Denial Of Service (DoS)

Linux kernel is vulnerable to Denial Of Service DoS. The vulnerability exists due to the use after free in the SGI GRU driver because of the way the first grufileunlockedioctl function is called by the user, where a failed pass occurs in the grucheckchipletassignment function, allowing an attacke...

Incorrect Calculation

vim is vulnerable to Incorrect Calculation. The vulnerability exists due to the incorrect calculation of the buffer size in the library...

Out-of-Bounds Read

linux is vulnerable to Out-of-Bounds Read. This affects the function fibnhmatch of the file net/ipv4/fibsemantics.c of the component IPv4 Handler, leading to out-of-bounds read which results in attackers getting access to restricted data...

LDAP Injection

ldap-backend is vulnerable to LDAP Injection. The vulnerability exists because the doGetIdentity function in LdapIdentityBackend.java does not properly filter the object class, allowing an attacker to inject and execute malicious LDAP query's through the principalName parameter...

Arbitrary Code Execution

MongoDB.Bson is vulnerable to Arbitrary Code Execution. The vulnerability exists because the library does not properly filter AllowedTypes when deserializing an object, allowing a privileged attacker to inject and execute malicious code through the ObjectSerializer in specific situtations. The...

NULL Pointer Dereference

openssl is vulnerable to NULL Pointer Dereference. The vulnerability exists because it can be triggered when an application tries to load malformed PKCS7 data which can lead to an application crash...

Integer Underflow

openvswitch is vulnerable to integer underflow. The vulnerability exists in Organization Specific TLV which allows an attacker to cause an integer underflow...

Regular Expression Denial Of Service(ReDoS)

actionpack is vulnerable to Regular Expression Denial of ServiceReDoS. The vulnerability exists due to inefficient regular expression complexity which allows an attacker to crash the application by submitting a malicious cookie, in combination with a specially crafted XFORWARDEDHOST header...

Cross-site Scripting (XSS)

jenkins-2-plugins is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the library does not properly escape the descriptions of test results, allowing an attacker with Run/Update permission to inject and execute malicious javascript...

Privilege Escalation

sudo is vulnerable to Privilege Escalation. The vulnerability exists due to mishandled extra arguments passed in the user-provided environment variables. which allows to attacker to append arbitrary entries to the list of files to process, leading to accessing user information...

Regular Expression Denial Of Service (ReDoS)

papapars is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability exists in papaparse.js due to inefficient regular expression complexity which allows an attacker to crash the application by submitting a malicious string...

Denial Of Service (DoS)

net-snmp is vulnerable to Denial Of ServiceDoS. The vulnerability exists in handleipDefaultTTL in agent/mibgroup/ip-mib/ipscalars.c via a NULL Pointer Exception bug that which could be used by a remote attacker to cause the instance to crash via a crafted UDP packet...

Remote Code Execution (RCE)

dubbo-cluster is vulnerable to remote code execution. The vulnerability exists in the doInvoke function of BroadcastClusterInvoker.java as it does not properly handle FastJson when invoking the invoke handler and later processes in PojoUtils.realize, allowing an attacker to instantiate arbitrary...

Cross-Site Scripting (XSS)

iet-ou/open-media-player is vulnerable to cross-site scripting. The vulnerability exists in webvtt function of timedtext.php in the timedtext controller which allows an attacker to inject and execute arbitrary scripts...

Arbitrary Code Execution

webkitgtk is vulnerable to Arbitrary Code Execution. Processing maliciously crafted web content may lead to code execution due to improper input validation, leading to memory corruption which allows an attacker with network access to pass specially crafted web content files, causing an applicatio...

Privilege Escalation

samba is vulnerable to Privilege Escalation. The vulnerability exists in the Window Kerberos RC4-HMAC component due to the weak rc4-hmac session keys for use between modern clients and servers...

Out-of-bounds Write

chromium is vulnerable to out of bounds write. The vulnerability exists in Lacros of the chromium browser which allows a remote attacker to perform an out of bounds memory write via a malicious HTML page, leading to arbitrary code execution on the target system...

Insufficient Policy Enforcement

chromium is vulnerable to insufficient policy enforcement. The vulnerability exists because of the file system api in google chrome which allows attackers to bypass file system restrictions via a crafted HTML page...

Denial Of Service (DoS)

github.com/containerd/containerd is vulnerable to denial of service. The vulnerability exists in the CRI stream server of httpstream.go due to exhausted memory on the host, which allows an attacker to cause an application crash via issuing a faulty command...

Improper Certificate Validation

nextcloud-desktop is vulnerable to improper certificate validation. The vulnerability exists due to man in the middle attacks in invalid TLS certificates which allows an attacker to take control of a machine between the client and the server...

SQL Injection

github.com/owncast/owncast is vulnerable to SQL Injection. A specifically crafted attack statement through the input parameters of persistence.go allows a malicious user to inject and execute arbitrary SQL queries on the target system...

Cross-site Scripting (XSS)

spatie/browsershot is vulnerable to cross site scripting. The vulnerable exists in the setUrl function in Browsershot.php which allows an external attacker to remotely obtain arbitrary local files, because the application does not validate the passed URL protocol...

Denial Of Service (DoS)

xen is vulnerable to denial of service. The vulnerability exists because a missing cleanup call was inserted on an error handling path which allows an attacker to cause an application crash...

Denial Of Service (DoS)

xen is vulnerable to denial of service DoS attacks. P2M pool freeing may take excessively long te P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks resulting i...

Information Disclosure

bc-fips is vulnerable to Information Disclosure. The vulnerability exists because the temporary keys used in the module get zeroed out while still in use by the module, resulting in an error or potential information loss. This vulnerability only affects Java 13 or later...

Cross-site Scripting (XSS)

com.liferay:com.liferay.announcements.web is vulnerable to cross-site scripting XSS. The library does not properly escape HTML entities in search-container-column-text in view.jsp, which allows an attacker to inject and execute malicious JavaScript...

Privilege Escalation

github.com/grafana/grafana, is vulnerable to privilege escalation. The vulnerability exists due to the race condition in the authentication middlewares logic, allowing an attacker to query an administration endpoint under a heavy load...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the InnoDB component, allowing an attacker to cause an application crash through the multiple protocols...

Authentication Bypass

kernel is vulnerable to authentication bypass. An attacker can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions...

Information Disclosure

samba is vulnerable to information disclosure. The vulnerability exists because the symlinks in user space with the intent doesn't properly check symlink targets to stay within the share that was configured by the administrator which allows an attacker to get access to all of the server's file...

Denial Of Service (DoS)

github.com/cloudflare/cfrpki is vulnerable to denial of service. The vulnerability exists because the validationLoop function in octorpki.go exceeds the max iterations parameter when creating long chains of CAs, allowing an attacker to crash the application...

Cross-Site Scripting (XSS)

twisted is vulnerable to cross-site scripting. The vulnerability is due to the function getResourceForRequest in vhost.py. When the host header does not match the configured twisted.web.vhost.NameVirtualHost, the 404 page will render the header allowing an attacker to inject and execute HTML and...

Prototype Pollution

uglify-js is vulnerable to prototype pollution. The vulnerability exists in DEFNODE function of ast.js via the name variable which allows an attacker to inject malicious property resulting in prototype pollution...

Cross-Site Scripting (XSS)

github.com/go-gitea/gitea is vulnerable to cross-site scripting. The vulnerability is due to arguments in command.go given to git commands not being properly handled which allows an attacker to inject and execute arbitrary scripts...

Privilege Escalation

NuGet Client is vulnerable to Privilege Escalation. The vulnerability exists because the library does not properly handle a world-writable cache directory, allowing an attacker to inject and execute malicious code, resulting in the elevation of privilege...

Remote Code Execution (RCE)

commons-jxpath is vulnerable to remote code execution. The vulnerability exists in selectSingleNode function in JXPathContext.java where the attacker can use the xpath expression to load any java class from the classpath which will lead to a code execution...

Remote Code Execution

HyperSQL Database is vulnerable to remote code execution. The vulnerability exists in the supportsJavaMethod function of HsqlDatabaseProperties.java due to the untrusted input process allowing an attacker to execute remote codes in the system...

Use After Free

chromium is vulnerable to use after free. The vulnerability exists in Media of the chromium browser which allows a remote attacker to potentially exploit heap corruption via a malicious HTML page...

Denial Of Service (DoS)

mediawiki is vulnerable to denial of service. The vulnerability exists in reassignEdits function where it does not update the results in an IP range check...

Arbitrary File Write

Jenkins Pipeline is vulnerable to Arbitrary File Write. The vulnerability exists because of using parameter name without sanitization as a relative path inside a build-related directory which allows an attacker to configure Pipelines to create or replace arbitrary files on the Jenkins controller...

Denial Of Service (DoS)

rpm is vulnerable to denial of service. An attacker can bypass the checks introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges and causing an application crash...

Authentication Bypass

github.com/hashicorp/consul is vulnerable to authentication bypass. The vulnerability exists in autoconfigendpoint.go and leaderconnectca.go because the URI length checks are not added to CSR requests which allows an attacker to designate multiple SAN URI values in a call to the endpoint...

Spring Expression Language (SpEL) Injection

com.nepxion:discovery-common is vulnerable to spring expression language injection. The vulnerability exists because eval method in DiscoveryExpressionResolver.java is evaluating expression with a StandardEvaluationContext, allowing an attacker to inject and execute malicious SpEL, leading to...

Information Disclosure

spring-data-rest-webmvc is vulnerable to information disclosure. The vulnerability exists due to the improper implementation of the JSON patch in the library, allowing an attacker to get information about the hidden entity attributes through maliciously crafted HTTP requests...

Heap-buffer-overflow

binutils, edge is vulnerable to a heap buffer overflow. The vulnerability exists in bfdgetl32 function when called from the stripmain function in strip-new via a malicious file...

Use-After-Free

chromium is vulnerable to use-after-free. The vulnerability exists in PDF component which allows an attacker to cause a memory corruption which then leads to an application crash...

Denial Of Service (DoS)

org.yaml:snakeyaml is vulnerable to denial of service attacks. If the parser is ran on user supplied input, an attacker can parse a YAML file which can cause the application to crash through stack-based buffer overflows...

Denial Of Service (DoS)

libsox.so is vulnerable to denial of service. The vulnerability exists due to a floating point exception in startread function in wav.c which allows an attacker to send a crafted wav file causing an application crash...

SQL Injection

Mingsoft MCMS are vulnerable to sql injection attacks. The vulnerability exists in verify function in PageAction.java because the validated function call is not properly handled allows an attacker to inject and execute arbitrary queries...

Denial Of Service (DoS)

moodle/moodle is vulnerable to denial of service. The vulnerability exists because the yuicombo.php does not properly limit the path length, allowing an attacker to crash the application by loading a large number of files...