38133 matches found
SQL Injection
Cacti is vulnerable to SQL Injection. The vulnerability is due to a lack of input sanitization in pollers.php script. This allows an attacker to potentially execute malicious SQL code, resulting in a SQL injection...
Denial Of Service
asterisk:sid is vulnerable to denial of service. The vulnerability due to a race condition in the hello handshake phase of the DTLS protocol when handling DTLS-SRTP for media setup. It allows an attacker can be done continuously, thus denying new DTLS-SRTP encrypted calls which can leads to denia...
Denial Of Service
Reactor Netty HTTP Server is vulnerable to Denial Of Service DOS. The vulnerability is due to the improper validation of HTTP requests while if the micrometer integration is enabled, which can result in Denial Of Service...
Denial Of Service (DoS)
Spring Boot is vulnerable to Denial Of Service. The vulnerability is due to parsing malicious HTTP Request without proper validation or sanitization. This issue can be exploited by an attacker via crafting mailicous HTTP Request leading to Denial Of Service. Note that the following conditions mus...
Denial Of Service (DoS)
LibTIFF is vulnerable to Denial of Service. The vulnerability is due to mishandling memory allocation for short files in the TIFFReadDirEntryArray function. This can potentially lead to an allocation failure and application crash...
Privilege Escalation
samba is vulnerable to Privilege Escalation. A design flaw in the Samba DirSync control implementation that exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs allows RODCs and users possessing the GETCHANGES right to access all attributes,...
Integer Overflow
libsysstat.so is vulnerable to Integer Overflow. The vulnerability exists due to invalid memory allocations in common.c which allows an attacker to cause an overflow and out-of-bound reads...
Denial Of Service (DoS)
wireshark is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the packet-cp2179.c file. The file is responsible for decoding CP2179 packets. The vulnerability occurs when the file fails to properly check the length of a packet. This can cause Wireshark to divide by zero,...
Denial Of Service (DoS)
binutils is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the findabstractinstance function in the dwarf2.c file. The function is responsible for finding the nearest line number for a given address in an ELF file. The vulnerability occurs when the function fails to...
Denial Of Service (DoS)
binutils is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the loadseparatedebugfiles function in the dwarf2.c file. The function is responsible for loading debug information from separate ELF files. The vulnerability occurs when the function fails to properly check the...
Denial Of Service (DoS)
binutils is vulnerable to Denial Of Service DoS. The vulnerability exists in the bfdmachogetsyntheticsymtab function of match-o.c, which allows an attacker to cause an aplication crash by providing a maliciously crafted input...
Remote Code Execution (RCE)
GitPython is vulnerable to Remote Code Execution RCE. The vulnerability exists because the clone function of base.py does not properly sanitize the non-multi options, which allows an attacker to inject an OS command into the clone command. NOTE: this issue exists because of an incomplete fix for...
Arbitrary Code Execution
langchain is vulnerable to Arbitrary Code Execution. The vulnerability exists in the frommathprompt function at langchain.chains.PALChain which allows an attacker to execute arbitrary codes through prompt injection...
Denial Of Service (DoS)
Magick is vulnerable to Denial of Service DoS attacks. Applications using the DHcheck, DHcheckex, or EVPPKEYparamcheck methods to check a DH key or DH parameters may encounter lengthy delays. If the key or parameters being verified have come from an unreliable source, this might result in a Denia...
Cross-Site Scripting (XSS)
copyparty is vulnerable to Cross-Site Scripting. The vulnerability exists due to a lack of user input validation in the ?k304= and ?setck= parameters which allows an attacker to inject and execute arbitrary JavaScript into the browser...
Argument Injection
go is vulnerable to Argument Injection. Running "go get" or any intrusted code on a malicious module may execute arbitrary code at build time...
Use After Free
Google Chrome is vulnerable to Use After Free. The vulnerability is due to improper memory management in the media API, which results in heap corruption via crafted HTML page...
Denial Of Service (DoS)
libcurl.so is vulnerable to Denial of Service DoS attacks. Although libcurl offers a number of backends for resolving host names, name resolves may time out if built to use the synchronous resolver to slowdown operations with alert and siglongjmp, resulting in multi-threaded application showing...
Information Disclosure
libcurl.so is vulnerable to Information Disclosure. The SSH server's public key is verified with the use of a SHA 256 hash functionality provided by the library, however if the check is unsuccessful, the fingerprint's memory will be released before an error message is returned. This issue puts...
Remote Code Execution (RCE)
System.Drawing.Common is vulnerable to Remote Code Execution RCE. The vulnerability exists because the library does not add the reference count to the graphics metafiles, which allows an attacker to inject and execute malicious code by providing maliciously crafted graphic files. This vulnerabili...
Reflected File Download
github.com/gin-gonic/gin is vulnerable to Reflected File Download. The vulnerability exists because the FileAttachment function of context.go does not properly sanitize the filename parameter, which allows an attacker to modify the Content-Disposition header and replace the .txt file name suffix...
Directory Traversal
n8n is vulnerable to Directory Traversal. Improper input validation for the credentialType argument of the getCredentialTranslationPath function allows directory traversal via the /rest/credential-translation endpoint, resulting in file disclosure...
Denial Of Service (DOS)
github.com/apptainer/apptainer is vulnerable to Denial Of Service. The vulnerability exists due to a after free bug when mounting extfs file systems, which allows an attacker to crash the kernel or escalate privileges...
Information Disclosure
virtualbox is vulnerable to Information Disclosure. A high priviledged attacker with logon capabilities to the infrastructure,can comprimize virtualbox leading to information disclosure...
Denial Of Service (DoS)
frr is vulnerable to Denial of Service DoS. The vulnerability relies on a reachable assertion found within 'peekforas4capability' function. A malicious attacker may use this to construct and send BGP open packets to BGP peers causing a denial of serivce...
Denial Of Services (DoS)
Google Chrome is vulnerable to Denial Of Services DoS. The vulnerability exists due to the out of bounds memory access in Service Worker API, which allows an attacker to potentially exploit heap corruption via a crafted HTML page...
Denial Of Services (DoS)
Google Chrome is vulnerable to Denial Of Services DoS. The vulnerability exists due to the type confusion in V8, which allows an attacker to potentially exploit heap corruption via a crafted HTML page...
Out-of-bounds Read
chromium is vulnerable to Out-of-bounds Read. Vulnerability is available within 'GPU Video' in 'Google Chrome' which allows an attacker to commit heap corruption via a crafter HTML page...
Reflected File Download
firefox is vulnerable to Reflected File Download. The vulnerability exists when handling the filename directive in the Content-Disposition header, and the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks, potentially...
Server-side Request Forgery (SSRF)
openapi-generator is vulnerable to Server-side Request Forgery SSRF. The vulnerability exists due to the improper validation in the /api/gen/clients/language path, allowing an attacker to access network resources and sensitive information via a crafted API request...
Information Disclosure
samba is vulnerable to Information Disclosure. An attacker is able to obtain confidential BitLocker recovery keys from a samba AD DC, because confidential attribute disclosure vi LDAP filters was insufficient...
Denial Of Service (DoS)
openssl is vulnerable to Denial of Service DoS attacks. An attacker is able to create a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service DoS attack on affected systems...
Information Disclosure
jenkins-2-plugins is vulnerable to Information Disclosure. The webhook endpoint provides information about which jobs were triggered or scheduled for polling through its webhook endpoint, including jobs the user has no permission to access, resulting in disclosure of sensitive information...
Denial Of Service (DoS)
Google Chrome is vulnerable to Denial Of Service DoS. The vulnerability exists due to the heap buffer overflow in the Web Audio API, which allows an attacker to potentially exploit heap corruption via a crafted HTML page, leading to an application crash...
Denial Of Service (DoS)
vim is vulnerable to Denial Of Service DoS. The vulnerability exists due to the heap-based buffer overflow in the library, which allows an attacker to cause an application crash...
Denial Of Service (DoS)
Google Chrome is vulnerable to Denial Of Service DoS. The vulnerability exists due to the use after free in the SwiftShader, which allows an attacker to potentially exploit heap corruption via a crafted HTML page, leading to an application crash...
XML External Entity (XXE)
php-dompdf is vulnerable to XML External Entity XXE attacks. SVG images are not processed through Dompdf's resource validation logic, allowing attackers to use remote resources, local filesystem paths, and vulnerable protocols without restriction...
Denial Of Service (DoS)
log4j:log4j is vulnerable to Denial of Service DoS attacks. The vulnerability is due to the Chainsaw or SocketAppender components processing a logging entry with either a deeply nested hashmap or hashtable, which can lead to memory exhaustion when the object is deserialized. An attacker can submi...
Privilege Escalation
systemd is vulnerable to Privilege Escalation. The vulnerability occurs because systemd does not set 'LESSSECURE' to 1 and due to this programs can be launched from the less program without privileges. This can be exploited when running systemctl from Sudo, since less executes as root when the...
Denial Of Service (DoS)
linux is vulnerable to Denial of Service DoS attacks. A malicious user is able to cause the application to crash via drivers/gpu/vmxgfx/vmxgfxkms.c in GPU component in the device file /dev/dri/renderD128...
Denial Of Service (DoS)
Linux kernel is vulnerable to Denial Of Service DoS. The vulnerability exists due to the null pointer dereference bug in the traffic control subsystem, allowing an attacker to cause an application crash via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class"...
Arbitrary Code Execution
elastic/elasticsearch is vulnerable to Arbitrary Code Execution. The vulnerability exists due to a redirect issue that leads to a user being redirected to an arbitrary website if they use a maliciously crafted kibana url...
Denial Of Service (DoS)
github.com/golang/net is vulnerable to Denial of Service DoS attacks. An attacker is able to cause excessive CPU consumption through the HPACK decoder via a small number of maliciously crafted HTTP/2 stream requests, resulting in an application crash...
Denial Of Service (DoS)
go is vulnerable to Denial of Service DoS attacks. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses...
Use-after-free
kernel is vulnerable to Use-after-free. A race condition between the VTDISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free resulting in an application crash...
Denial Of Service (DoS)
bind is vulnerable to Denial of Service DoS attacks. A malicious user is able to cause n application crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query...
Arbitrary Code Execution
webkitgtk is vulnerable to arbitrary code execution. Processing maliciously crafted web content may lead to arbitrary code execution which occurs when processing maliciously crafted HTML content in WebKit allowing a remote attacker to trick the victim into visiting a specially crafted website,...
Reverse Tabnabbing
texthelpers is vulnerable to reverse tabnabbing. The vulnerability exists in multiple functions in translation.rb due to lack of proper regular expression which allows an attacker to use web links to untrusted targets with window.opener access...
Denial Of Service (DoS)
loofah is vulnerable to denial of service. The vulnerability exists due to uncontrolled recursion used in the CDATA sections of the library, which allows an attacker to cause an application crash through malicious input...
Denial Of Service (DoS)
netty-codec-haproxy is vulnerable to Denial Of Service DoS. The vulnerability is due to a StackOverflowError in the HAProxyMessage.java as it does not properly limit the maximum nesting of TLV, allowing an attacker to cause an application crash via infinite recursion by passing a maliciously...