38332 matches found
User Impersonation Via Anonymous Access
github.com/argoproj/argo-cd is vulnerable to user impersonation. An attacker is able to send an invalid JSON Web Token JWT along with a request if anonymous access to the Argo CD instance is enabled, allowing an unauthenticated user to get access with same privilege, create, manipulate and delete...
Information Disclosure
eventsource is vulnerable to information disclosure. The vulnerability exists in few function in eventsource.js due to the leakage of cookies and authorization headers to external sites which allows an attacker to steal user credentials and perform unauthorized actions...
Denial Of Service (DoS)
libtiff.so is vulnerable to denial of service DoS attacks. A malicious user is able to cause denial-of-service conditions via an out-of-bounds read in LZWDecode in libtiff/tiflzw.c through a crafted tiff file...
Host Header Injection
craftcms/cms is vulnerable to host header injection. The vulnerability exists due to the lack of validation in the password reset token in processInvalidToken function of UsersController.php, allowing an attacker with valid email addresses or account names to manipulate the password reset...
Privilege Escalation
qemu is vulnerable to privilege escalation. The vulnerability exists due to a lack of validation of authorization which allows an attacker to create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is...
XML External Entity (XXE) Injection
Opensagres XDocReport Document is vulnerable to XML external entity injection. The vulnerability exists in preprocess function in SAXXDocPreprocessor because the XML parser is not properly configured which allows an attacker to inject malicious XML input via weakly configured parser...
Insecure Defaults
github.com/cri-o/cri-o is vulnerable to insecure defaults. The vulnerability exists because its containers started incorrectly with non-empty inheritable Linux process capabilities, allowing an unprivileged user to gain inheritable file capabilities up to the container's bounding set...
Denial Of Service (DoS)
subversion is vulnerable to denial of service. The vulnerability exists due to a use after free memory corruption...
Denial Of Service (DoS)
libxml2 is vulnerable to denial of service. The vulnerability exists due to an integer overflow in xmlmemory.c...
Arbitrary File Upload
express-fileupload is vulnerable to arbitrary file upload. The vulnerability exists due to a lack of verification of the number of files being sent to the writeStream function...
Denial Of Service (DoS)
ruby is vulnerable to denial of service. The vulnerability exists due to a Double free in Regexp compilation which allows an attacker to crash the application via malicious input...
Denial Of Service (DoS)
nokogiri is vulnerable to Denial Of Service DoS. SAX parser's inefficient entity handling for regular expressions causes excessive backtracking when a malicious documents are parsed which allows an attacker to cause an application crash...
Arbitrary File Write
libarchive is vulnerable to arbitrary file write. An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would...
Denial Of Service (DoS)
firefox is vulnerable to Denial Of Service DoS. The vulnerability exists due to lack of sanitization of regex which allows an attacker to crash the application via malicious input...
Heap-based Buffer Overflow
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2...
Symlink Attack
github.com/beego/beego is vulnerable to symlink attack. Lack of sufficient check for the existence of files created allows an attacker to use MemProf and GetCPUProfile commands to trigger the symbolic link attack locally...
Remote Code Execution (RCE)
Dompdf is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of the font type via a .php file in the src:url field of an @font-face Cascading Style Sheets CSS statement within an HTML input file...
HTTP Request Smuggling
puma is vulnerable to HTTP request smuggling. When using the library behind a proxy that does not properly validate the incoming HTTP requests with the RFC7230 standard, puma and the frontend proxy contradict on where one request starts and where it ends, resulting in requests to be smuggled via...
Information Exposure
topthink/think is vulnerable to information exposure. The vulnerability exists due to a lack of input validation which allows an attacker to access sensitive informations in the system...
Privilege Escalation
MariaDB is vulnerable to privilege escalation. The vulnerability exists due to a Heap-based Buffer Overflow Privilege Escalation Vulnerability...
Side-Channel Attacks
hostapd is vulnerable to side channel attack. The vulnerability exists due to cache access patterns...
Denial Of Service (DoS)
vim is vulnerable to denial of service. The vulnerability exists due to an Out-of-range Pointer Offset...
Buffer Overflow
vim is vulnerable to buffer overflow. The vulnerability exists due to the use of Out-of-range Pointer Offset...
Remote Code Execution (RCE)
cyrus-sasl is vulnerable to remote code execution. The vulnerability exists due to an unescaped password for a SQL INSERT or UPDATE statement...
Denial Of Service (DoS)
php is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization of changes to string objects in the zendstringextend function in Zend/zendstring.h...
Remote Code Execution (RCE)
razorengine is vulnerable to remote code execution. The vulnerability exists because it does not sanitize the CAS code access security of an insecure sandboxed environment, allowing an attacker to execute maliciously crafted .NET code into the system...
Denial Of Service (DoS)
firefox is vulnerable to denial of service. The vulnerability exists due to a use-after-free was discovered when removing an XSLT parameter in some circumstances...
Information Disclosure
github.com/containerd/containerd is vulnerable to information disclosure. Remote unauthenticated attackers are able to gain access read-only copies of arbitrary files and directories on the host via a specially-crafted image configuration resulting in disclosure of sensitive information...
Denial Of Service (DoS)
libvirt.so is vulnerable to denial of service. Lack of proper handling of a locked virStoragePoolObj object to release on ACL permission failure in the function virStoragePoolLookupByTargetPath allows other users to access storage pool APIs, causing an application crash...
Denial Of Service (DoS)
libexpat.so is vulnerable to denial of service. The vulnerability exists due to the heap overflow in the resolveinstalled function of solver.c, allowing an attacker to cause an application crash...
Information Disclosure
github.com/portainer/agent is vulnerable to information disclosure. The API server may continue running even after the associated Portainer instance connection is terminated allowing remote attackers to gain access to sensitive information...
Validation Bypass
github.com/cri-o/cri-o is vulnerable to Validation Bypass. When an attacker creates a pod with a hostIPC and hostNetwork kernel namespace, the attacker is able to apply sysctls from the list of safe sysctls specified for the cluster resulting in unauthorized access due to insufficient validations...
Denial Of Service (DoS)
vim is vulnerable to denial of service. The vulnerability exists due to a use After Free...
Remote Code Execution (RCE)
firefox is vulnerable to remote code execution. The vulnerability when a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible...
Denial Of Service (DoS)
openjdk1 is vulnerable to denial of service. The vulnerability exists due to improper input validation in the ImageIO component allows attacker to perform service disruption...
Improper Input Validation
openjdk11, edge is vulnerable to improper input validation. The vulnerability exists due to improper input validation within the JAXP component allow attacker to exploit this vulnerability to gain access to sensitive information...
Denial Of Service (DoS)
util-linux:sid is vulnerable to denial of service...
Information Disclosure
github.com/grafana/grafana is vulnerable to information disclosure. When the forward auth identity is enabled, the library sends the OAuth identity of the most recently logged-in user when sending a query to the data source, allowing an attacker to retrieve sensitive data from the most recently...
Remote Code Execution (RCE)
chromium-browser is vulnerable to remote code execution. The vulnerability exists due to the issue in the Object lifecycle in ANGLE...
Type Confusion
Google Chrome is vulnerable to type confusion which allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Use After Free
chrome is vulnerable to use-after free. The vulnerability exists due to a heap corruption via a crafted Chrome Extension...
Information Dislcosure
pillow is vulnerable to information disclosure. The vulnerability exists because the pillow doesn't restrict the builtins available in eval function of ImageMath.py which allows an attacker to evaluate arbitrary expressions and gain access to sensitive information...
Denial Of Service (DoS)
libexpat.so is vulnerable to denial of service. The vulnerability exists due to the integer overflow in the lookup of xmlparse.c, allowing an attacker to cause an application crash...
Remote Code Execution (RCE)
h2 is vulnerable to remote code execution. The vulnerability exists due to the use of javax.naming.Context.lookup method which performs JNDI lookup,as a dangerous function/sink, allowing an attacker to load custom class/ remote LDAP/RMI queries and execute malicious code in a process with H2...
Spoofing Attack
Thunderbird and Firefox are vulnerable to spoofing attack. The vulnerability exists due to a misuse of a race in the notification code allowing an attacker to forcefully hide the notification for pages that had received full screen and pointer lock access...
Remote Code Execution (RCE)
thunderbird is vulnerable to remote code execution. The vulnerability exists due to the lack of sanitization of the execution context which allows Javascript to be enabled in the composition area...
Privilege Escalation
github.com/grafana/grafana is vulnerable to privilege escalation. The vulnerability exists due to a mechanism which allowed users with the Organization Admin role to list, add, remove, and update users roles in other organizations in which they are not an admin...
LDAP Injection
github.com/stevenweathers/thunderdome-planning-poker is vulnerable to LDAP injection. Lack of an escape filter allows remote attackers to inject specially crafted values through UserName parameter resulting in LDAP injection vulnerability. Successful attackers are able to read, modify or delete...
Denial Of Service (DoS)
qt5-qtwebengine:edge is vulnerable to denial of service...
Denial Of Service (DoS)
MySQL is vulnerable to denial of service. An attacker is able to exploit the vulnerability by accessing the network and crashing the system...