github.com/istio/istio is vulnerable to Denial Of Service DoS. The vulnerability exists because the library does not properly limit the reads from untrusted inputs, allowing an attacker to crash the application by providing maliciously crafted messages...

Denial Of Service (DoS)

Chrome is vulnerable to denial of service. The vulnerability exists due to a Use after free in WebShare...

Denial Of Service (DoS)

com.liferay.layout.admin.web is vulnerable to denial of service. The vulnerability exists due to improper handle of user privileges in script.jsp file allows a remote attacker to restrict system access to the legitimate users...

Privilege Escalation

libexpat.so is vulnerable to privilege escalation. The vulnerability exists in the namespace-separator Character Handler in the xmlparse.c allowing an unauthorized user to access the system account...

Denial Of Service (DoS)

vim is vulnerable to denial of service. The vulnerability exists due to a heap-based buffer overflow which allows an attacker to cause an application crash...

Injection Vulnerability

Python is vulnerable to injection vulnerability. The vulnerability exists due to a lack of sanitization on the URL string parsed into the urlparse method allowing an attacker to inject maliciously crafted URL...

Denial Of Service (DoS)

linux kernel is vulnerable to Denial Of Service DoS. The vulnerability exists due to an array-index-out-of-bounds flaw in the detachcapictr function in drivers/isdn/capi/kcapi.c...

Authorization Bypass

Google Chrome is vulnerable to authorization bypass. This is because the insufficient policy enforcement in background fetch in prior to 96.0.4664.45 allows a remote attacker to bypass same origin policy via a crafted HTML page...

Denial Of Service (DoS)

firefox is vulnerable to denial of service. The vulnerability exists due to a heap-buffer-overflow in blendGaussianBlur allowing an attacker to crash the system by applying a CSS filter effect...

Denial Of Service (DoS)

libexpat is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization of boundary in storeAtts function in xmlparse.c leading to an integer overflow...

Denial Of Service (DoS)

linux-oracle:hirsute is vulnerable to denial of service. A memory leak in the ccprunaesgcmcmdfunction in drivers/crypto/ccp/ccp-ops.c in the Linux kernel allows attackers to cause an application crash...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service DoS attacks. A flaw out of bounds memory access in the Linux kernel bluetooth subsystem was found in the way when some data being read about the bluetooth device with the hciextendedinquiryresultevt call. A local user could use this flaw to crash the...