38355 matches found
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service. The vulnerability exists in the BinaryFunctor function of cwiseopscommon.h due to a size mismatch during broadcast assignment which allows an attacker to cause an application crash by providing malicious input...
Denial Of Service (DoS)
Linux is vulnerable to Denial Of Service DoS. The vulnerability exists in the ismergeableanonvma function of rmap.c due to a use-after-free related to leaf anonvma double reuse which allows an attacker to cause an application crash by providing malicious input...
Information Disclosure
rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: PAM Auth Plugin component, allowing an attacker to access critical data or complete access to all MySQL Server accessible data...
Privilege Escalation
rh-mysql80-mysql is vulnerable to privilege escalation. A high privileged attacker with network access via multiple protocols to compromise MySQL server, resulting in unauthorized update, insert or delete access to some of MySQL server accessible data...
Denial Of Service (DoS)
rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Optimizer component, allowing an attacker to cause an application crash and modify some MySQL Server accessible data through the multiple protocols...
Arbitrary Code Execution
nodejs is vulnerable to Arbitrary Code Execution. The vulnerability exists because the IP addresses are not properly handled which allows an attacker to perform DNS rebinding and execute arbitrary code...
Denial Of Service (DoS)
libvirt.so is vulnerable to denial of service DoS attacks. The locked virStoragePoolObj object in the storagePoolLookupByTargetPath function is not properly released on ACL permission failures which allows clients connected to the read-write socket with limited ACL permissions to acquire the lock...
Information Disclosure
dolphinscheduler-server is vulnerable to Information Disclosure. The vulnerability exists due to improper handling of logs in the process function of LoggerRequestProcessor.java, allowing an attacker to read log files through the log server...
Out-of-bounds Write
libtiff.so is vulnerable to out-of-bound write. The vulnerability exists due to a heap based buffer overflow in uint32t parameter in tifdir.c which allows an attacker to submit a malicious code file into the system and perform out of bound writes...
Denial Of Service (DoS)
libxml2 is vulnerable to denial of service DoS attacks. A malicious user is able to cause an integer overflow leading to a segmentation fault through a multi-gigabyte XML document when the XMLPARSEHUGE parser option enabled, causing the application to crash...
SQL Injection
CodeIgniter is vulnerable to sql injection. The vulnerability exists due to improper implementation of where function of DBquerybuilder.php which allows an attacker to inject and execute malicious sql queries in the system...
Remote Code Execution
moodle/moodle is vulnerable to remote code execution. The vulnerability exists in convertconfigdata function of lib.php when restoring backup files which allows an attacker to execute remote codes in the system...
HTTP Request Smuggling
nodejs-current is vulnerable to HTTP request smuggling. The vulnerability exists due to incorrect parsing header fields in the library, allowing an attacker to smuggle HTTP requests by providing a maliciously crafted input...
Privilege Escalation
github.com/grafana/grafana is vulnerable to privilege escalation. A remote admin is able to take over the server admin account and gain full control of the particular grafana instance when auth proxy is used, via calling a fake datasource publicly through this proxying feature...
Information Disclosure
thunderbird is vulnerable to information disclosure. An attacker can gain sensitive information when composing a response to an HTML email with a META refresh tag...
Denial Of Service (DoS)
chrome is vulnerable to denial of service. The vulnerability exists due to a memory corruption in the functionality of the component SwiftShader allowing an attacker to crash the system via manipulation with an unknown input...
Command Injection
moment-timezone is vulnerable to command injection. An attacker can inject and execute the malicious commands using the childprocess exec function as it does not sanitize the input...
Use-after-poison
MariaDB is vulnerable to an use-after-poison. The vulnerability exists due to lack of proper memory handling in sanitizercommoninterceptors.inc which allows an attacker to do a use-after-poison...
Remote Code Execution (RCE)
chromium is vulnerable to remote code execution. The vulnerability exists due to a use after free in Extensions API allowing an attacker to inject maliciously crafted code into the system...
Privilege Escalation
Zulip is vulnerable to Privilege Escalation. An attacker may exploit the vulnerability by sending a maliciously crafted API call that grants administrator privileges to a bot in control...
Privilege Escalation
gafana is vulnerable to privilege escalation. An attacker can take over another user's account in the grafana instance by supplying a login name through the specified OAuth IdP when the attacker's external user id is linked to a grafana account, and the attacker knows the grafana user name of the...
Timing Attack
@fastify/bearer-auth is vulnerable to timing attacks. The vulnerability exists because the timingSafeEqual functionality in the compare function of plugin.js does not securely perform a constant-time comparison against the length of the bearer token, allowing an attacker to guess the length of th...
Session Fixation
silverstripe/hybridsessions is vulnerable to session fixation. The vulnerability exists because the destroy function of DatabaseStore.php does not properly reset the user session after logging out, allowing an attacker to gain privileges via the client-side cookie...
Denial Of Service (DoS)
curl is vulnerable to denial of service. The vulnerability exists because the amount of accepted "chained" algorithms is very high which allows an attacker to cause an application crash...
Remote Code Execution Backdoor
cloudlabeling is vulnerable to remote code execution. The use of the request package opens up a code execution backdoor, allowing an attacker to perform unauthorized actions and accesses to sensitive information and digital currency keys...
Information Disclosure
kernel is vulnerable to information disclosure. The vulnerability exists due to a userland application can read the contents of the sigpage, which leaks kernel memory contents allowing an attacker to read a process’s memory at a specific offset...
Path Traversal
github.com/golang/go is vulnerable to Path Traversal. The vulnerability exists because the Clean function of path.go does not properly remove the . prefix when the file path contains :, allowing an attacker to access files outside the expected directory on windows...
Denial Of Service (DoS)
mariadb is vulnerable to denial of service. getsortbytable in MariaDB allows an application crash via certain subquery uses of ORDER BY...
Denial Of Service (DoS)
protobuf is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization in google.protobuf.UnknownFieldSet parameter which allows a remote attacker to inject a malicious javascript into the system and crash. which allowing an attacker to...
Information Disclosure
curl is vulnerable to information disclosure.libcurl wrongly allows cookies to be set for Top Level Domains TLDs if thehost name is provided with a trailing dot.curl can be told to receive and send cookies...
Deserialization Of Untrusted Data
topthink/framework is vulnerable to deserialization of untrusted data. The vulnerability exists in unserialize function in Driver.php due to the use of string type as the method parameter which allows an attacker to control the state or the flow of the execution...
Insecure IPv6 Connection
curl has insecure IPv6 connection. The vulnerability exists due to an errors in the logic where the config matching function did not take the IPv6 address zone id into account allowing the system to use the wrong connection when one transfer uses a zone id, and when subsequent transfer uses anoth...
Memory Leak
qemu is vulnerable to a memory leak. The vulnerability exists in virtio-net device of qemu where it forgets to unmap the cached virtqueue element on error where a malicious privileged guest could exploit this issue to crash qemu within the context of the qemu process on the host...
Remote Code Execution (RCE)
ghost is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of the upload and update function allowing an attacker inject maliciously crafted script via an SVG file. NOTE: Vendor states that as outlined in Ghost's security documentation, upload of SVGs is...
CSV Injection
kevinpapst/kimai2 is vulnerable to CSV injection. The vulnerability is possible because the library does not sanitize the $desc parameter, which allows an attacker to inject malicious input...
Denial Of Service (DoS)
Apache is vulnerable to denial of service. The vulnerability exists because a carefully crafted request body can cause a read to a random memory area which could cause the process to crash...
Remote Code Execution (RCE)
gerapy is vulnerable to remote code execution. An attacker can inject and execute malicious commands through the projectconfigure function of views.py...
Insecure HTTP2 TrustManager
spring-cloud-gateway-server uses an insecure HTTP2 TrustManager. Application with default configuration and no key store or trusted certificates uses an insecure trustmanager factory option when HTTP2 is enabled, allowing the gateway connections to remote services with invalid or custom...
Denial Of Service (DoS)
linux is vulnerable to denial of service DoS attacks. A malicious user is able to cause a heap-based buffer overflow, causing the application to crash...
Privilege Escalation
libexpat.so is vulnerable to privilege escalation. The vulnerability exists in the namespace-separator Character Handler in the xmlparse.c allowing an unauthorized user to access the system account...
Injection Vulnerability
Python is vulnerable to injection vulnerability. The vulnerability exists due to a lack of sanitization on the URL string parsed into the urlparse method allowing an attacker to inject maliciously crafted URL...
Information Disclosure
samba is vulnerable to information disclosure...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. The vulnerability exists due to a buffer overflow in drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c...
Denial Of Service (DoS)
libexpat is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization of boundary in storeAtts function in xmlparse.c leading to an integer overflow...
Denial Of Service (DoS)
django is vulnerable to denial of service DoS attacks. A malicious user is able to craft an artificially large password relative to the comparison values, to significantly overhead UserAttributeSimilarityValidator component resulting in denial of service conditions...
Cross-Site Scripting (XSS)
laravel/framework is vulnerable to cross-site scripting XSS. When the parent template contains an exploitable HTML structure, a remote attacker is able to inject arbitrary Javascript via guessing the parent placeholder SHA-1 hash by trying common names of sections...
Denial Of Service (DoS)
SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash...
Privilege Escalation
samba:edge is vulnerable to privilege escalation. The vulnerability exists in the component AD Domain Handler resulting in escalation of privileges...
Directory Traversal
chrome is vulnerable to directory traversal. The vulnerability exists due to Insufficient validation of untrusted input Downloads...
Heap Corruption
chrome is vulnerable to heap corruption. The vulnerability exists due to a use after free in dev tools...