38168 matches found
Denial Of Service (DoS)
Linux kernel is vulnerable to denial of service. The vulnerability exists in BSS handling in the mac80211 stack which allows an attacker to inject and execute arbitrary codes...
Privilege Escalation
NuGet Client is vulnerable to Privilege Escalation. The vulnerability exists because the library does not properly handle a world-writable cache directory, allowing an attacker to inject and execute malicious code, resulting in the elevation of privilege...
Remote Code Execution (RCE)
commons-jxpath is vulnerable to remote code execution. The vulnerability exists in selectSingleNode function in JXPathContext.java where the attacker can use the xpath expression to load any java class from the classpath which will lead to a code execution...
Arbitrary File Write
Jenkins Pipeline is vulnerable to Arbitrary File Write. The vulnerability exists because of using parameter name without sanitization as a relative path inside a build-related directory which allows an attacker to configure Pipelines to create or replace arbitrary files on the Jenkins controller...
Spring Expression Language (SpEL) Injection
com.nepxion:discovery-common is vulnerable to spring expression language injection. The vulnerability exists because eval method in DiscoveryExpressionResolver.java is evaluating expression with a StandardEvaluationContext, allowing an attacker to inject and execute malicious SpEL, leading to...
Server-side Request Forgery (SSRF)
discovery-plugin-admin-center-starter is vulnerable to server-side request forgery. The vulnerability exists in the routerRestTemplate.getForEntity functionality in the getRouterEntityList function of RouterResourceImpl.java, allowing an attacker to gain sensitive information through the URLs...
Information Disclosure
spring-data-rest-webmvc is vulnerable to information disclosure. The vulnerability exists due to the improper implementation of the JSON patch in the library, allowing an attacker to get information about the hidden entity attributes through maliciously crafted HTTP requests...
Heap-buffer-overflow
binutils, edge is vulnerable to a heap buffer overflow. The vulnerability exists in bfdgetl32 function when called from the stripmain function in strip-new via a malicious file...
Denial Of Service (DoS)
xstream is vulnerable to Denial Of Service DoS. The vulnerability exists due to the stack overflow in the processConverterAnnotations function of AnnotationMapper.java, allowing an attacker to cause an application crash by providing malicious input through the parser...
Denial Of Service (DoS)
libsox.so is vulnerable to denial of service. The vulnerability exists due to a floating point exception in startread function in wav.c which allows an attacker to send a crafted wav file causing an application crash...
Privilege Escalation
libuv.so is vulnerable to privilege escalation. The vulnerability exists in the uvprocesschildinit function in process.c due to improper configurations of group privilege downgrade which allows an attacker to gain privileges via unspecified vectors...
Remote Code Execution
drupal/core is vulnerable to remote code execution. A remote attacker is able to bypass protections provided in sanitizeName function because the filenames with .htaccess extension are not properly sanitized, which allows the attacker to upload and execute malicious code on the system under attac...
Denial Of Service (DoS)
go is vulnerable to Denial Of Service DoS. The vulnerability exists in Glob function in match.go due to stack exhaustion because having a large number of path separators in Glob which allows an attacker to cause an application crash...
Out-Of-Bounds Write
net-snmp is vulnerable to out of bounds write. The vulnerability exists due to a boundary error in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable. A remote user is able to pass a malformed OID in a SET request, trigger an out-of-bounds write and execute arbitrary code on the target...
Denial Of Service (DoS)
sqlite3 is vulnerable to Denial Of Service DoS. The vulnerability exists because the whereKeyStats routine is unable to cope with row-value comparisons against the primary key index of a WITHOUT ROWID table which allows an attacker to cause an application crash...
Authorization Bypass
Apache Hive is vulnerable to authorization bypass. The vulnerability exists in the CREATE/DROP operations due to improper restrictions of users privileges which allows an attacker to create and drop UDFs...
SQL Injection
oliverklee/seminars is vulnerable to SQL injection. Lack of sufficient sanitisation of input query to EventBagBuilder::limitToOrganizers and EventBagBuilder::limitToCategories allows an attacker to inject malicious SQL query...
Denial Of Service (DoS)
aiohttp is vulnerable to denial of service. An attacker can crash the application by providing invalid IPv6 URLs to the parsemessage function of httpparser.py...
Use After Free
chrome is vulnerable to Use after free. The vulnerability exists due to a use after free in WebGPU allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Use After Free
chrome is vulnerable to use after free. The vulnerability exists due to a memory corruption in ANGLE which allows an attacker to potentially exploit heap corruption via a malicious HTML page...
XML External Entity (XXE)
Drools Compiler is vulnerable to xml external entity. The vulnerability exists in validate function in KieModuleMarshaller.java due to incorrect use of Validator class which allows an attacker to submit a malicious XML document to perform requests on behalf of the server...
Denial Of Service (DoS)
grub2 is vulnerable to denial of service. The vulnerability exists due to out-of-bounds write when handling split HTTP headers which allows an attacker to crash the application via malicious input...
Remote Code Execution (RCE)
grub2 is vulnerable to remote code execution. The vulnerability exists due to a heap out-of-bounds write that happen during the handling of Huffman tables in the PNG reader allowing an attacker to inject malicious code into the system via a crafted PNG image...
Privilege Escalation
xen is vulnerable to privilege escalation. The vulnerability exists due to non-coherent mappings allowing an attacker to control the whole system because the system safety logic doesn't account for CPU-induced cache...
Incorrect Logic
x86 pv is using an incorrect logic. The vulnerability exists due to insufficient care with non-coherent mappings which allows an attacker to perform unwanted actions...
Denial Of Service (DoS)
github.com/containerd/containerd is vulnerable to denial of service. The vulnerability exists in the ExecSync function in containerexecsync.go due to a lack of validation in memory consumption which allows an attacker to crash the application via memory exhaustion...
Remote Code Execution (RCE)
chrome is vulnerable to remote code execution. The vulnerability exists due to an Inappropriate implementation in Web Cursor...
Cross-Site Scripting (XSS)
Keycloak Core is vulnerable to reflected cross-site scripting. The vulnerability exists via the POST http requests due to lack of escaping which allows a malicious attacker to inject and execute arbitrary javascript...
Denial Of Service (DoS)
Go-Ethereum is vulnerable to denial of service. An attacker is able to exploit the vulnerability and crash the system by sending an excessive amount of messages to a node...
Cross-site Scripting (XSS)
@braintree/sanitize-url is vulnerable to cross-site scripting. The vulnerability exists due to a lack of validating HTML encoding...
Buffer Overflow
vim is vulnerable to buffer overflow. The vulnerability exists due to the use of Out-of-range Pointer Offset...
Denial Of Service (DoS)
libexpat.so is vulnerable to denial of service. An attacker can trigger stack exhaustion in the buildmodel function of xmlparse.c via a large nesting depth in the DTD element, leading to an application crash...
Denial Of Service (DoS)
libexpat.so is vulnerable to denial of service. The vulnerability exists due to the integer overflow in the copyString function of xmlparse.c as it is only used for encoding strings supplied by the library user, allowing an attacker to cause an application crash...
Authorization Bypass
url-parse is vulnerable to authorization bypass. The vulnerability exists in Url function of index.js because the user name and password are not properly handled which allows a malicious user to modify user information...
Denial Of Service (DoS)
xrdp is vulnerable to denial of service. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able to locally access a sesman server to execute code as root...
Remote Code Execution (RCE)
github.com/git-lfs/git-lfs is vulnerable to remote code execution. The vulnerability exists in 'ExecCommand' function of subprocesswindows.go which allows an attacker to inject and execute codes in the root directory of a malicious repository by simply adding an executable files...
Cross Site Scripting (XSS)
github.com/go-gitea/gitea is vulnerable to cross-site scripting XSS. The vulnerability exists due to the lack of sanitization in the repository settings in the setting.go file allows the attacker to inject and execute arbitrary Javascript via the URL field in the external wiki/issue tracker...
Authentication Bypass
github.com/go-gitea/gitea is vulnerable to authentication bypass. The library allows the TOTP code for two-factor authentication to be submitted correctly more than once enabling remote attackers to abuse the flaw and gain unauthorized privileges...
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service. The vulnerability exists in TensorByteSize function of attrvalueutil.cc because of the check failure in TensorShape which leads to an application crash...
Remote Code Execution (RCE)
firefox is vulnerable to remote code execution. The vulnerability when a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible...
Path Traversal
org.neo4j.procedure:apoc is vulnerable to path traversal. A remote attacker is able to retrieve and download files from outside the authorized directory and under some circumstances to also create files on the affected server resulting in path traversal vulnerability...
Denial Of Service (DoS)
libpng is vulnerable to denial of service. The vulnerability exists due to an absolute path in the export script that crashes when reading multiple zTXT chunks...
Information Disclosure
github.com/grafana/grafana is vulnerable to information disclosure. When the forward auth identity is enabled, the library sends the OAuth identity of the most recently logged-in user when sending a query to the data source, allowing an attacker to retrieve sensitive data from the most recently...
Denial Of Service (DoS)
vim is vulnerable to denial of service. The vulnerability exists due to a heap-based Buffer Overflow allowing an attacker to crash the system...
Browser Window Spoofing
firefox is vulnerable to browser window spoofing. An attacker may exploit the vulnerability by using the fullscreen mode of the browser to trick the user into thinking it is a normal windows application...
Arbitrary Code Execution
nodejs is vulnerable to arbitrary code execution. An attacker can inject and execute malicious name constraints When the library use string format to check the validity of the peer certificates against hostname...
Remote Code Execution (RCE)
RabbitMQ is vulnerable to Regular Expression Denial Of Service ReDoS. A new user being added via management UI could lead to the user's bane being rendered in a confirmation message without proper...
Authorization Bypass
haproxy is vulnerable to authorization bypass. Lack of validation of the HTTP Host header could potentially result in bypass of access controls due to a mishandling of the Host and authority. The fix for the original CVE is correctly included in OpenShift 4.9.11.The release of OpenShift 4.9.6...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. A corrupted timer tree caused the task wakeup to be missing in the timerqueueadd function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while...
Arbitrary Code Execution
ibjpeg-turbo is vulnerable to arbitrary code execution. A remote attacker could exploit this vulnerability by send a malformed jpeg file to the service and cause arbitrary code execution or denial of service...