38153 matches found
Improper Input Validation
chromium is vulnerable to improper input validation. The vulnerability exists due to the library does not properly validate user input in Intents...
Denial Of Service (DoS)
github.com/helm/helm is vulnerable to denial of service. The vulnerability exists in setIndex function in parser.go because a maximum index is not defined when setting index which allows an attacker to cause an application crash...
Remote Code Execution (RCE)
vim is vulnerable to remote code execution. The vulnerability exists due to a Use After Free which allowing an attacker to inject maliciously crafted script into the system...
Denial Of Service (DoS)
ImageMagick is vulnerable to Denial Of Service DoS. The vulnerability exists due to an integer overflow via the ExportIndexQuantum function, which then calls to the GetPixelIndex function, resulting in values outside the representable range being assigned for the unsigned char variables, leading ...
Privilege Escalation
ansible is vulnerable to privilege escalation. A remote authenticated attacker with change user permissions is able to modify the account settings of the superuser account and/or remove the superuser privileges...
Denial Of Service (DoS)
u-boot is vulnerable to denial of service. The vulnerability exists due to the integer signedness error, resulting stack stack-based buffer overflow in the i2c md command, which enables the corruption of the return address pointer of the doi2cmd function...
Cross-site Scripting (XSS)
core.wcm.components.core is vulnerable to cross-site scripting. The vulnerability exists because the stream function of AdaptiveImageServlet.java does not properly encode the imageName attribute, allowing an attacker to inject and execute malicious javascript through the crafted SVG image...
Remote Code Execution (RCE)
chrome is vulnerable to remote code execution. The vulnerability exists due to Insufficient policy enforcement in Cookies allowing an attacker to inject maliciously crafted code into the system...
Denial Of Service (DoS)
vim is vulnerable to denial of service. The vulnerability exists due to an Out-of-bounds Read allowing an attacker to crash the system with a maliciously crafted string constant...
Double Free
Linux kernel is vulnerable to double free. The vulnerability exists in usb8devstartxmit in drivers/net/can/usb/usb8dev.c because is no need to call devkfreeskb when usbsubmiturb fails because canputechoskb deletes original skb and canfreeechoskb deletes the cloned skb causing a double free...
Information Disclosure
samba is vulnerable to information disclosure. The vulnerability exists due to the incorrect implementation of password reset functionality, allowing an attacker to leak memory information and change other users’ passwords, including admin or crash the application...
Denial Of Service (DoS)
webkit2gtk is vulnerable to denial of service. The vulnerability exists due to an out-of-bound issue which allows a remote attacker to send maliciously crafted web content that may lead to arbitrary code execution...
Cross-site Scripting (XSS)
libxml2.so is vulnerable to cross-site scripting. The vulnerability exists in the htmlAttrDumpOutput function in HTMLtree.c due to a lack of sanitization in the escaped variable which allows an attacker to inject and execute malicious javascript...
Denial Of Service (DoS)
go is vulnerable to Denial Of Service DoS. The vulnerable exists in globWithLimit and Glob functions in glob.go because the the number of path separators allowed by an input to Glob is not separated which allows an attacker to cause an application crash...
Use-After-Free
chromium is vulnerable to use-after-free. The vulnerability will allow an attacker to exploit a heap corruption via a crafted HTML page by convincing an user to install a malicious extension...
Type Confusion
chromium is vulnerable to type confusion. A remote attacker is able to exploit a heap memory corruption issue via a crafted HTML page, which leads to a use-after-free state in V8 module...
Command Injection
python is vulnerable to command injection. The vulnerability exist due to mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input...
Privilege Escalation
github.com/argoproj/argo-cd is vulnerable to privilege escalation. Lack of enforcement of access restriction by application resource API allows an attacker to escalate the privileges to admin-level...
Denial Of Service (DoS)
ujson is vulnerable to denial of service. The vulnerability exists in decodestring function in ultrajsondec.c when reallocation of buffer fails during string decoding which frees the buffer twice causing an application crash...
Denial Of Service (DoS)
libtiff.so is vulnerable to denial of service. The vulnerability exists because of converting double to uint32t with uint32t when divided by zero which allows an attacker to cause an application crash via a crafted file...
Out-of-Bounds Read
vim is vulnerable to Out-of-bounds Read. The vulnerability exists due to a memory corruption which allows an attacker to cause an application crash...
Information Disclosure
guzzlehttp/guzzle is vulnerable to information disclosure. The vulnerability exists because the modifyRequest function of RedirectMiddleware.php does not properly strip the authorization header or cookie header on a change in host or HTTP downgrade, allowing an attacker to get sensitive informati...
Integer Underflow
ntfs is vulnerable to integer underflow. The vulnerability exists in fuselibreaddir which allows an attacker to read arbitrary memory read operations in NTFS-3G when using libfuse-lite...
Denial Of Service (DoS)
.NET and Visual Studio is vulnerable to Denial of Service. The vulnerability exists due to a flaw was found in dotnet allowing an attacker to crash the system by parsing HTML forms...
Cross-site Scripting (XSS)
spip is vulnerable to cross-site scripting. An attacker can inject and execute malicious javascript through the spip.php...
Use-After-Free
vim is vulnerable to use-after-free. The vulnerability exists in appendcommand which allows an attacker to cause a memory corruption which then leads to an application crash...
Heap-based Buffer Overflow
pillow is vulnerable to a heap buffer overflow. The vulnerability exists in the ImagingTgaRleDecode of TgaRleDecode.c due to a lack of input validation which allows an attacker to inject maliciously crafted tga image and crash the system...
User Impersonation Via Anonymous Access
github.com/argoproj/argo-cd is vulnerable to user impersonation. An attacker is able to send an invalid JSON Web Token JWT along with a request if anonymous access to the Argo CD instance is enabled, allowing an unauthenticated user to get access with same privilege, create, manipulate and delete...
Denial Of Service (DoS)
libtiff.so is vulnerable to denial of service DoS attacks. A malicious user is able to cause denial-of-service conditions via an out-of-bounds read in LZWDecode in libtiff/tiflzw.c through a crafted tiff file...
Host Header Injection
craftcms/cms is vulnerable to host header injection. The vulnerability exists due to the lack of validation in the password reset token in processInvalidToken function of UsersController.php, allowing an attacker with valid email addresses or account names to manipulate the password reset...
Denial Of Service (DoS)
chrome is vulnerable to denial of service. The vulnerability exists due to an Out of bounds memory access in UI Shelf which allows an attacker to cause an application crash...
Memory Leak
qemu is vulnerable to a memory leak. The vulnerability exists in virtio-net device of qemu where it forgets to unmap the cached virtqueue element on error where a malicious privileged guest could exploit this issue to crash qemu within the context of the qemu process on the host...
Path Traversal
org.owasp.esapi:esapi is vulnerable to path traversal. A remote authenticated user is able to break out of expected directory via a crafted input through getValidDirectoryPath function, because it may incorrectly treat the tested input string as a child of the specified parent directory...
Remote Code Execution (RCE)
qemu is vulnerable to re,mote code execution. The vulnerability exists in nvmectrlreset function which is triggered by the reentrancy write triggers where a malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition or, potentially,...
Privilege Escalation
qemu is vulnerable to privilege escalation. The vulnerability exists due to a lack of validation of authorization which allows an attacker to create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is...
XML External Entity (XXE) Injection
Opensagres XDocReport Document is vulnerable to XML external entity injection. The vulnerability exists in preprocess function in SAXXDocPreprocessor because the XML parser is not properly configured which allows an attacker to inject malicious XML input via weakly configured parser...
Privilege Escalation
virtualbox is vulnerable to privilege escalation. The vulnerability exists due to improper access control which allows an attacker to access, insert, update and delete critical data in oracle vm...
Insecure Defaults
github.com/cri-o/cri-o is vulnerable to insecure defaults. The vulnerability exists because its containers started incorrectly with non-empty inheritable Linux process capabilities, allowing an unprivileged user to gain inheritable file capabilities up to the container's bounding set...
Denial Of Service (DoS)
golang.org/x/crypto is vulnerable to Denial Of Service DoS. The vulnerability exists in readCipherPacket function which allows an unauthenticated attacker to send an empty plaintext packet to a program linked with golang.org/x/crypto/ssh causing a panic which potentially leads to an application...
Heap Buffer Overflow
heap buffer overflow in getonesourceline in GitHub repository vim/vim prior to 8.2.4647...
Denial Of Service (DoS)
firefox is vulnerable to Denial Of Service DoS. The vulnerability exists due to lack of sanitization of regex which allows an attacker to crash the application via malicious input...
Remote Code Execution (RCE)
Dompdf is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of the font type via a .php file in the src:url field of an @font-face Cascading Style Sheets CSS statement within an HTML input file...
Improper Input Validation
guzzlehttp/psr7 is vulnerable to improper input validation. The vulnerability exists in the normalizeHeaderValue function in the MessageTrait.php file allowing an attacker to modify the new line character with an untrusted value...
Side-Channel Attacks
hostapd is vulnerable to side channel attack. The vulnerability exists due to cache access patterns...
Denial Of Service (DoS)
Apache is vulnerable to denial of service. The vulnerability exists because a carefully crafted request body can cause a read to a random memory area which could cause the process to crash...
Buffer Overflow
vim is vulnerable to buffer overflow. The vulnerability exists due to the use of Out-of-range Pointer Offset...
Directory Traversal
Rust is vulnerable to directory traversal. The vulnerability exists due to a race condition which allows an attacker to access the file system of the application...
Cross-site Scripting (XSS)
Liferay Frontend Taglib Clay is vulnerable to cross-site scripting. The vulnerability exists in processStartTag function of ManagementToolbarTag.java because the keyword in the search function is not escaped which allows an attacker to inject and execute arbitrary javascript...
Remote Code Execution (RCE)
razorengine is vulnerable to remote code execution. The vulnerability exists because it does not sanitize the CAS code access security of an insecure sandboxed environment, allowing an attacker to execute maliciously crafted .NET code into the system...
Use After Free
libarchive is vulnerable to Use After Free. libarchive The vulnerability exists due to the lack of sanitization of the copystring...