Cross-site Scripting (XSS)

libxml2.so is vulnerable to cross-site scripting. The vulnerability exists in the htmlAttrDumpOutput function in HTMLtree.c due to a lack of sanitization in the escaped variable which allows an attacker to inject and execute malicious javascript...

Use-After-Free

chromium is vulnerable to use-after-free. The vulnerability will allow an attacker to exploit a heap corruption via a crafted HTML page by convincing an user to install a malicious extension...

Type Confusion

chromium is vulnerable to type confusion. A remote attacker is able to exploit a heap memory corruption issue via a crafted HTML page, which leads to a use-after-free state in V8 module...

Command Injection

python is vulnerable to command injection. The vulnerability exist due to mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input...

Privilege Escalation

github.com/argoproj/argo-cd is vulnerable to privilege escalation. Lack of enforcement of access restriction by application resource API allows an attacker to escalate the privileges to admin-level...

Denial Of Service (DoS)

ujson is vulnerable to denial of service. The vulnerability exists in decodestring function in ultrajsondec.c when reallocation of buffer fails during string decoding which frees the buffer twice causing an application crash...

Denial Of Service (DoS)

libtiff.so is vulnerable to denial of service. The vulnerability exists in tiffcrop.c due to improper configuration in data types which allows an attacker to cause an application crash via a crafted file...

Denial Of Service (DoS)

libtiff.so is vulnerable to denial of service. The vulnerability exists because of converting double to uint32t with uint32t when divided by zero which allows an attacker to cause an application crash via a crafted file...

Type Confusion

chromium is vulnerable to type confusion. A remote attacker is able to cause type confusion attacks through heap corruption in v8 module via a crafted HTML page...

Use-After-Free

vim is vulnerable to Use After Free. The vulnerability exists due to a memory corruption in the system which allows an attacker to cause an application crash...

Out-of-Bounds Read

vim is vulnerable to Out-of-bounds Read. The vulnerability exists due to a memory corruption which allows an attacker to cause an application crash...

Information Disclosure

guzzlehttp/guzzle is vulnerable to information disclosure. The vulnerability exists because the modifyRequest function of RedirectMiddleware.php does not properly strip the authorization header or cookie header on a change in host or HTTP downgrade, allowing an attacker to get sensitive informati...

Integer Underflow

ntfs is vulnerable to integer underflow. The vulnerability exists in fuselibreaddir which allows an attacker to read arbitrary memory read operations in NTFS-3G when using libfuse-lite...

Denial Of Service (DoS)

.NET and Visual Studio is vulnerable to Denial of Service. The vulnerability exists due to a flaw was found in dotnet allowing an attacker to crash the system by parsing HTML forms...

Cross-site Scripting (XSS)

spip is vulnerable to cross-site scripting. An attacker can inject and execute malicious javascript through the spip.php...

Use-After-Free

vim is vulnerable to use-after-free. The vulnerability exists in appendcommand which allows an attacker to cause a memory corruption which then leads to an application crash...

Type Confusion

chromium is vulnerable to type confusion. Heap corruption via a crafted HTML page allows remote attackers to obtain confidential user information by accessing restricted resources using type confusion attacks...

Heap-based Buffer Overflow

pillow is vulnerable to a heap buffer overflow. The vulnerability exists in the ImagingTgaRleDecode of TgaRleDecode.c due to a lack of input validation which allows an attacker to inject maliciously crafted tga image and crash the system...

User Impersonation Via Anonymous Access

github.com/argoproj/argo-cd is vulnerable to user impersonation. An attacker is able to send an invalid JSON Web Token JWT along with a request if anonymous access to the Argo CD instance is enabled, allowing an unauthenticated user to get access with same privilege, create, manipulate and delete...

Information Disclosure

strapi is vulnerable to information disclosure. A remote authenticated attacker with access to the Strapi admin panel is able to gain access to private and sensitive data, such as email and password reset tokens and compromise other users’ accounts by successfully invoking the password reset...

Information Disclosure

eventsource is vulnerable to information disclosure. The vulnerability exists in few function in eventsource.js due to the leakage of cookies and authorization headers to external sites which allows an attacker to steal user credentials and perform unauthorized actions...

Denial Of Service (DoS)

libtiff.so is vulnerable to denial of service DoS attacks. A malicious user is able to cause denial-of-service conditions via an out-of-bounds read in LZWDecode in libtiff/tiflzw.c through a crafted tiff file...

Host Header Injection

craftcms/cms is vulnerable to host header injection. The vulnerability exists due to the lack of validation in the password reset token in processInvalidToken function of UsersController.php, allowing an attacker with valid email addresses or account names to manipulate the password reset...

Denial Of Service (DoS)

chrome is vulnerable to denial of service. The vulnerability exists due to an Out of bounds memory access in UI Shelf which allows an attacker to cause an application crash...

Memory Leak

qemu is vulnerable to a memory leak. The vulnerability exists in virtio-net device of qemu where it forgets to unmap the cached virtqueue element on error where a malicious privileged guest could exploit this issue to crash qemu within the context of the qemu process on the host...

Path Traversal

org.owasp.esapi:esapi is vulnerable to path traversal. A remote authenticated user is able to break out of expected directory via a crafted input through getValidDirectoryPath function, because it may incorrectly treat the tested input string as a child of the specified parent directory...

Remote Code Execution (RCE)

qemu is vulnerable to re,mote code execution. The vulnerability exists in nvmectrlreset function which is triggered by the reentrancy write triggers where a malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition or, potentially,...

Privilege Escalation

qemu is vulnerable to privilege escalation. The vulnerability exists due to a lack of validation of authorization which allows an attacker to create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is...

XML External Entity (XXE) Injection

Opensagres XDocReport Document is vulnerable to XML external entity injection. The vulnerability exists in preprocess function in SAXXDocPreprocessor because the XML parser is not properly configured which allows an attacker to inject malicious XML input via weakly configured parser...

Privilege Escalation

virtualbox is vulnerable to privilege escalation. The vulnerability exists due to improper access control which allows an attacker to access, insert, update and delete critical data in oracle vm...

Access Control Bypass

ceph is vulnerable to access control bypass. The vulnerability exists due to a flaw which allows key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks...

Privilege Escalation

jenkins-2-plugins is vulnerable to privilege escalation. The vulnerability exists due to a lack of sanitization of the path allowing an attacker to configure Pipelines permission to read arbitrary files on the Jenkins controller file system...

Denial Of Service (DoS)

go:edge is vulnerable to denial of service DoS attacks. A malicious user is able to cause an application crash via a large amount of PEM data...

Denial Of Service (DoS)

subversion is vulnerable to denial of service. The vulnerability exists due to a use after free memory corruption...

Denial Of Service (DoS)

libxml2 is vulnerable to denial of service. The vulnerability exists due to an integer overflow in xmlmemory.c...

Denial Of Service (DoS)

golang.org/x/crypto is vulnerable to Denial Of Service DoS. The vulnerability exists in readCipherPacket function which allows an unauthenticated attacker to send an empty plaintext packet to a program linked with golang.org/x/crypto/ssh causing a panic which potentially leads to an application...

Arbitrary File Write

libarchive is vulnerable to arbitrary file write. An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would...

Heap Buffer Overflow

heap buffer overflow in getonesourceline in GitHub repository vim/vim prior to 8.2.4647...

Denial Of Service (DoS)

firefox is vulnerable to Denial Of Service DoS. The vulnerability exists due to lack of sanitization of regex which allows an attacker to crash the application via malicious input...

Symlink Attack

github.com/beego/beego is vulnerable to symlink attack. Lack of sufficient check for the existence of files created allows an attacker to use MemProf and GetCPUProfile commands to trigger the symbolic link attack locally...

HTTP Request Smuggling

puma is vulnerable to HTTP request smuggling. When using the library behind a proxy that does not properly validate the incoming HTTP requests with the RFC7230 standard, puma and the frontend proxy contradict on where one request starts and where it ends, resulting in requests to be smuggled via...

Improper Input Validation

guzzlehttp/psr7 is vulnerable to improper input validation. The vulnerability exists in the normalizeHeaderValue function in the MessageTrait.php file allowing an attacker to modify the new line character with an untrusted value...

Privilege Escalation

MariaDB is vulnerable to privilege escalation. The vulnerability exists due to a Heap-based Buffer Overflow Privilege Escalation Vulnerability...

Side-Channel Attacks

hostapd is vulnerable to side channel attack. The vulnerability exists due to cache access patterns...

Buffer Overflow

vim is vulnerable to buffer overflow. The vulnerability exists due to the use of Out-of-range Pointer Offset...

Directory Traversal

Rust is vulnerable to directory traversal. The vulnerability exists due to a race condition which allows an attacker to access the file system of the application...

Cross-site Scripting (XSS)

Liferay Frontend Taglib Clay is vulnerable to cross-site scripting. The vulnerability exists in processStartTag function of ManagementToolbarTag.java because the keyword in the search function is not escaped which allows an attacker to inject and execute arbitrary javascript...

Remote Code Execution (RCE)

razorengine is vulnerable to remote code execution. The vulnerability exists because it does not sanitize the CAS code access security of an insecure sandboxed environment, allowing an attacker to execute maliciously crafted .NET code into the system...

Denial Of Service (DoS)

firefox is vulnerable to denial of service. The vulnerability exists due to a use-after-free was discovered when removing an XSLT parameter in some circumstances...

Use After Free

libarchive is vulnerable to Use After Free. libarchive The vulnerability exists due to the lack of sanitization of the copystring...