Privilege Escalation

github.com/etcd-io/etcd is vulnerable to Privilege Escalation. The vulnerability exists due to improper authentication in v3server.go which allows an attacker to gain escalated privilege when the log level is set to debug...

Privilege Escalation

electron is vulnerable to privilege escalation. An attacker can obtain access to a bluetooth device via the web bluetooth API if the application has not configured a custom select-bluetooth-device event handler...

Information Disclosure

Curl:Edge is vulnerable to information disclosure due to an incomplete fix for CVE-2021-22898...

Arbitrary Code Execution

djv is vulnerable to Arbitrary Code Execution. An attacker is able to execute arbitrary Javascript code on the host OS by controlling the schema file...

Top-Level Navigation Restrictions Bypass

electron allows bypass of top-level navigation restrictions. The vulnerability exists as sub-frames can bypass the top-level navigation prevention through the will-navigate event...

Remote Code Execution (RCE)

chakracore is vulnerable to remote code execution. The vulnerability exists in lib/Backend/Lower.cpp through an issue with interpreting the intermediate representation IR. This CVE ID is different from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713...

Denial Of Service

dnsmasq is vulnerable to Denial of Service. The vulnerability due to KeyTrap issue when dealing with a zone that contains numerous DNSKEY DNS Key and RRSIG Resource Record Signature records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG...

Arbitrary File Overwrite

org.eclipse.jgit is vulnerable to Arbitrary File Overwrite. The vulnerability is due to a symbolic link present in a specially crafted git repository which can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem...

Race Condition

libcurl.so is vulnerable to a Race Condition. The library is susceptible to a TOCTOU race condition when it saves cookies, HSTS, and alt-svc data to a file. A victim might use the data for an intended purpose, but an attacker may overwrite the protected file...

Password Disclosure

akka-stream-kafka is vulnerable to Password Disclosure. The vulnerability exists because it does not redact the Consumer or Producer properties in logs, which allows an attacker to read credentials as plaintext through the akka.kafka.internal.KafkaConsumerActor when debug logging is enabled...

SQL Injection

php is vulnerable to SQL Injection attacks. The vulnerability exists due to an integer overflow when processing untrusted input within the PDO::quote in PDOSQLite, which allows a remote attacker to pass a specially crafted input to the application that after being processed by the affected...

Prototype Pollution

Mozilla is vulnerable to prototype pollution. An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution...

Clickjacking

swagger-ui, is vulnerable to clickjacking. It was possible to perform a clickjacking attack due to the lack of validation in the SwaggerUI function allowing a remote attacker to exploit and hijack victim click actions...

Privilege Escalation

bash is vulnerable to privilege escalation. The way privileges are dropped when started with an effective user ID not equal to the real user ID. If the setuid permission is set and the owner of the bash program is a non-root user, a local attacker is able to abuse the vulnerability to escalate...

Email Spoofing

matrixsydent allows email spoofing. Sending arbitrary emails from the Sydent email address is not handled to block, allowing a malicious user to take control of the content of invitation emails...

Directory Traversal

Linux kernel is vulnerable to directory traversal. An attacker is able to send a malicious LIO block requests to the Linux system to overwrite data on the backing store...

Cross-Site Scripting (XSS)

prismjs is vulnerable to cross-site scripting XSS. A remote attacker is able to inject and execute arbitrary Javascript via the easing preview of the Previewers plugin...

Privilege Escalation

The kernel is vulnerable to privilege escalation. A flaw in the IA32 system call emulation provided in 64-bit Linux kernels could allow a local user to escalate their privileges...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exifthumbnail function to crash or, possibly, execute arbitrary code...

Denial Of Service (DoS)

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a...

Stack-based Buffer Overflow

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to terminate unexpectedly or, potentially, execute...

Unintended Leaks Of Proxy-Authorization Header

requests is vulnerable to Unintended Leaks Of Proxy-Authorization Header. The vulnerability exists in the rebuildproxies function of sessions.py when the credentials are supplied in the URL user information component such as https://username:password@proxy:8080, which allows an attacker to gain...

Server-Side Request Forgery (SSRF)

com.amazonaws:aws-android-sdk-core is vulnerable to server-side request forgery. The vulnerability exists due to the the XML Parser component located in the XpathUtils function in aws-android-sdk-core/src/main/java/com/amazonaws/util/XpathUtils.java which allows a remote attacker to abuse server...

Information Disclosure

OpenCart is vulnerable to information disclosure. The vulnerability exists in multiple functions of backup.php, allowing an attacker to obtain database information or read server files by injecting and executing malicious SQL queries...

Regular Expression Denial Of Service (ReDoS)

shescape is vulnerable to denial of service. The vulnerability is due to insecure regex in the escapeArgBash function of unix.js which allows an attacker to crash the application by providing a malicious user input...

Authentication Bypass

erlang is vulnerable to Authentication Bypass. The vulnerability exists in due to improper authentication which allows an attacker to access client certifications via the external database authentication...

Server-Side Template Injection

ejs is vulnerable to server side template injection. Lack of protection against server-side template injection in outputFunctionName allows an attacker to inject arbitrary OS commands which are executed upon template compilation...

Denial Of Service (DoS)

Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries is vulnerable to denial of service. It allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of...

Denial Of Service (DoS)

mysql is vulnerable to denial of service DoS. The vulnerability exists in InnoDB allows an attacker cause a hang or frequently repeatable crash in the application...

Cross-site Scripting (XSS)

PHP is vulnerable to reflected XSS vulnerability. An attack can inject a malicious script on PHAR 403 and 404 error pages through request data of a request for a .phar file. It is possible due to an incomplete fix of CVE-2018-5712...

Privilege Escalation

The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way Linux kernel's Transparent Huge Pages THP implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent...

Privilege Escalation

openssh is vulnerable to privilege escalation. A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw, could us...

Denial Of Service (DoS)

memcached is vulnerable to denial of service. The UDP support of the server allows spoofed traffic amplification denial of service. A remote attacker is able to exploit the vulnerability and crash the application via a network flood to UDP port 11211...

Remote Code Execution (RCE)

knplabs/knp-snappy is vulnerable to Remote Code Execution RCE. The vulnerability is due to the library not checking the file type during upload, which allows an attacker to upload a phar:// file which will be deserialized during the fileexists function because it fails to check the file type,...

Stored Cross-site Scripting (XSS)

github.com/grafana/grafana is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to map attributes in the Geomap plugin which library does not properly sanitize, allowing an attacker with an editor role to inject and execute malicious JavaScript. If an admin user clicks on the m...

Deserialization Of Untrusted Object

litedb is vulnerable to Deserialization Of Untrusted Objects. The vulnerability is caused by differing types in JSON documents, when a JSON document contains BsonDocument types, the library converts them to POCO. If an attacker can send a plain JSON string, they can inject and execute arbitrary...

Cross-site Scripting (XSS)

phpmyadmin/phpmyadmin is vulnerable to Cross-site Scripting XSS. An authenticated user is able to execute malicious code on a victim's browser by uploading a specially-crafted .sql file through the drag-and-drop interface...

Incorrect Calculation Of Buffer Size

PHP is vulnerable to Incorrect Calculation of Buffer Size. The vulnerability exists because the core path resolution function allocates a buffer one byte too small when resolving paths with lengths close to the system MAXPATHLEN setting, leading to the byte after the allocated buffer being...

Remote Code Execution (RCE)

.NET is vulnerable to Remote Code Execution RCE. The vulnerability exists because the library does not properly validate the debugging symbols, allowing an attacker to inject and execute malicious code while reading a malicious symbols file...

Denial Of Service (DoS)

apache2 is vulnerable to Denial of ServiceDoS attacks. A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool memory location beyond the header value sent, causing the application to crash...

Denial Of Service

poppler is vulnerable to denial of service attacks. A logical error in the Hints::Hints function in the Hints.cc file allows an attacker to trick a user into opening a crafted PDf file into the pdftops utility, which causes the program to hang for a long time, leading to a denial of service...

Double Free

Curl is vulnerable to double free. The vulnerability is due to the use of HTTP proxy for a transfer with a non-HTTPS URL which allows an attacker to trigger a double free...

Cross-site Scripting (XSS)

jsoup is vulnerable to cross-site scripting. The vulnerability exists in resolve function in StringUtil.java because the jsoup cleaner is not properly sanitized when SafeList.preserveRelativeLinks is enabled which allows an attacker to inject and execute arbitrary javascript...

SQL Injection

postgresql is vulnerable to sql injection. The vulnerability exists incomplete efforts to operate safely when a privileged user is maintaining another user's objects which allows an attacker to inject and execute arbitrary sql functions...

Access Restriction Bypass

nginx is vulnerable to access restriction bypass. The vulnerability exists because TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates which allows an attacker to gain access to the system and perform unauthorized actions...

Privilege Escalation

linux is vulnerable to heap buffer overflow flaw. The vulnerability exists in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c which allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

Validation Bypass

firebase/php-jwt is vulnerable to validation bypass. The vulnerability exists in decode and verify functions in JWT.php because the token validations are not properly handled when multiple keys are loaded in a key ring which allows an attacker to bypass server-side validations...

Regular Expression Denial Of Service (ReDoS)

glob-parent is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists due to an incorrect regex implementation on the enclosure variable. This vulnerability is caused by an incomplete fix of CVE-2020-28469...

Cross-Site Scripting (XSS)

highcharts is vulnerable to cross-site scripting. The vulnerability exists because the chart options structure is not validated and sanitized when using useHTML flag, potentially allowing an attacker to inject and execute arbitrary Javascript in a user's browser...

Buffer Overflow

dnsmasq is vulnerable to buffer overflow. An attacker may forge malicious DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine...