Division-by-Zero

nvidia-cuda-toolkit is vulnerable to a Division-by-Zero. The vulnerability is due to an improper mathematical operation, which may enable a user to cause a crash, leading to a Denial of service...

Deserialization Of Untrusted Data

joblib is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to unsafe handling of pickle files in the readarray function within numpypickle.py where pickle.load is enabled by default. This allows an attacker to execute arbitrary code by loading a maliciously crafted pickle...

Information Disclosure

neos/neos is vulnerable to Information Disclosure. The vulnerability is due to improper access controls allowing the viewing of internal workspaces without authentication. This allows attackers to read sensitive content from internal workspaces without permission...

Observable Discrepancy

neos/flow is vulnerable to Observable Discrepancy . The vulnerability is due to observable timing differences within the PersistedUsernamePasswordProvider. An attacker can determine whether an account exists based on the timing of the response, because the hash is only generated if an account was...

Authentication Bypass

namshi/jose is vulnerable to Authentication Bypass. The vulnerability is due to an implementation error in the validation process for digital signatures using asymmetric algorithms. which allows attackers to forge tokens by exploiting the signature verification flaw...

Privilege Escalation

github.com/submariner-io/submariner-operator is vulnerable to Privilege Escalation. The vulnerability is due to unnecessary role-based access control permissions, which allows a privileged attacker to run a malicious container on a node, potentially stealing service account tokens and compromisin...

Insufficient Entropy In Random Number Generation

paragonie/randomcompat is vulnerable to insufficient entropy in random number generation. The vulnerability is due to the insecure usage of Cryptographically Secure Pseudo-Random Number Generators CSPRNG involving opensslrandompseudobytes, which may compromise the security of generated random...

Privilege Escalation

alterphp/easyadmin-extension-bundle is vulnerable to Privilege Escalation. The vulnerability is due to role-based access rules not handling action name case sensitivity, which could allow a user to gain access to actions they are not authorized to perform...

Open Redirection

OroPlatform is vulnerable to Open Redirection. The vulnerability is due to improper validation of URLs, allowing attackers to redirect users to external websites...

Open Redirect

OroCRM is vulnerable to Open Redirect. The vulnerability is due to improper validation of URLs, allowing attackers to redirect users to external websites...

GitHub Token Leakage

github.com/wolfi-dev/wolfictl is vulnerable to GitHub Token Leakage. The vulnerability is due to a local user's GitHub token being sent to remote servers other than github.com if a user ran wolfictl update with a non github domain...

Arbitrary Code Execution

contao/core is vulnerable to Arbitrary Code Execution. The vulnerability is due to insufficient input validation, allowing attackers to remove or change pathconfig.php by entering a URL, making the entire Contao installation inaccessible or enabling the execution of malicious code...

Signature Verification Bypass

onelogin/php-saml is vulnerable to Signature Verification Bypass. The vulnerability is due to implicit boolean conversion of numerical values returned by opensslverify in PHP, where an error state -1 can be interpreted as a successful signature verification, which results in misinterpretation of...

Authentication Bypass Via Signature Wrapping

onelogin/php-saml is vulnerable to Authentication Bypass. The vulnerability is due to improper signature validation, which allows a malicious user to bypass authentication through signature wrapping...

Remote Code Execution (RCE).

drupal/core is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsanitized shell arguments in DefaultMailSystem::mail, which could be exploited to execute arbitrary code...

Insecure Direct Object Reference (IDOR) / Weak Encryption

nzo/url-encryptor-bundle is vulnerable to a Insecure Direct Object Reference IDOR. This vulnerability is due to a lack of mandatory key and initialization vector IV requirements, which makes the aes-256-ctr algorithm susceptible to malleability attacks. It allows attackers to decrypt and modify...

Denial Of Service (DoS)

github.com/stacklok/minder is vulnerable to a Denial of Service DoS. The vulnerability is due to missing request size limits by the REST ingester when processing responses from remote REST endpoints, which allows an attacker to execute a Denial of Service attack by controlling a remote REST...

Cross-Site Scripting

Cacti is vulnerable to Cross-site Scripting. The vulnerability is due to malicious scripts being permanently stored on a target server and served to users who access a particular page, which attackers can use to execute scripts in the context of the user's browser, potentially leading to...

Denial Of Service (DoS)

rexml is vulnerable to Denial Of Service DoS. The vulnerability is due to improper parsing of XML with many characters in an attribute value, which allows an attacker to cause Denial of Service...

Open Redirect

drupal/core is vulnerable to Open Redirect. The vulnerability is due to allowing users with the 'administer paths' permission to create pretty URLs, which can be exploited to redirect to a malicious URL...

Command Injection

consoleme is vulnerable to Command Injection. The vulnerability is due to improper neutralization of special elements used in a command, potentially allowing an attacker to inject and execute arbitrary commands via an argument flag...

Unrestricted File Upload

drupal/core is vulnerable to Unrestricted File Upload. The vulnerability is caused by the failure to properly sanitize filenames within the filesaveupload function. This allows an attacker to potentially upload malicious system files, such as .htaccess...

Remote Code Execution (RCE)

drupal/core is vulnerable to Remote Code Execution. The vulnerability is due to the Contextual Links module not properly validating the contextual links requested by users, which may result in Remote Code Execution...

Information Exposure

Firefox is vulnerable to Information Exposure. The vulnerability is due to error messages generated during importing resources using Web Workers, distinguish the difference between application/javascript responses and non-script responses. This can be abused to learn information cross-origin...

Information Exposure

Firefox is vulnerable to Information Exposure. The vulnerability is caused due to IndexedDB files are not properly deleted when the window was closed when browser.privatebrowsing.autostart preference is enabled. This preference is disabled by default in Firefox...

Permission Issues

Firefox is vulnerable to Permission Issues. The vulnerability is caused due to a bug in the popup notification's interaction with WebAuthn which can make it easier for an attacker to trick a user into granting permissions...

Improper Initialization

Firefox is vulnerable to Improper Initialization. The vulnerability is due to a file dialog shown while in full-screen mode, which could result in the window remaining disabled, allowing attackers to potentially exploit this to create a denial-of-service condition...

Memory Corruption

Firefox thunderbird is vulnerable to Memory Corruption. The vulnerability is caused due to memory safety bugs which can be exploited to run arbitrary code...

Potentially Undefined Behavior

firefox is vulnerable to potentially undefined behavior. The vulnerability is due to bypassing move semantics, leading to undefined behavior, which attackers can exploit to cause unexpected crashes or execute arbitrary code...

Invalid Memory Access

Firefox is vulnerable to invalid memory access. The vulnerability is due to a missing iterator stop condition when handling WASM code in the built-in profiler, which can lead to invalid memory access and undefined behavior...

Use Of Insufficiently Random Values

Firefox is vulnerable to Use Of Insufficiently Random Values. The vulnerability is due to nonce values being generated using rand function, which can lead to predictable values. Attackers can exploit this by predicting the nonce values, potentially allowing them to bypass authentication mechanism...

Information Disclosure

Firefox is vulnerable to a Information Disclosure. The vulnerability is due to a network error during page load causing the prior content to remain in view with a blank URL bar, which attackers can use to obfuscate a spoofed website. This vulnerability affects Firefox versions below 126...

Use-after-free

Firefox is vulnerable to a potential use-after-free crash. The vulnerability is due to certain font styles when saving a page to PDF, which can cause a use-after-free condition. Attackers can exploit this vulnerability to execute arbitrary code or crash the application...

Use-after-free

Firefox is vulnerable to a use-after-free . The vulnerability is due to a missing memory allocation check, which could lead to a crash or potentially be leveraged by attackers to achieve code execution...

SQL Injection

doctrine/orm is vulnerable to SQL Injection. The vulnerability is due to statements in the Where-Clause not being wrapped in brackets due to improper handling of case-insensitive checks, which allows an attacker to execute arbitrary SQL statements...

Cross Site Scripting (XSS)

drupal/core is vulnerable to Cross Site Scripting XSS. The vulnerability is due to Drupal configurations using the WYSIWYG CKEditor, which can be exploited by an attacker with content creation or editing capabilities to target users with access to CKEditor, including site admins with privileged...

Sensitive Information Disclosure

github.com/goreleaser/goreleaser is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the change in log output level from DEBUG to INFO, which could allow an attacker with access to the build logs to view sensitive environment information when the go build output is...

Open Redirect

drupal/drupal is vulnerable to Open Redirect. The vulnerability is due to the insecure handling of the "destination" query string parameter in Drupal core and contributed modules. This allows malicious users to craft URLs that redirect unsuspecting users to third-party websites...

Deserialization Of Untrusted Data

illuminate/cookie is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to insecure cookie encryption and serialization logic, which allows attackers to potentially decrypt or manipulate cookie data, resulting in arbitrary code execution...

Cross-Site Scripting (XSS)

illuminate/view is vulnerable to a Cross-site Scripting XSS. The vulnerability is due to inadequate input sanitization within blade templating, allowing attackers to inject malicious scripts into rendered views...

Cookie Leakage

amphp/artax is vulnerable to Cookie Leakage. The vulnerability is due to cookies being leaked to unauthorized domains, which allows an attacker to manipulate cookies in such a way where cookies of foo.bar.example.com were leaked to foo.bar...

Security Bypass

datadog/dd-trace is vulnerable to Security Bypass. The vulnerability is due to insufficient constraint on the ddtrace.requestinithook by the openbasedir INI directive, which allows an attacker to bypass the openbasedir INI directive...

Remote Code Execution (RCE)

cart2quote/module-quotation-encoded is vulnerable to Remote Code Execution RCE. The vulnerability is due to the use of the unserialize function when processing data from a GET request, which can be exploited by attackers to execute arbitrary code remotely, particularly when custom file options ar...

Remote Code Execution (RCE)

drupal/drupal is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsanitized shell arguments in DefaultMailSystem::mail, which could be exploited to execute arbitrary code...

Host Header Injection

amphp/http is vulnerable to Host Header Injection. The vulnerability is caused by improper validation of newline characters in the Host header, allowing an attacker to inject arbitrary Hosts into the request header...

Remote Code Execution (RCE)

illuminate/cookie is vulnerable to Remote Code Execution RCE. The vulnerability is due to applications using the "cookie" session driver combined with exposure of an encryption oracle, which allows an attacker to craft valid Laravel session payloads...

Object Injection

ezsystems/ezpublish-legacy is vulnerable to Object Injection. The vulnerability due to in the Legacy Shop module which allows an attacker with backend editor privileges to manipulate the discount rule settings...

Session Hijacking

friendsofsymfony/user-bundle is vulnerable to session hijacking. The vulnerability is due to inadequate session management, which could allow an attacker to take over a users session...

Denial Of Service (DoS)

drupal/core is vulnerable to Denial Of Service. The vulnerability is caused by visiting install.php, which can cause cached data to become corrupted until caches are rebuilt...

Local File Inclusion (LFI)

gregwar/rst is vulnerable to Local File Inclusion LFI. The vulnerability is due to inadequate input validation, allowing an attacker to manipulate file paths to read arbitrary files...