38133 matches found
Cross-site Scripting (XSS)
moodle/moodle is vulnerable to cross-site scripting. The vulnerability exists in userreporttracks.php due to the lack of sanitization in user-supplied data, allowing an attacker to inject and execute malicious javascript or cause blind ssrf attacks...
Denial Of Service (DoS)
go is vulnerable to Denial Of Service DoS. The vulnerable exists in globWithLimit and Glob functions in glob.go because the the number of path separators allowed by an input to Glob is not separated which allows an attacker to cause an application crash...
Open Redirect
undici is vulnerable to open redirect. The vulnerability exists due to the insufficient checks in shouldRemoveHeader function, which results in accidental leakage of cookie headers, allowing an attacker to redirect the victim to an attacker controlled site...
Denial Of Service (DoS)
file-type is vulnerable to denial of service. The vulnerability exists in the FileTypeParser function in core.js due to a lack of input sanitization in the file type detector which allows an attacker to cause an application crash by sending mkv file...
Use-After-Free
chromium is vulnerable to use-after-free. The vulnerability will allow an attacker to exploit a heap corruption via a crafted HTML page by convincing an user to install a malicious extension...
Arbitrary Code Execution
io.fabric8:kubernetes-client is vulnerable to arbitrary code execution. Misconfigured YAML parsing in unmarshalYaml function allows local authenticated attackers to execute arbitrary code on the target machine via a maliciously crafted YAML string...
Insecure Cryptography
node uses an insecure cryptographic configuration. The vulnerability exists in opensslcommon.gypi because the default openssl.cnf directory on linux is not configured properly which allows an attacker to create new files on shared systems...
HTTP Request Smuggling
llhttp is vulnerable to http request smuggling. The vulnerability exists in the http function in http.ts due to a lack of validation and parsing of Transfer-Encoding headers which allows an attacker to smuggle HTTP requests...
Denial Of Service (DoS)
libtiff.so is vulnerable to denial of service. The vulnerability exists in tiffcrop.c due to improper configuration in data types which allows an attacker to cause an application crash via a crafted file...
Information Disclosure
guzzlehttp/guzzle is vulnerable to information disclosure. The vulnerability exists because the checkRedirect function of RedirectMiddleware.php does not properly clear the CURLOPTHTTPAUTH option on a change of origin, allowing an attacker to get sensitive information through the Authorization...
Arbitrary Code Execution
watools is vulnerable to arbitrary code execution. The vulnerability exists because of a code execution backdoor in all the versions of watools packages available in Pypi which allows an attacker to inject and execute malicious codes...
Remote Code Execution (RCE)
chromium is vulnerable to remote code execution. The vulnerability exists in url format which allows an attacker to inject and execute arbitrary codes...
Use-After-Free
vim is vulnerable to use after free. The vulnerability exists in utfptr2char function in mbyte.c because the freed memory is used when searching for pattern in path which allows an attacker to cause a memory corruption causing an application crash...
Denial Of Service (DoS)
eap7 is vulnerable to denial of service. The vulnerability exists due to a flaw that was found in Undertow which allows an attacker to cause an application crash...
Out-of-Bounds Read
vim is vulnerable to Out-of-bounds Read. The vulnerability exists due to a memory corruption which allows an attacker to cause an application crash...
OS Command Injection
es128 ssl-utils is vulnerable to os command injection. The vulnerability exists in createCertRequest and createCert functions in generate.js because the user inputs are not properly sanitized which allows an attacker to inject and execute arbitrary commands...
Denial Of Service (DoS)
servicemesh-proxy is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization which allows an attacker to crash the system via a NULL pointer dereference when using a WT filter saferegex match via a crafted request...
Heap-based Buffer Overflow
pillow is vulnerable to a heap buffer overflow. The vulnerability exists in the ImagingTgaRleDecode of TgaRleDecode.c due to a lack of input validation which allows an attacker to inject maliciously crafted tga image and crash the system...
OS Command Injection
maven-shared-utils is vulnerable to OS command injection. The vulnerability exists due to the use of double-quoted strings without proper escaping which allows an attacker to execute shell commands...
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service. Failure to check the input to tf.rawops.LSTMBlockCell to validate ranks of any of the API call arguments causes a CHECK-failure , triggering a denial of service attack...
User Impersonation Via Anonymous Access
github.com/argoproj/argo-cd is vulnerable to user impersonation. An attacker is able to send an invalid JSON Web Token JWT along with a request if anonymous access to the Argo CD instance is enabled, allowing an unauthenticated user to get access with same privilege, create, manipulate and delete...
Denial Of Service (DoS)
chromium is vulnerable to denial of service. The vulnerability exists due to use after free in Performance APIs which allows an attacker to crash the application via malicious input...
Denial Of Service (DoS)
openssl3 is vulnerable to denial of service. The vulnerability exists because the OPENSSLLHflush function reuses the memory occupied by the removed hash table entries, allowing an attacker to cause an application crash...
Denial Of Service (DoS)
libtiff.so is vulnerable to denial of service DoS attacks. A malicious user is able to cause denial-of-service conditions via an out-of-bounds read in LZWDecode in libtiff/tiflzw.c through a crafted tiff file...
Denial Of Service (DoS)
chrome is vulnerable to denial of service. The vulnerability exists due to an Out of bounds memory access in UI Shelf which allows an attacker to cause an application crash...
Path Traversal
org.owasp.esapi:esapi is vulnerable to path traversal. A remote authenticated user is able to break out of expected directory via a crafted input through getValidDirectoryPath function, because it may incorrectly treat the tested input string as a child of the specified parent directory...
Remote Code Execution (RCE)
qemu is vulnerable to re,mote code execution. The vulnerability exists in nvmectrlreset function which is triggered by the reentrancy write triggers where a malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition or, potentially,...
Privilege Escalation
qemu is vulnerable to privilege escalation. The vulnerability exists due to a lack of validation of authorization which allows an attacker to create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is...
Privilege Escalation
virtualbox is vulnerable to privilege escalation. The vulnerability exists due to improper access control which allows an attacker to access, insert, update and delete critical data in oracle vm...
Insecure Defaults
github.com/cri-o/cri-o is vulnerable to insecure defaults. The vulnerability exists because its containers started incorrectly with non-empty inheritable Linux process capabilities, allowing an unprivileged user to gain inheritable file capabilities up to the container's bounding set...
SQL Injection
blazer is vulnerable to sql injection attacks. The library does not properly sanitize user input which allows an attacker to inject malicious sql queries and modify system data...
Denial Of Service (DoS)
ruby is vulnerable to denial of service. The vulnerability exists due to a Double free in Regexp compilation which allows an attacker to crash the application via malicious input...
Heap Buffer Overflow
heap buffer overflow in getonesourceline in GitHub repository vim/vim prior to 8.2.4647...
Use After Free
firefox is vulnerable to use after free. The vulnerability exists when a use-after-free could is triggered using a link with rel="localization" by destroying an object during JavaScript execution and then referencing the object through a freed pointer which causes an application crash...
Remote Code Execution (RCE)
Dompdf is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of the font type via a .php file in the src:url field of an @font-face Cascading Style Sheets CSS statement within an HTML input file...
Path Traversal
github.com/argoproj/argo-cd is vulnerable to path traversal. The vulnerability exists in the resolveSymbolicLinkRecursive function of the repository.go, which allows a malicious user with write and update permissions to craft malicious Helm chart and gain access to sensitive information in the...
Denial Of Service (DoS)
Apache is vulnerable to denial of service. The vulnerability exists because a carefully crafted request body can cause a read to a random memory area which could cause the process to crash...
Denial Of Service (DoS)
vim is vulnerable to denial of service. The vulnerability exists due to an Out-of-bounds Read...
Buffer Overflow
pjproject is vulnerable to buffer overflow. The vulnerability exists due to a stack overflow in PJSUA API when calling pjsuaplayercreate...
Buffer Overflow
vim is vulnerable to buffer overflow. The vulnerability exists due to the use of Out-of-range Pointer Offset...
Directory Traversal
Rust is vulnerable to directory traversal. The vulnerability exists due to a race condition which allows an attacker to access the file system of the application...
Denial Of Service (DoS)
php is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization of changes to string objects in the zendstringextend function in Zend/zendstring.h...
Denial Of Service (DoS)
libvirt.so is vulnerable to denial of service. Lack of proper handling of a locked virStoragePoolObj object to release on ACL permission failure in the function virStoragePoolLookupByTargetPath allows other users to access storage pool APIs, causing an application crash...
Use After Free
libarchive is vulnerable to Use After Free. libarchive The vulnerability exists due to the lack of sanitization of the copystring...
Denial Of Service (DoS)
libsolv.so is vulnerable to denial of service. The vulnerability exists due to a heap-based buffer overflow in solversolve function in solver.c as it doesn't handle size when setting and resetting memory which leads to an application crash...
Denial Of Service (DoS)
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitra...
Denial Of Service (DoS)
webkit2gtk:edge is vulnerable to denial of service...
Information Disclosure
cobbler is vulnerable to information disclosure. The vulnerability exists because the library does not properly restrict the config file accessibility, which allows an attacker who has access to the server to open an authenticated session with a cobbler daemon...
DNS Spoofing
mellium.im/xmpp is vulnerable to DNS spoofing. The vulnerability exists due to a lack of verification of the host name allowing an attacker to potentially deceive the user with a malicious DNS ID because the library does not properly verify TLS certification...
Directory Traversal
firefox is vulnerable to directory traversal. The vulnerability exists due to a Time-of-Check Time-of-Use bug existed in the Maintenance Updater Service that could be abused to grant Users write access to an arbitrary directory. This bug only affects Firefox on Windows. Other operating systems ar...