38332 matches found
Certificate Validation
curl is vulnerable to Certificate Validation. The vulnerability is due to a flaw in libcurl when built with wolfSSL and the error path inadvertently bypassing certificate verification when encountering unknown or bad ciphers or curves, allows for certificate verification to be skipped for QUIC...
Off-by-one Error
libvirt.so is vulnerable to Off-by-one Error. The vulnerability is due to a miscalculation in the udevListInterfacesByStatus function when the number of interfaces exceeds the size of the names array. This issue can be exploited by sending specially crafted data to the libvirt daemon, enabling an...
Inappropriate Implementation
Google Chrome is vulnerable to Inappropriate Implementation. The vulnerability is due to an implementation error in the V8 engine, allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Insecure Deserialisation
clearml is vulnerable to Insecure Deserialisation. The vulnerability is due to Deserialisation of untrusted data. An attacker can upload a malicious pickle file via the project API to run arbitrary code on an end user's system...
Denial Of Service
chromium is vulnerable to Denial Of Service. The vulnerability is due to an integer underflow in WebUI. A remote attacker can potentially exploit heap corruption via a malicious file...
Heap Buffer Overflow
libxml2 is vulnerable to Heap Buffer Overflow. The vulnerability is due to improper bound checking. This issue can be exploited by an attacker via parsing a malicious file to execute arbitrary code within the context of an unprivileged process...
Improper Access Control
CRI-O is vulnerable to Improper Access Control. The vulnerability is due to improper restrictions of the experimental io.kubernetes.cri-o.UnifiedCgroup annotation, which results in container resources being unconfined. This issue can be exploited by an attacker to specify any amount of memory/cpu...
SMTP Smuggling
Postfix is vulnerable to SMTP smuggling. The vulnerability is caused due to support for . while handling line endings. A remote attacker can exploit this using published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection...
Integer Overflow
xwayland:sid is vulnerable to Integer Overflow. The vulnerability due to xorg-server crafted request to RRChangeProviderProperty or RRChangeOutputProperty. It leads to allow an attacker to a disclosure of sensitive information...
Buffer Overflow
chromium:sid is vulnerable to buffer overflow. The vulnerability due to to access a memory location after the memory has been freed or deallocated. It allow a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Use After Free
Chromium is vulnerable to Use After Free. The vulnerability is due to improper memory management in Side Panel Search in Google Chrome. This allows an attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction...
Policy Bypass
nodejs is vulnerable to Policy Bypass. The vulnerability allows a malicious attacker to intercepting the resource integrity check performed by the Node.js policy feature and to get a forged checksum resulting in potential malicious code execution...
Path Traversal
galaxyimporter is vulnerable to Path Traversal. The vulnerability is due to incorrect symbolic link handing, allowing an attacker to construct a specially crafted tarball that,when imported using the galaxy importer of Ansible Automation Hub, creates a symbolic link on the disk, potentially...
Remote Code Execution (RCE)
chromium is vulnerable to Remote Code Execution RCE. The vulnerability exists due to the incorrect security UI in Downloads, which allows a remote malicious attacker to obfuscate security UI via a crafted HTML page...
Buffer Overflows
memcached is vulnerable to Buffer Overflows. An attacker could exploit this vulnerability by sending a specially crafted multiget request to a vulnerable Memcached server when there are many spaces after the "get" substring for multiget requests in proxy mode. The server would then attempt to...
Buffer Overflow
libz.so is vulnerable to Buffer Overflow. The vulnerability is present due to the absence of length checks in the filename, extrafield, and comment parameters within the zip.c. This oversight enables an attacker to trigger an integer overflow, leading to a heap-based buffer overflow in the...
Denial Of Service (DoS)
Golang.org/x/net is vulnerable to Denial of Service DoS. This vulnerability exists due to a flaw which allows a user to send a request, and quickly cancel it. The http2.Server.MaxConcurrentStreams limits the amount of allowed inflight requests, but does not handle the situation of resetting the...
Denial Of Service (DoS)
python2.7 is vulnerable to Denial Of Service DoS. The vulnerability exists due to the use after free in the library, allowing an attacker to cause an application crash through the heappushpop in heapq...
Improper Input Validation
apache-superset is vulnerable to Improper Input Validation. The vulnerability allows an attacker to trick a user into potentially registering a SQLite database connection incorrectly if an attacker employs alternative driver names such as sqlite+pysqlite or utilizes database imports. This...
Denial Of Service (DoS)
wireshark is vulnerable to Denial Of Service DoS. The vulnerability exists due to the infinite loop in the BT SDP dissector, which allows an attacker to cause an application crash via packet injection or crafted capture file...
Denial Of Service (DoS)
binutils is vulnerable to Denial Of Service DoS. The vulnerability exists in the bfdmachogetsyntheticsymtab function of match-o.c, which allows an attacker to cause an aplication crash by providing a maliciously crafted input...
Denial Of Service (DoS)
libpoppler.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to the heap buffer overflow in the FoFiType1C::cvtGlyph function of fofi/FoFiType1C.cc, allowing an attacker to cause an application crash...
Denial Of Service (DoS)
w3m is vulnerable to Denial of Service DoS attacks. This vulnerability occurs when w3m parses a specially crafted HTML file that contains an out-of-bounds read. If the file is valid, w3m could crash...
Authorization Bypass
chromium is vulnerable to Authorization Bypasses. Inappropriate implementation in Extensions API allows an attacker who convinces a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension...
Privilege Escalation
gitlab is vulnerable to Privilege Escalation. This vulnerability occurs due to a flaw in the way that GitLab handles project tokens. An attacker with the "Maintainer" role on any project can exploit this vulnerability to gain the "Internal" role on the same project, which grants them elevated...
NULL Pointer Dereference
libapache2-mod-auth-openidc is vulnerable NULL Pointer Dereference. This occurs when OIDCStripCookies is set and a creafted cookie is supplied resulting in a segmentation fault, causing to denial of service conditions...
Improper Filename Validation
Thunderbird is vulnerable to Improper Filename Validation. the vulnerability is due to a lack of preventing text direction override unicode characters in filename attachments. This can allow an attacker to attach an executable file, without the extension displayed as such...
Remote Code Execution (RCE)
org.apache.jena:jena is vulnerable to Remote Code Execution RCE. Lack of proper checking for user permissions in script functions allows an attacker to upload and execute malicious code on the system via a SPARQL query...
Cross-Site Scripting (XSS)
copyparty is vulnerable to Cross-Site Scripting. The vulnerability exists due to a lack of user input validation in the ?k304= and ?setck= parameters which allows an attacker to inject and execute arbitrary JavaScript into the browser...
Denial Of Service (DoS)
gpac is vulnerable to Denial of Service DoS attacks. If keys or parameters are received from an unreliable source, applications employing DHcheck, DHcheckex, or EVPPKEYparamcheck may face lengthy delays, resulting in denial of service conditions...
Denial Of Service (DoS)
johnzon-mapper is vulnerable to Denial Of Service DoS. The vulnerability exists because it does not validate JSON user input for large numbers, which allows an attacker to inject a large number which will then be parsed by BigDecimal, resulting in Denial of Service...
Type Confusion
qt5-qtwebengine is vulnerable to Type Confusion. A malicious attacker could remotely exploit heap corruption via a crafted HTML page...
Heap-Based Buffer Overflow
libjpeg-turbo is vulnerable to Heap-Based Buffer Overflow. A malicious attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples, the application attempting to decompress the image could lead to buffer overflows...
Denial Of Service (DoS)
.NET is vulnerable to Denial of Service DoS attacks. The vulnerability is due to processing X.509 certificates, which allows a malicious user is to trigger an application crash by passing a crafted certificate...
Code Injection
nifi-hikari-dbcp-service and nifi-dbcp-base is vulnerable to Code Injection. The vulnerability exists due to improper URL validation for the database services, if an attacker has access to the database URL, an attacker can inject and execute malicious code by configuring an H2 driver...
Denial Of Services (DoS)
libssh.so is vulnerable to Denial Of Services DoS. The vulnerability exists due to a null pointer dereference during rekeying with algorithm guessing, which allows an attacker to cause an application crash when the client initiates rekeying with the firstkexpacketfollows flag in the KEXINIT messa...
Directory Traversal
n8n is vulnerable to Directory Traversal. Improper input validation for the credentialType argument of the getCredentialTranslationPath function allows directory traversal via the /rest/credential-translation endpoint, resulting in file disclosure...
Improper Input Validation
OpenJDK is vulnerable to Improper Input Validation. An attacker can update, insert or delete access to some of Oracle Java SE and Oracle GraalVM Enterprise Edition accessible data through multiple protocols...
NULL Pointer Dereference
linux-azure is vulnerable to NULL Pointer Dereference. A missing lock when clearing 'skuserdata' can lead to the vulnerability causing a potential denial of service...
Information Disclosure
virtualbox is vulnerable to Information Disclosure. A high priviledged attacker with logon capabilities to the infrastructure,can comprimize virtualbox leading to information disclosure...
Use After Free
ffmpeg is vulnerable to Use After Free. vulnerability occurs in 'libavcodec/pthreadframe.c' due to stale hwaccel state in worker threads which allows an attacker to trigger use after free...
Out-of-bounds Write
binutils is vulnerable to Out-of-bounds Write. This vulnerability results in a heap based buffer overflow within 'binutils-gdb/bfd/libbfd.c' in 'bfdgetl64'...
Denial Of Services (DoS)
Google Chrome is vulnerable to Denial Of Services DoS. The vulnerability exists due to the heap buffer overflow in Browser History, which allows an attacker to convince a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page...
Information Disclosure
samba is vulnerable to Information Disclosure. An attacker is able to obtain confidential BitLocker recovery keys from a samba AD DC, because confidential attribute disclosure vi LDAP filters was insufficient...
Information Disclosure
github.com/argoproj/argo-cd is vulnerable to Information Disclosure. The vulnerability is due to a bug that allows unauthorized users to enumerate application names by inspecting API error messages, which can then be used as a starting point for another attack...
Denial Of Service (DoS)
vim is vulnerable to Denial Of Service DoS. The vulnerability exists due to the null pointer dereference in the library, which allows an attacker to cause an application crash...
Denial Of Service (DoS)
sofia-sip is vulnerable to Denial of Service DoS attacks. An attacker is able to send a message with evil sdp to FreeSWITCH, which may cause an application crash with the use of a URL ending with %...
Authentication Bypass
curl is vulnerable to Authentication Bypass. The vulnerability exists because the SSH connection is too eager to reuse still since it keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup...
Cross-site Scripting (XSS)
WordPress is vulnerable to Cross-site Scripting XSS. An authenticated attacker can inject and execute malicious javascript in to the system...
Denial Of Service (DoS)
vim is vulnerable to Denial Of Service DoS. The vulnerability exists due to the heap-based buffer overflow in the library, which allows an attacker to cause an application crash...