38332 matches found
Sensitive Information Disclosure
GnuTLS is vulnerable to Sensitive Information Disclosure. The vulnerability is due to exploiting deterministic behavior in systems like GnuTLS, particularly when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, which can lead to a noticeable step in nonce size from 513 to 512 bits, exposing a...
Local File Inclusion
voila is vulnerable to Local File Inclusion. The vulnerability is due to improper handling of file paths within app.py which allows an attacker to access readable files on the server's filesystem...
Infinite Loop
protobuf is vulnerable to an infinite loop. The vulnerability is due to improper handling of malformed JSON structures, specifically when unmarshaling into messages containing a google.protobuf.Any value or when the UnmarshalOptions.DiscardUnknown option is set. This can potentially leads to deni...
Improper Access Control
org.springframework.security: spring-security-core is vulnerable to Authentication Bypass. The vulnerability is due to the isFullyAuthenticated method within the AuthenticatedVoter class incorrectly returning true if the authentication parameter is null, resulting in broken access control. Note...
XML Entity Expansion
libexpat is vulnerable to XML Entity Expansion. The vulnerability is caused due to insufficient input validation and handling of external entities in the XML parser. This allows an attacker to perform an XML Entity Expansion attack...
Data Amplification
github.com/go-jose/go-jose is vulnerable to Data Amplification. The vulnerability due to insufficient checks or controls in the handling of compressed data within the Decrypt or DecryptMulti functions. Specifically, when an attacker sends a JSON Web Encryption JWE containing compressed data, the...
Denial Of Service (DoS)
jose is vulnerable to Denial Of Service DoS. This vulnerability is due to a flaw in the support for decompressing plaintext post-decryption. An attacker can exploit a scenario with exceptionally high compression ratios, leading to JWE token lengths falling below application-defined limits. This...
Denial Of Service (DoS)
Django is vulnerable to Denial Of Service DoS. The vulnerability is due to inefficient string processing within the intcomma template filter when a long string is parsed. This issue can be exploited by an attacker to cause DoS...
Bleichenbacher Timing Attack
M2Crypto is vulnerable to Bleichenbacher Timing Attack. The vulnerability is due insecure padding schemes, resulting in the exposure of confidential or sensitive data...
Use After Free
libxml2 is vulnerable to Use After Free. The vulnerability is caused due to a lack of validation within the xmlTextReader module. When parsing a crafted XML document using the XML Reader interface with DTD validation and XInclude expansion enabled, a xmlValidatePopElement use-after-free exception...
Information Leak
Google Chrome is vulnerable to Information Leak. The vulnerability is caused due to Inappropriate implementation in Extensions API that causes an attacker to convince a user to install a malicious extension. This can be exploited to leak cross-origin data via a crafted Chrome Extension...
Use After Free
chromium is vulnerable to Use After Free. The vulnerability is due to improper handling of memory within the Network component, This potentially allowing a remote attacker to exploit heap corruption through a malicious file and can leads to Denial of service...
Denial Of Service (DOS)
mariadb is vulnerable to Denial Of Service DOS. The vulnerability is due to how the InnoDB component handles certain conditions, allowing a high privileged attacker with network access via multiple protocols to cause a hang or frequently repeatable crash of the MySQL Server...
Out-of-bounds Write
openssl:edge is vulnerable of Out-of-bounds Write. The vulnerability due to the application state might be corrupted with various application dependent consequences when returning to the caller. It allows an attacker could get complete control of the application process which leads to denial of...
Denial Of Service (DoS)
libtiff.so is vulnerable to Heap-based Buffer Overflow. The vulnerability is due to a lack of validation for row parameter in the TIFFReadRGBATileExt function within tifgetimage.c. This flaw allows a remote attacker to pass a crafted TIFF file to which results in improper handling of data, causin...
Expired Pointer Dereference
squid is vulnerable to Expired Pointer Dereference. The vulnerability is due to the usage of a pointer after dereference. An attacker can exploit this vulnerability to mount a Denial Of Service DOS attack against Cache Manager error responses when generating error pages for Client Manager reports...
Out-of-bounds Write
qemu is vulnerable to Out-of-bounds Write. The vulnerability is due to there is no proper bounds checking in the virtionetflushtx function of QEMU's virtio-net device when certain guest features are enabled. This oversight allows for a stack-based buffer overflow, enabling a malicious user to...
SQL Injection
jeecg-boot is vulnerable to SQL Injection. The vulnerability is due to improper input validation within the /sys/replicate/check component. This could allow an attacker to inject malicious input leading to SQL Injection...
Cross-Site Scripting
cacti is vulnerable to Cross-Site Scripting. The vulnerability is due to in templatesimport.php When uploading an xml template file, if the XML file does not pass the check, the server will give a JavaScript pop-up prompt, which contains unfiltered xml template file name, potentially leads to XSS...
SQL Injection
Cacti is vulnerable to SQL Injection. The vulnerability is due to a lack of input sanitization in pollers.php script. This allows an attacker to potentially execute malicious SQL code, resulting in a SQL injection...
Directory Traversal
Asterisk is vulnerable to Directory Traversal. The vulnerability arises because it allows the reading of any arbitrary file, even when the livedangerously setting is not enabled.This allows arbitrary files to be read...
Denial Of Service (DoS)
github.com/golang/go is vulnerable to Denial Of Service DoS. The vulnerability exists because the readChunkLine function in chunked.go does not properly check the bytes from the request or response body. A malicious attacker can exploit this to cause a server to automatically read a large amount ...
Code Injection
dotnet is vulnerable to Code Injection. The vulnerability is due to lack of adequate validation for untrusted URIs provided to System.Net.WebRequest.Create. This allows an attacker can provide a specially crafted URI to the WebRequest.Create method, that could potentially execute arbitrary comman...
Denial Of Service
Reactor Netty HTTP Server is vulnerable to Denial Of Service DOS. The vulnerability is due to the improper validation of HTTP requests while if the micrometer integration is enabled, which can result in Denial Of Service...
Denial Of Service (DoS)
Spring Boot is vulnerable to Denial Of Service. The vulnerability is due to parsing malicious HTTP Request without proper validation or sanitization. This issue can be exploited by an attacker via crafting mailicous HTTP Request leading to Denial Of Service. Note that the following conditions mus...
Denial Of Service
Vim is vulnerable to Denial Of Service. The vulnerability is due to a floating point exception caused while calculating the line offset for overlong lines, with smooth scrolling and cpo-settings enabled...
Denial Of Service (DoS)
LibTIFF is vulnerable to Denial of Service. The vulnerability is due to mishandling memory allocation for short files in the TIFFReadDirEntryArray function. This can potentially lead to an allocation failure and application crash...
Buffer Overflows
qemu is vulnerable to Buffer Overflows. A guest I/O address overflow vulnerability allows an attacker to overwrite arbitrary memory on the host system by exploiting a flaw in the way that QEMU handles guest I/O operations...
Cross-site Scripting (XSS)
chromium is vulnerable to Remote Code Execution RCE. The vulnerability exists due to the inappropriate implementation in Payments, which allows an attacker to bypass XSS preventions via a malicious file...
Domain Spoofing
chromium is vulnerable to Domain Spoofing. The vulnerability occurs due to incorrect security UI in Picture In Picture within google chrome which allows a remote malicious attacker to perform domain spoofing via a crafted local HTML page...
Denial Of Service (DoS)
apache2 is vulnerable to Denial of Service DoS. This vulnerability allows an attacker to cause denial of service conditions on a vulnerable system by exploiting a race condition that occurs when a HTTP/2 connection is reset RST frame by a client...
Privilege Escalation
samba is vulnerable to Privilege Escalation. A design flaw in the Samba DirSync control implementation that exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs allows RODCs and users possessing the GETCHANGES right to access all attributes,...
Information Disclosure
tomcat-catalina is vulnerable to information disclosure. This vulnerability exists due to an improper request recycling mechanism, allowing an attacker to possibly access other requests...
Denial Of Service (DoS)
wireshark is vulnerable to Denial of Service DoS. A memory leak in the RTPS dissector allows a remote attacker to cause a denial of service DoS attack by sending a specially crafted RTPS packet...
Denial Of Service (DoS)
ghostscript is vulnerable to Denial Of Service DoS. A divide-by-zero vulnerability in the epsprintpage function in gdevepsn.c allows a local attacker to cause a denial of service by opening a specially crafted PDF document...
Information Disclosure
openjdk8 is vulnerable to Information Disclosure. An attacker can access the vulnerable library through the multiple network and gain read access to the subset of Oracle Java SE, Oracle GraalVM Enterprise Edition and Oracle GraalVM...
Insecure Temporary Files
org.jenkins-ci.main: jenkins-core is vulnerable to Insecure Temporary Files. The vulnerability is caused by not restricting permissions to the temporary file in the system temporary directory and leaving the newly created files with default permissions which are created by the Jenkins API...
Denial Of Service (DoS)
wireshark is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the packet-cp2179.c file. The file is responsible for decoding CP2179 packets. The vulnerability occurs when the file fails to properly check the length of a packet. This can cause Wireshark to divide by zero,...
Denial Of Service (DoS)
binutils is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the loadseparatedebugfiles function in the dwarf2.c file. The function is responsible for loading debug information from separate ELF files. The vulnerability occurs when the function fails to properly check the...
Improper Input Validation
chromium is vulnerable to Improper Input Validation. The vulnerability exists due to inappropriate implementation in Autofill in Google Chrome which allows a remote attacker to bypass navigation restrictions via a crafted HTML page...
Information Disclosure
gitlab is vulnerable to Information Disclosure. The vulnerability allows a project maintainer to access the DataDog integration API key from webhook logs resulting in disclosure of sensitive information...
Path Traversal
org.apache.shiro:shiro-web is vulnerable to Path Traversal. The vulnerability exists in InvalidRequestFilter.java because it does not properly validate downloaded files for subpaths, which allows an attacker to to write to a directory outside the restricted path...
Remote Code Execution (RCE)
gitlab is vulnerable to Remote Code Execution RCE. The vulnerability exists due to the lack of input validation of the library, which allows an attacker to inject and execute malicious code via the import from the GitHub API endpoint...
Improper Authentication
openssl is vulnerable to Improper Authentication. The vulnerability allows applications that use the 'AES-SIV' algorithm and want to authenticate empty data entries to be misled by removing adding or reordering empty entries causing the issue...
Path Traversal
apacheairflow is vulnerable to Path Traversal. The vulnerability exists because the DagRun.runid parameter is not properly sanitized which allows an attacker to gain access to unauthorized files outside the intended directory...
Improper Certificate Validation
org.keycloak:keycloak-services is vulnerable to Improper Certificate Validation. The flaw relies on enabling Revalidate Client Certificate and not validating the reverse proxy before Keycloak. An attacker is able to choose the server-validated certificate, resulting in authentication bypass...
Denial Of Service (DoS)
libcurl.so is vulnerable to Denial of Service DoS attacks. Although libcurl offers a number of backends for resolving host names, name resolves may time out if built to use the synchronous resolver to slowdown operations with alert and siglongjmp, resulting in multi-threaded application showing...
Information Disclosure
libcurl.so is vulnerable to Information Disclosure. The SSH server's public key is verified with the use of a SHA 256 hash functionality provided by the library, however if the check is unsuccessful, the fingerprint's memory will be released before an error message is returned. This issue puts...
Reflected File Download
github.com/gin-gonic/gin is vulnerable to Reflected File Download. The vulnerability exists because the FileAttachment function of context.go does not properly sanitize the filename parameter, which allows an attacker to modify the Content-Disposition header and replace the .txt file name suffix...
Denial Of Service (DoS)
distribution is vulnerable to Denial of Service DoS attacks. The vulnerability is due to the /v2/catalog endpoint which may potentially cause Denial of Service conditions on systems running on a memory restricted environment. The endpoint has an optional parameter n for the max amount of records...