Sensitive Information Disclosure

github.com/minio/minio/ is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the ability to infer the existence of objects on a server by sending anonymous requests with random object names...

SQL Injection

Meshery is vulnerable to SQL Injection. The vulnerability is due to improper handling of the sort query parameter in the GetAllEvents function, allowing for SQL injection through stacked queries and the ATTACH DATABASE command...

SQL Injection

Meshery is vulnerable to SQL Injection. The vulnerability is due to improper handling of the order query parameter in the GetMeshSyncResourcesKinds function, allowing for SQL injection through stacked queries and the ATTACH DATABASE command...

Use Of Cryptographically Weak Pseudo-Random Number Generator

stormpath/sdk is vulnerable to Use Of Cryptographically Weak Pseudo-Random Number Generator. This vulnerability is due to an insecure generation of UUID version 4...

SQL Injection

silverstripe/subsites is vulnerable to SQL Injection. The vulnerability is due to insufficient input validation and sanitization in the silverstripe/subsites module, which allows attacker can inject malicious SQL queries...

SQL Injection

silverstripe/taxonomy module is vulnerable to SQL injection. The vulnerability is due to insufficient input validation and sanitization within the TaxonomyDirectoryController, which allows ab attackers to inject malicious SQL queries...

Denial Of Service (DoS)

aimeos/aimeos-core is vulnerable to Denial Of Service. The vulnerability is due to a lack of checks performed while saving and retrieving locale items...

Exposure Of Sensitive Information To An Unauthorized Actor

silverstripe/userforms is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. This vulnerability is due to insufficient authorization checks in submission notification emails, potentially enabling an attacker to access sensitive files uploaded through the forms without prope...

Cross Site Scripting (XSS)

socalnick/scn-social-auth is vulnerable to Cross Site Scripting XSS. The vulnerability is due to not escaping the URL parameter "redirect," allowing an attacker to inject malicious HTML and execute arbitrary code...

Improper Authorization

Nautobot is vulnerable to Improper Authorization. The vulnerability is due to Nautobot failing to restrict Dynamic Group member listings based on member object permissions, allowing users to view all objects in a Dynamic Group regardless of their specific permissions...

Open Redirect

simplesamlphp/simplesamlphp is vulnerable to Open Redirect. The vulnerability is due to improper validation of URLs in request parameters, allowing an attacker to redirect a user to a malicious site...

Partial Password Leakage

ethyca-fides is vulnerable to Partial Password Leakage. The vulnerability is due to improper sanitization/redaction of the SQLAlchemy password string in error logs, which partially exposes the database password when special characters are used inside the password...

Denial Of Service (DoS) / Information Disclosure

io.airlift: aircompressor is vulnerable to Denial Of Service DoS / Information Disclosure. The vulnerability is due to improper memory bounds checking during data decompression, caused by the use of the sun.misc.Unsafe class without additional safeguards. This can lead to out-of-bounds memory...

Code Injection

smarty/smarty is vulnerable to code injection. The vulnerability is due to insufficient validation of file names used in the extends-tag. This allows attackers to inject PHP code by choosing a malicious file name for an extends-tag...

Cross-site Request Forgery (CSRF)

sylius/resource-bundle is vulnerable to a Cross-Site Request Forgery. The vulnerability is due to the absence of proper validation and insufficient CSRF protection for actions such as marking order payments or product reviews in the AdminBundle and ResourceBundle. This allowing attackers to perfo...

Cross-site Request Forgery (CSRF)

sylius/admin-bundle is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to the absence of a CSRF token requirement in several administrative actions, such as marking orders payments as completed or refunded, and marking product reviews as accepted or rejected. This flaws...

Deserialization Of Untrusted Data

symbiote/silverstripe-multivaluefield is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to inadequate validation of user input, as well as object injection caused by support for handling PHP objects as values, which allows an attacker to inject malicious scripts...

XML Entity Expansion (XEE)

symfony/dependency-injection is vulnerable to XML Entity Expansion XEE . The vulnerability is due to XML Entity Expansion XEE attacks, where the use of libxml2 lacks defense against XEE Quadratic Blowup Attacks QBA, allowing long entities to create a memory sink for Denial of Service attacks on R...

Cross-site Scripting (XSS)

getformwork/formwork is vulnerable to Cross-site Scripting XSS. The vulnerability is caused due to insufficient sanitization of markdown fields, allowing users with page editing permissions to insert...

Prototype Pollution

mysql2 is vulnerable to Prototype Pollution. The vulnerability is due to improper user input sanitization when data is passed to fields and tables within a nestTables, which allows an attacker to manipulate the objects prototype...

Heap Buffer Overflow

chromium is vulnerable to a Heap Buffer Overflow. This vulnerability due to inadequate bounds checking via a crafted HTML page, allows a remote attacker to perform an out-of-bounds memory read...

Use-After-Free

Chrome is vulnerable to Use-After-Free. This vulnerability due to improper handles memory after it has been freed via a crafted HTML page, allowing a remote attacker to execute arbitrary code within a sandbox environment...

Type Confusion

chromium is vulnerable to a Type Confusion. The vulnerability is due to improper handling of object types, potentially allowing a remote attacker to execute arbitrary read/write operations via a crafted HTML page...

Heap Buffer Overflow

chromium is vulnerable to Heap Buffer Overflow. The vulnerability is due to improper bounds checking, allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

Cross Site Scripting

silverstripe/comments is vulnerable to Cross Site Scripting. The vulnerability is due to an outdated version of jQuery that contains XSS vulnerabilities when user input is used in certain contexts...

Cross Site Scripting

silverstripe/framework is vulnerable to Cross Site Scripting. The vulnerability is due Member-getName returning raw HTML, which is injected directly without sanitization...

Arbitrary Code Execution

Parisneo/lollms is vulnerable to Arbitrary Code Execution. The vulnerability is due to insufficient sanitization of user input in the handling of the name parameter within the unInstallbinding function, allowing an attacker to traverse directories and execute arbitrary code by loading a malicious...

URL Injection

silverstripe/framework is vulnerable to URL Injection. The vulnerability is due to improper handling of URL encoding, which allows for the generation or interpretation of URLs with incorrect encoding, potentially leading to unexpected behavior or security vulnerabilities when processing these URL...

Improper Access Control

silverstripe/framework is vulnerable to Improper Access Control. The vulnerability is due to missing canView checks when the report is actually viewed, allowing any report to be accessed if the URL is known and the user can access the Reports section of the CMS...

Session Fixation

silverstripe/framework is vulnerable to Session Fixation. The vulnerability is due to the failure to invalidate pre-existing cookies when the "remember me" function is disabled, allowing users to remain authenticated even after the function is disabled...

Lack Of Salt Update On Password Change

silverstripe/framework is vulnerable to Lack of Salt Update On Password Change. The vulnerability is due to the internal salt not being reset when a password is changed. An attacker can potentially exploit this to reduce the effectiveness of password hashing...

Information Disclosure

silverstripe/framework is vulnerable to Information Disclosure. The vulnerability is due to inconsistent handling of login attempts for non-existent users. This allows attackers to discern valid user accounts and enumerate valid user accounts by observing differences in error messages or behavior...

Command Injection

llamaindex is vulnerable to a Command Injection. The vulnerability is due to unsafe usage of the eval function, allowing a malicious or compromised LLM hosting provider to execute arbitrary commands on the client's machine...

Cross-site Scripting (XSS)

silverstripe/framework is vulnerable to Cross-site Scripting XSS. The vulnerability is caused due to improper handling of key/value pairs in OptionsetField or CheckboxSetField, where default casting is not assigned. This allows an attacker to inject malicious HTML code when either key or value...

Path Traversal

org.openapitools, openapi-generator-online is vulnerable to a Path Traversal. The vulnerability is due to unrestricted access to the outputFolder option, which allows attackers to manipulate file paths and potentially read or delete files and folders outside of the intended directory...

Binding To An Unrestricted IP Address

dbt-core is vulnerable to Binding to an Unrestricted IP Address. The vulnerability is due to the binding of INADDRANY or IN6ADDRANY to any network interface on the local system not just localhost, which exposes the application on all network interfaces. An attacker can gain unauthorized access by...

Buffer Overflow

rockhopper is vulnerable to Buffer Overflow. The vulnerability is due to the manipulation of the argument raw in the function countrows of the file rockhopper/src/raggedarray.c which is a part of the Binary Parser component. The vulnerability allows an attacker to manipulate the argument raw,...

Open Redirect

silverstripe/framework library is vulnerable to Open Redirect. The vulnerability is due to inadequate validation of URLs, which allows attackers to craft malicious URLs that bypass redirection protections...

Unrestricted Upload Of File With Dangerous Type

silverstripe/framework is vulnerable for Unrestricted Upload Of File With Dangerous Type. The vulnerability is due to the lack of proper validation and sanitization of uploaded file types, which allows an attacker to upload executable file formats...

Code Injection

silverstripe/framework is vulnerable to Code Injection. The vulnerability is due to the improper handling of associative arrays in the second argument of renderWith, where unsanitized user input can be passed directly as a value...

Information Disclosure

silverstripe/framework is vulnerable to Information Disclosure. The vulnerability is due to password fields reflecting submitted data, which inadvertently exposes users to potential security risks by displaying sensitive information...

NULL Pointer Dereference

PingCAP TiDB is vulnerable to NULL Pointer Dereference. The vulnerability is due to a NULL pointer dereference in the SortedRowContainer component, which allows an attacker to cause a denial of service...

Incorrect Default Permissions

kaminari is vulnerable to Incorrect Default Permissions. The vulnerability is due to improperly set file permissions that allow unauthorized write access to specific Ruby files managed by the library...

Denial Of Service (DoS)

rack-contrib is vulnerable to a Denial Of Service DoS. The vulnerability is due to the user-controlled profilerruns parameter not being constrained, which allows an attacker to allocate resources on the server side without limitation, resulting in Denial of Service...

Buffer Overflow

PingCAP TiDB is vulnerable to Buffer Overflow. The vulnerability is due to reading a string from a column while the offset field in the column is not initialized, which results in a buffer overflow that could lead to database crashes and denial of service attacks...

Cross-Site Scripting (XSS)

Silverstripe/framework is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of the Page name. This allows an attacker to use the payload " to trigger an XSS alert and execute arbitrary scripts in the context of the user's browser...

Improper Access Control

Mattermost is vulnerable to Improper Access Control. The vulnerability is due to a failure to restrict the audience of the "customplaybooksplaybookrunupdated" webhook event, allowing a guest on a channel with a linked playbook run to see all details of the playbook run when it is marked as finish...

Improper Authentication

Silverstripe/framework is vulnerable to Improper Authentication. The vulnerability is caused by improper user permission checks to verify if a user can login via the Member::canLogIn method, allowing an attacker to gain access to unapproved or revoked users by resetting the password...

Denial Of Service (DoS)

github.com/stacklok/minder is vulnerable to a Denial Of Service DoS. The vulnerability is due to the sigstore verifier reading an untrusted response entirely into memory without enforcing a limit on the response body. The vulnerability allows an attacker to crash the Minder server and deny other...

Improper Access Control

Mattermost is vulnerable to Improper Access Control. The vulnerability is due to insufficient enforcement of access controls, allowing members to link playbook runs to private channels they are not members of...