Regular Expression Denial Of Service (ReDoS)

Django is vulnerable to regular expression denial of service attacks.The application takes more than linear time when certain strings are passed to the urlize function, resulting in an application crash...

Unsafe Deserialization

infinispan-client-hotrod is vulnerable to unsafe deserializations. Attackers can inject objects into the data cache, which would get deserialized within the client. This could lead to remote code execution and other attacks...

XML External Entity (XXE) Injection

itextpdf is vulnerable to XML external entity XXE injection attacks. These attacks are possible because the library does not disable external entities when parsing pdf files...

Vulnerability Through C Libraries

chef uses vulnerable versions of LibXML2, OpenSSL and LibXSLT. These vulnerabilities are included due to the omnibusoverride file using the vulnerable versions. LibXML2 is vulnerable to the following CVEs: CVE-2017-9050, CVE-2017-9049, CVE-2017-9048, CVE-2017-9047, CVE-2017-8872, and CVE-2016-931...

Remote Code Execution (RCE)

github.com/kubernetes/dns leverages the dnsmasq library which is vulnerable to a heap-based buffer overflow. An attacker could cause a denial of service or execute arbitrary code via crafted DNS response. This issue in dnsmasq has been assigned CVE-2017-14491...

Denial Of Service (DoS)

Apache cxf-core is vulnerable to denial of service DoS attacks. The attack can be triggered if the attacker sends a content-disposition value containing more than 50000 characters, leading to high CPU usage in the application...

Write Files Outside Of Repository

Mercurial is vulnerable to files outside of the repository being overwritten. This is because the symlink auditing isn't complete which allows attackers to write files outside of the repository...

Unauthorised Metadata Modification

Moodle is vulnerable to unauthorised metadata modification. The vulnerability exists due to a flaw in mod/assign/externallib.php which does not filter the function parameters, allowing modification of the grade metadata information...

Denial Of Service (DoS)

ImageMagick is vulnerable to denial of service DoS attacks. A malicious user can pass a malicious MIFF file to the system to trigger an infinite loop to occur that can cause the system to run out of resources and crash...

Denial Of Service (DoS) Through Memory Consumption

OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible due to a memory leak in the dtls1bufferrecord function which can be triggered by sending duplicate records for the next epoch...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible because the sslgetalgorithm2 function obtains a version number from an incorrect data structure crashing the daemon through traffic from a TLS 1.2 client...

Information Disclosure

OpenSSL is vulnerable to information disclosure. When pretty printing through the OBJobj2txt function in crypto/objects/objdat.c is it possible for attackers to read from the process stack memory. This is caused because OpenSSL does not ensure the presence of \0 characters...

Denial Of Service (DoS) Through Null Pointer Dereference

OpenSSL is vulnerable to denial of service DoS attacks. This is caused by the sslsetclientdisabled function and triggered by a ServerHello message that includes an SRP ciphersuite but no negotiation of that suite with the client...

Side Channel Attack On Modular Exponentiation

OpenSSL is vulnerable to side channel attacks. The vulnerability exploits cache-bank conflicts on the Intel Sandy-Bridge microarchitecture, exposing RSA keys. However, an attacker can only exploit this only if he has control of code in a thread running on the same hyper-threaded core as the victi...

Timing Attacks

OpenSSL is vulnerable to timing attacks. Certain cryptographic functions do not run in constant time, meaning that a malicious user can recover a DSA private key based on the time taken for the operations...

Weak Encryption Key

bouncycastle generates a weak private DSA key when the default values are used...

Arbitrary Command Execution

less is vulnerable to Arbitrary Command Execution.The vulnerability is due to the omission of shellquote calls for LESSCLOSE in the closealtfile function within the filename.c file of the less command-line utility, allows attackers to execute arbitrary commands...

Denial Of Service (DoS)

io.netty: netty-codec-http is vulnerable to Denial Of Service DoS. The vulnerability is due to missing form field restrictions within the HttpPostRequestDecoder class. An attacker can send a chunked POST request with many small form fields, possibly resulting in Denial of Service DoS...

Denial Of Service (DoS)

XNIO API is vulnerable to Denial of Service DoS. The vulnerability is caused due to the problematic accumulation of notifier states within the chain. When this chain grows to be excessively large, it can lead to a StackOverflowException, overwhelming the stack and potentially causing Denial of...

Asymmetric Resource Consumption

python is vulnerable to Asymmetric Resource Consumption. This vulnerability is due to an issue in the zip format, allowing for the creation of zip-bombs with a high compression ratio...

Denial Of Service (DoS)

github.com/argoproj/argo-cd is vulnerable to Denial of Service DoS. The vulnerability is due to unsafe manipulation of an array in a multi-threaded environment. When two threads interact with the same array simultaneously this flaw can potentially leads to an application crash...

Authentication Bypass

OpenMetadata is vulnerable to Authentication Bypass. The vulnerability is caused due to improper path validation in the JwtFilter, allowing attackers to bypass authentication mechanisms by exploiting the presence of path parameters in requests...

Denial Of Service (DoS)

Django is vulnerable to Denial Of Service DoS. The vulnerability is due to inefficient string processing within the intcomma template filter when a long string is parsed. This issue can be exploited by an attacker to cause DoS...

Bleichenbacher Timing Attack

M2Crypto is vulnerable to Bleichenbacher Timing Attack. The vulnerability is due insecure padding schemes, resulting in the exposure of confidential or sensitive data...

Use After Free

Canvas in Google Chrome is vulnerable to Use after free.The vulnerability is due to referencing memory after it has been freed which allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Out-of-bounds Write

openssl:edge is vulnerable of Out-of-bounds Write. The vulnerability due to the application state might be corrupted with various application dependent consequences when returning to the caller. It allows an attacker could get complete control of the application process which leads to denial of...

Expired Pointer Dereference

squid is vulnerable to Expired Pointer Dereference. The vulnerability is due to the usage of a pointer after dereference. An attacker can exploit this vulnerability to mount a Denial Of Service DOS attack against Cache Manager error responses when generating error pages for Client Manager reports...

Improper Access Control

CRI-O is vulnerable to Improper Access Control. The vulnerability is due to improper restrictions of the experimental io.kubernetes.cri-o.UnifiedCgroup annotation, which results in container resources being unconfined. This issue can be exploited by an attacker to specify any amount of memory/cpu...

Cross-Site Scripting

cacti is vulnerable to Cross-Site Scripting. The vulnerability is due to in templatesimport.php When uploading an xml template file, if the XML file does not pass the check, the server will give a JavaScript pop-up prompt, which contains unfiltered xml template file name, potentially leads to XSS...

SQL Injection

Cacti is vulnerable to SQL Injection. The vulnerability is due to a lack of input sanitization in pollers.php script. This allows an attacker to potentially execute malicious SQL code, resulting in a SQL injection...

Directory Traversal

Asterisk is vulnerable to Directory Traversal. The vulnerability arises because it allows the reading of any arbitrary file, even when the livedangerously setting is not enabled.This allows arbitrary files to be read...

Denial Of Service

asterisk:sid is vulnerable to denial of service. The vulnerability due to a race condition in the hello handshake phase of the DTLS protocol when handling DTLS-SRTP for media setup. It allows an attacker can be done continuously, thus denying new DTLS-SRTP encrypted calls which can leads to denia...

External Control Of File Name Or Path

h2o is vulnerable to External Control of File Name or Path. The vulnerability exists due to improper input validation which allows an attacker to manipulate file paths to access or modify files outside of the intended directories...

Denial Of Service

Reactor Netty HTTP Server is vulnerable to Denial Of Service DOS. The vulnerability is due to the improper validation of HTTP requests while if the micrometer integration is enabled, which can result in Denial Of Service...

Denial Of Service (DoS)

Spring Boot is vulnerable to Denial Of Service. The vulnerability is due to parsing malicious HTTP Request without proper validation or sanitization. This issue can be exploited by an attacker via crafting mailicous HTTP Request leading to Denial Of Service. Note that the following conditions mus...

Use After Free

Google Chrome is vulnerable to Use After Free. The vulnerability exists in the Garbage Collection process, potentially allowing an attacker to exploit heap corruption via a maliciously crafted HTML page...

Denial Of Service (DoS)

LibTIFF is vulnerable to Denial of Service. The vulnerability is due to mishandling memory allocation for short files in the TIFFReadDirEntryArray function. This can potentially lead to an allocation failure and application crash...

Buffer Overflows

qemu is vulnerable to Buffer Overflows. A guest I/O address overflow vulnerability allows an attacker to overwrite arbitrary memory on the host system by exploiting a flaw in the way that QEMU handles guest I/O operations...

Cross-site Scripting (XSS)

chromium is vulnerable to Remote Code Execution RCE. The vulnerability exists due to the inappropriate implementation in Payments, which allows an attacker to bypass XSS preventions via a malicious file...

Privilege Escalation

samba is vulnerable to Privilege Escalation. A design flaw in the Samba DirSync control implementation that exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs allows RODCs and users possessing the GETCHANGES right to access all attributes,...

Information Disclosure

tomcat-catalina is vulnerable to information disclosure. This vulnerability exists due to an improper request recycling mechanism, allowing an attacker to possibly access other requests...

Integer Overflow

libsysstat.so is vulnerable to Integer Overflow. The vulnerability exists due to invalid memory allocations in common.c which allows an attacker to cause an overflow and out-of-bound reads...

Denial Of Service (DoS)

wireshark is vulnerable to Denial of Service DoS. A memory leak in the RTPS dissector allows a remote attacker to cause a denial of service DoS attack by sending a specially crafted RTPS packet...

Denial Of Service (DoS)

ghostscript is vulnerable to Denial Of Service DoS. A divide-by-zero vulnerability in the epsprintpage function in gdevepsn.c allows a local attacker to cause a denial of service by opening a specially crafted PDF document...

Remote Code Execution (RCE)

exim is vulnerable to Remote Code Execution RCE. The vulnerability arises from the absence of proper validation for user-supplied data in the SMTP service. This could result in a buffer overflow, enabling an attacker to inject and execute malicious code within the service account's context...

Insecure Temporary Files

org.jenkins-ci.main: jenkins-core is vulnerable to Insecure Temporary Files. The vulnerability is caused by not restricting permissions to the temporary file in the system temporary directory and leaving the newly created files with default permissions which are created by the Jenkins API...

HTTP Request Smuggling

Jetty is vulnerable to HTTP Request Smuggling. The vulnerability is due to accepting + character proceeding the content-length in the request. This vulnerability can be exploited by the attacker to possibly conduct request smuggling attacks...

Denial Of Service (DoS)

wireshark is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the packet-cp2179.c file. The file is responsible for decoding CP2179 packets. The vulnerability occurs when the file fails to properly check the length of a packet. This can cause Wireshark to divide by zero,...

Denial Of Service (DoS)

binutils is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the findabstractinstance function in the dwarf2.c file. The function is responsible for finding the nearest line number for a given address in an ELF file. The vulnerability occurs when the function fails to...

Denial Of Service (DoS)

binutils is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the loadseparatedebugfiles function in the dwarf2.c file. The function is responsible for loading debug information from separate ELF files. The vulnerability occurs when the function fails to properly check the...