Cross-Site Request Forgery (CSRF)

ezsystems/ezplatform is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to the CSRF protection which is not enabled by default., which allows attackers to perform unauthorized actions by exploiting the inactive CSRF token...

Remote Code Execution

Shopware is vulnerable to Remote Code Execution. This vulnerability is due to insufficient validation, allowing attackers to inject foreign code...

Sensitive Information Disclosure

ezsystems/ezpublish-kernel is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the REST API potentially disclosing the names of all available site accesses...

Remote Code Execution (RCE)

ezsystems/ezpublish-kernel is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of file uploads, which can lead to remote code execution...

Cross-Site Scripting

shopware/shopware is vulnerable to Cross-Site Scripting. The vulnerability is due to inadequate input sanitization in the frontend, which allows an attacker to inject and execute malicious scripts in the context of a victim’s web browser...

Access Bypass

ezsystems/ezplatform is vulnerable to Access Bypass. The vulnerability is due to inadequate rewrite rules for blocking access to executable files in the var directory when using eZ Platform Cloud on Platform.sh...

Cross-Site Scripting (XSS)

umbracocms is vulnerable to stored Cross-site Scripting XSS. The vulnerability is due to the lack of input sanitization, allowing attackers with access to the backoffice to inject malicious content into a website or application...

Insufficient Session Expiration

@fastify/session is vulnerable to Insufficient Session Expiration. The vulnerability is due to the expires field being overridden if the maxAge field is set, which prevents cookies from being correctly detected as expired, thus expired sessions are not destroyed. This allows attackers to maintain...

Tabnabbing

passbolt/passboltapi is vulnerable to Tapnabbing. The vulnerability is due to a flaw where a user can create and share a resource with a malicious URI that, when opened by the victim using the "Open URI in a new tab" function, grants the malicious page access to the window.opener object...

Template Injection

verbb/formie is vulnerable to Template Injection. An attacker can execute arbitrary code by including malicious Twig code into fields that support Twig, such as the Submission Title or the Success Message...

Use After Free

Wireshark is vulnerable to Use After Free. The vulnerability is caused due to an incorrect use of dynamic memory during program operation which can cause a Denial Of Service DOS via crafted capture file...

Denial Of Service (DOS)

Wireshark is vulnerable to Denial Of Service DOS. The vulnerability is caused due to memory handling issue which can be exploited to mount Denial Of Service DOS via crafted capture file...

Denial Of Service (DOS)

Wireshark is vulnerable to Denial Of Service DOS. The vulnerability is due to MONGO and ZigBee TLV dissector infinite loops resulting in Unreachable Exit Condition via packet injection or crafted capture file...

Cross Site Scripting (XSS)

phpxmlrpc/extras is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to inadequate input validation within the documentingxmlrpcserver class when processing the GET methodName parameter, which allows attackers to execute malicious scripts in the context of the user's browser,...

XPath Injection

robrichards/xmlseclibs is vulnerable to XPath Injection. The vulnerability is due to inadequate filtering of user input before it is incorporated into an XPath expression, which allows attackers to manipulate the XPath by injecting malicious input, potentially leading to unauthorized data access...

Information Disclosure

passbolt/passboltapi is vulnerable to Information Disclosure. The vulnerability is due to the exposure of session cookies through the /auth/verify.json endpoint, which returns cookies in the response similar to the TRACE HTTP method, potentially allowing an attacker to hijack a user session if th...

Improper Callback Validation

omero-web is vulnerable to Improper Callback Validation. The vulnerability is due to a lack of sanitization or validation of callback parameters in JSONP-enabled endpoints, which allows an attacker to execute arbitrary JavaScript code in the browser...

Code Injection

litellm is vulnerable to Code Injection. The vulnerability is due to unsafe usage of the eval function in the litellm.getsecret method, where untrusted data is passed to eval without sanitization...

Improper Certificate Validation

Requests is vulnerable to Improper Certificate Validation. The vulnerability is due to a flaw where disabling certificate verification verify=False in the first request of a Session causes all subsequent requests to the same origin to ignore certificate verification, regardless of changes to the...

Use After Free

Chrome is vulnerable to Use After Free. The vulnerability is caused due to a defect in memory handling allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Type Confusion

Chrome is vulnerable to Type Confusion. This allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

Use After Free

Google Chrome is vulnerable to Use after free. The vulnerability is due to incorrect handling of memory allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Open Redirect

umbraco.cms is vulnerable to Open Redirect. The vulnerability is due to improper validation of redirect targets, which results in authenticated users being redirected to malicious websites after logging into the backoffice...

HTML Injection

passbolt/passboltapi is vulnerable to HTML injection. The vulnerability is due to improper input sanitization, allowing an attacker to inject HTML code in emails...

Cross Site Scripting (XSS)

wwbn/avideo is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient input validation, allowing attackers to inject malicious scripts into web pages viewed by other users...

UI Spoofing

Goggle chrome is vulnerable to UI Spoofing. The vulnerability is caused due to an Inappropriate implementation in Downloads which allows a remote attacker to convince a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page...

Open Redirect

Drupal's path module is vulnerable to a Open Redirect. The vulnerability is due to improper URL handling which allows users with 'administer paths' permissions to create URLs that redirect to malicious sites...

Remote Code Execution (RCE)

passbolt/passboltapi is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper input sanitization during the server's PGP key generation, allowing users to inject shell code during installation...

Denial Of Service (DoS)

gvisor.dev/gvisor is vulnerable to a Denial of Service DoS. The vulnerability is due to improper checks for mounts marked as unmounted before propagating, which could lead to a panic. This allows an attacker running as root and with permission to mount volumes to kill the sandbox...

Denial Of Service (DoS)

github.com/stacklok/minder is vulnerable to Denial Of Service DoS. The vulnerability is due to the engines lack of template size limits, which allows an attacker to execute a Denial of Service DoS attack by submitting maliciously crafted large templates...

Authentication Bypass

pusher/pusher-php-server is vulnerable to Authentication Bypass. The vulnerability is due to insufficient validation of the channel name and socket ID, which allows malicious end-users to forge access to unauthorized private channels...

Cross-site Scripting (XSS)

passbolt/passboltapi is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of user input, allowing an attacker to inject malicious scripts into the user's first and last name fields, which execute when the setup link in the invitation email is accessed...

SQL Injection

propel/propel is vulnerable to SQL Injection. The vulnerability is due to a lack of implicit integer cast of the limit input, which allows an attacker to execute malicious SQL...

SQL Injection

propel/propel1 is vulnerable to SQL Injection. The vulnerability is due to a lack of implicit integer cast of the limit input, which allows an attacker to execute malicious SQL...

Huckleberry

ibc-go module is vulnerable to the "Huckleberry" vulnerability. The vulnerability is due to a flaw in the Inter-Blockchain Communication IBC protocol...

Prototype Pollution

@blackprint/engine is vulnerable to Prototype Pollution. The vulnerability is due to missing object type checks in the DeepProperty function in engine.min.js, which allows an attacker to execute arbitrary code...

XML External Entity (XXE) Injection

neos/flow is vulnerable to XML External Entity XXE. The vulnerability is due to the MediaTypeConverter improperly handling XML input, which could be exploited to conduct XXE attacks...

Container Registry Credential Leak

Trivy is vulnerable to Container Registry Credential Leak. The vulnerability is due to insufficient registry domain validation which results in container registry credential leakage. An attacker must convince a user intro scanning a malicious container, which then allows an attacker to push/pull...

Information Disclosure

neos/flow is vulnerable to Information Disclosure. The vulnerability is due to entity security not properly integrating with the doctrine query cache, allowing users to reuse cached SQL queries built for other users based on their roles rather than their specific properties, potentially revealing...

IV Collision

github.com/bincyber/go-sqlcrypter is vulnerable to IV Collision. The vulnerability is due to using a random IV, which can exceed the safe limit of encrypting plaintext above 2^32 in size under the same key as stated by NIST SP 800-38D, potentially allowing attackers to decrypt messages if IV...

Cross Site Scripting (XSS)

survey-core is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient sanitization of the imageLink property in questionimage.ts, which allows an attacker to execute malicious scripts via setting contentMode=youtube...

Prototype Pollution

@apidevtools/json-schema-ref-parser is vulnerable to Prototype Pollution. The vulnerability is due to inadequate input validation in the bundle, parse, resolve, and dereference functions, allowing a remote attacker to execute arbitrary code...

Prototype Pollution

@bit/loader is vulnerable to Prototype Pollution. The vulnerability is due to missing proto property restrictions within the M function's e argument in index.js, which allows an attacker to execute arbitrary code...

Remote Code Execution (RCE)

3f/pygmentize is vulnerable to Remote Code Execution. The vulnerability is due to improper shell argument sanitization when passing user input to the PIGMENTS binary, which allows an attacker to cause Remote Code Execution...

Use Of A Broken Or Risky Cryptographic Algorithm

asymmetricrypt/asymmetricrypt is vulnerable to Use Of A Broken Or Risky Cryptographic Algorithm. The vulnerability is due to insecure padding within PKCS v1.5, which allows an attacker to brute force the encrypted content...

Arbitrary Code Execution

contao/core is vulnerable to Arbitrary Code Execution. The vulnerability is due to untrusted POST data being passed to the deserialize function which could result in Arbitrary Code Execution...

Authentication Bypass

namshi/jose is vulnerable to Authentication Bypass. The vulnerability is due to improper signature validation which permits tokens signed with 'none' algorithms to be processed, effectively allowing authentication to bypass signature validation...

Man-in-the-Middle (MITM)

aiosmtpd is vulnerable to Man-in-the-Middle MitM . The vulnerability is due to accepting unencrypted commands after the STARTTLS protocol command, which allows unencrypted commands to be accepted and treated as if they were encrypted. An attacker can exploit this flaw to perform a Man-in-the-Midd...

Out-of-bounds Read

nvidia-cuda-toolkit is vulnerable to an out-of-bounds read. The vulnerability is due to an issue in cuobjdump, where an attacker can exploit this by tricking a user into running cuobjdump on a malformed input file, potentially leading to limited denial of service...

NULL Pointer Dereference

nvidia-cuda-toolkit is vulnerable to a NULL pointer dereference. The vulnerability is due to improper handling of malformed binaries, allowing a local user running the tool to cause a limited denial of service...