38340 matches found
Denial Of Service (DoS)
github.com/jackc/pgx is vulnerable to Denial Of Service DoS. The vulnerability is due to a lack of robust error handling Pipeline panicking when PgConn PostgreSQL connection is busy or closed, which can result in potential instability and crashes in applications using Pipeline for database...
Incorrect Authorization
Evmos is vulnerable to Incorrect Authorization. The vulnerability is due to allowing users to create a vesting account with a third-party account as the funder, enabling unauthorized fund transfers from the funder address...
Insufficient Verification Of Data Authenticity
certifi is vulnerable to Insufficient Verification of Data Authenticity. The vulnerability is due to its historical inclusion of root certificates from GLOBALTRUST for SSL certificate validation, after which these certificates were removed due to ongoing compliance issues identified during an...
Denial Of Service (DoS)
github.com/rs/cors is vulnerable to Denial of Service DoS. The vulnerability is due to excessive heap allocations when processing malicious preflight requests that include an Access-Control-Request-Headers ACRH header with many commas, which allows attackers can cause undue stress on the...
Server Side Request Forgery (SSRF)
@fedify/fedify is vulnerable to Server Side Request Forgery SSRF. The vulnerability is caused by making HTTP requests to internal IP addresses referenced in received activities or media URLs, which allows an attacker to send requests to resources within the Fedify server's internal network...
Authorization Bypass
github.com/traefik/traefik is vulnerable to Authorization Bypass.The vulnerability is caused due to improper handling of HTTP/3 early data requests in QUIC 0-RTT handshakes sent with spoofed IP addresses, which allows an attacker to bypass IP allow-lists...
Server-Side Request Forgery
github.com/go-skynet/localai is vulnerable to Server-Side Request Forgery. The vulnerability is due to the /models/apply endpoint supporting both https:// and file:// schemes, which can lead to LFI. The attacker can exploit this vulnerability with network access to the LocalAI instance, potential...
SQL Injection
egroupware/egroupware is vulnerable to Sql Injection. The vulnerability is due to improper handling of the ORDER BY clause in database queries, potentially leading to SQL injection. An attacker can exploit this vulnerability to manipulate database queries, leading to unauthorized data access or...
Cross-site Scripting (XSS)
TYPO3 is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to failing to properly encode information from external sources, which could allow attackers to inject malicious scripts into the Install Tool language pack interface...
Cross-site Scripting (XSS)
TYPO3 CMS is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to failing to properly encode user input in multiple areas of the CMS, allowing attackers to inject malicious scripts...
Broken Access Control
TYPO3 is vulnerable to Broken Access Control. The vulnerability is due to regular backend users having access to import functionality that is typically restricted to admin users or users with specific User TSconfig settings enabled options.impexp.enableImportForNonAdminUser...
Insecure Deserialization
TYPO3 is vulnerable to Insecure Deserialization. The vulnerability is due to failing to properly validate incoming data in the suggest wizard, which allows an attacker to exploit insecure unserialize operations. A valid backend user account is required to exploit this vulnerability...
Sensitive Information Disclosure
TYPO3 is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the element information component not properly checking the backend user's permissions for the list of references from or to a record...
Session Fixation
TYPO3 is vulnerable to Session Fixation. The vulnerability is due to existing sessions for a user account not being revoked when the user changes their password...
Arbitrary File Deletion
gogs.io/gogs is vulnerable to Arbitrary File Deletion. The vulnerability is due to insufficient access controls, allowing unauthorized users to delete internal files on the host...
Cross Site Scripting (XSS)
zendframework/zend-form is vulnerable to Cross Site Scripting XSS. The vulnerability is due to the use of the escapeHtml helper instead of escapeHtmlAttr, leading to improper escaping of HTML attributes. An attacker can exploit this by injecting malicious code through user data or JavaScript in...
Command Injection
gogs.io/gogs is vulnerable to Command Injection. The vulnerability is caused due to inadequate input validation during the previewing of changes, allowing an attacker to inject arbitrary commands...
Command Injection
gogs.io/gogs is vulnerable to Command Injection. The vulnerability is caused by improper input validation or sanitization during the tagging process of a new release. Attackers can exploit this issue by injecting malicious commands or additional arguments into the tagging command, which may be...
OS Command Execution
HFS is vulnerable to OS Command Execution. The vulnerability is due to using execSync instead of spawnSync in a childprocess to execute the df shell command, which allows an attacker to execute OS commands remotely via the file upload feature...
Remote Code Execution (RCE)
gogs.io/gogs is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of command-line arguments within the bundled ssh implementation internal/ssh/ssh.go. An attacker can exploit the vulnerability by sending a malicious --split-string env request through an SSH...
Command Injection
deeplake is vulnerable to Command Injection. The vulnerability is due to a lack of input sanitization within the ingestkaggle API when ingesting a remote Kaggle dataset, allowing an attacker to execute arbitrary commands on the server...
NULL Pointer Dereference
libzephyr.so is vulnerable to NULL Pointer Dereference. The vulnerability is due to a malicious BLE device sending a specific order of packet sequences to cause a DoS attack on the victim BLE device...
Improper Access Control
Mattermost is vulnerable to Improper Access Control. The vulnerability is due to a failure to prevent specifying a RemoteId when creating a new user, allowing attackers to create a user with a user-defined ID, which can cause broken functionality in User Management...
Parameter Injection
zend-mail is vulnerable to Parameter Injection. The vulnerability is due to unsanitized additional quote characters within an address in the file Sendmail.php, which allows an attacker to inject arbitrary parameters to the system sendmail program...
Denial Of Service (DoS)
org.apache.tomcat: tomcat-coyote is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of excessive HTTP headers in HTTP/2 streams, which leads to the miscounting of active streams resulting in an infinite connection timeout. This allows connections to remain open...
URL Rewrite
zendframework/zendframework is vulnerable to URL Rewrite. The vulnerability is due to the request URI marshaling logic that introspects HTTP request headers specific to server-side URL rewrite mechanisms. When these headers are present on systems not running the specific URL rewriting mechanism,...
Information Disclosure
github.com/mattermost/mattermost-server is vulnerable to Information Disclosure. The vulnerability is due to a failure to properly sanitize the recipients of a webhook event, allowing attackers monitoring webhook events to retrieve the channel IDs of archived or restored channels...
Improper Access Control
github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is due to the createPost function not preventing users from specifying a RemoteId for their posts, allowing attackers to create posts with user-defined post IDs. Attackers can use this to cause...
Improper Authentication
Mattermost is vulnerable to Improper Authentication. The vulnerability is caused by the use of constant-time comparison for remote cluster tokens, possibly allowing an attacker to retrieve the token during comparison due to the timing discrepancy...
Sensitive Information Disclosure
ZITADEL is vulnerable to Sensitive Information Disclosure. The vulnerability is due to a missing check that incorrectly lists user sessions without specific information, potentially exposing other users' sessions...
Information Disclosure
github.com/mattermost/mattermost-server is vulnerable to Information Disclosure. The vulnerability is due to Mattermost failing to sanitize the RemoteClusterFrame payloads before audit logging them. Attackers with access to the audit logs can exploit this to read message contents...
Improper Access Control
github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is due to improper validation of remote server requests in shared channels with multiple connected remote servers, allowing a malicious remote server to change the profile images of users belonging...
Improper Input Validation
github.com/google/nftables/ is vulnerable to Improper Input Validation. The vulnerability is due to IP addresses being encoded in the wrong byte order, resulting in a non-functional nftables configuration which might block or not block the desired addresses...
Authentication Bypass
github.com/ginuerzh/gost is vulnerable to Authentication Bypass. The vulnerability is due to improper validation of the HostKeyCallback function. An attacker can intercept communications by setting the HostKeyCallback function to ssh.InsecureIgnoreHostKey...
Denial Of Service
kibana is vulnerable to Denial Of Service. The vulnerability is due to the runsoon API allowing view-only users to execute alerting rules continuously, potentially impacting system availability if the alerting rules involve complex queries. An attacker can exploit this to degrade system performan...
SQL Injection
craftcms/cms is vulnerable to SQL Injection. The vulnerability is caused by insufficient sanitization and validation of user-supplied input within GraphQL queries, allowing attackers to manipulate these queries to execute arbitrary SQL commands...
Insertion Of Sensitive Information Into Log File.
com.phloc:phloc-webscopes is vulnerable to Insertion of Sensitive Information into Log File. The vulnerability is due to improper handling of logged HTTP requests within RequestWebScopeNoMultipart.java. This allows local attackers with access to the log files to view user passwords or other...
Denial Of Service
kibana is vulnerable to Denial Of Service. The vulnerability is due to the ability of a high-privileged user to affect the availability of Kibana by uploading a maliciously crafted osquery pack. An attacker can disrupt Kibana's availability by exploiting this flaw...
Regular Expression Denial Of Service (ReDoS)
rack is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is caused due to improper handling and parsing of HTTP Accept headers using regular expressions.This allows an attacker to send specially crafted Accept-Encoding or Accept-Language headers, causing the server to...
Cross-site Scripting (XSS)
coderberg/residence-cms is vulnerable to Cross-site Scripting. The vulnerability is due to allowing low-privilege users to create malicious property content with HTML, which acts as a stored XSS payload...
Insertion Of Sensitive Information Into Sent Data
github.com/pomerium/pomerium is vulnerable to Insertion of Sensitive Information Into Sent Data. The vulnerability is due to the inclusion of serialized OAuth2 access and ID tokens from the logged-in user's session in the user info page /.pomerium...
Supply Chain Attack
Fides is vulnerable to Supply Chain Attack. The vulnerability is due to mishandling of client-side script dependencies and the use of a compromised third-party domain like polyfill.io. The vulnerability allows an attacker to serve malicious scripts to users of legacy browsers when they load...
Cross Site Scripting(XSS)
Flowise is vulnerable to Cross Site ScriptingXSS. The vulnerability is caused due to improper handling of user input in the /api/v1/chatflows-streaming/id endpoint, which allows an attacker to craft a URL that injects Javascript into user sessions, potentially stealing information, creating false...
Memory Leak
libfreerdp.so is vulnerable to Memory Leak. The vulnerability is due to a supplied realloc pointer being reused for a realloc return value. An attacker can exploit this by causing the program to consume excessive memory, potentially leading to a denial of service...
Improper Authentication
libfreerdp.so is vulnerable to Improper Authentication. The vulnerability is due to invalid credentials being accepted if the server has configured an invalid SAM file path. The attacker can successfully authenticate with invalid credentials if the SAM file path is incorrect...
Cross Site Scripting
flowise is vulnerable to Cross Site Scripting. The vulnerability is due to the api/v1/chatflows/id endpoint reflecting the chatflow ID in the 404 page without proper sanitization. An attacker can craft a specially crafted URL that injects JavaScript into user sessions, potentially stealing...
Denial Of Service (DoS)
liblouis.so is vulnerable to a Denial Of Service DoS. The vulnerability is due to an out-of-bounds read caused by the matchCurrentInput function inside loutranslateString.c not checking the input string's length, allowing attackers to crash the application by crafting an input file with certain...
Cross-site Scripting (XSS)
xapian-core is vulnerable to Cross-site Scripting XSS. The vulnerability is caused due to improper handling of HTML escaping by Xapian::MSet::snippet in queryparser/termgeneratorinternal.cc. This allows an attacker to potentially execute arbitrary scripts in the context of a user's web browser wh...
Improper Access Control
aimeos/ai-admin-graphql is vulnerable to an Improper Access Control. The vulnerability is due to insufficient restrictions or checks on user roles and permissions, allowing an editor to modify and take over an admin account in the back end...
Improper Access Control
aimeos/ai-admin-graphql is vulnerable to Improper Access Control. The vulnerability is due to inadequate enforcement of access control policies within aimeos/ai-admin-graphql, allowing editors are able to manage their own services via the GraphQL API, bypassing the intended restrictions designed...