Insufficient Randomness

ezsystems/ezpublish-legacy is vulnerable to Insufficient Randomness. The vulnerability is due to inadequate entropy in the pseudo-random bytes used for hash generation, making it easier for attackers to predict the hash in the "forgot password" feature...

Remote Code Execution (RCE)

ezsystems/ezpublish-legacy vulnerable to Remote Code Execution RCE. The vulnerability is caused by uploading a file, which could potentially allow execution of arbitrary PHP files under certain configurations...

SQL Injection

adodb/adodb-php is vulnerable to SQL injection. The vulnerability is due to inadequate input validation in multiple drivers, which allows an attacker to execute malicious SQL queries...

Mass Assignment

Laravel is vulnerable to Mass Assignment. The vulnerability is due to improper column quoting for database drivers, which can be exploited when not using the fillable property on models, particularly when using the guarded property and passing a user-controlled array into an "update" or "save"...

SQL Injection

codeigniter/framework is vulnerable to SQL injection. The vulnerability is inadequate input validation within CodeIgniter ODBC database driver, which allows attackers to inject and execute malicious SQL queries...

Unauthorized Password Reset

cartalyst/sentry is vulnerable to Unauthorized Password Reset. The vulnerability is due to improper handling of password reset checks in the Sentry authentication framework, which allows attackers to reset passwords for users who have NULL in their resetpasswordcode column...

Sensitive Information Disclosure

ezsystems/repository-forms is vulnerable to Sensitive Information Disclosure. The vulnerability is caused due to missing permission checks before allowing access to user data. Specifically, the system did not properly verify if the user had the 'content' edit permissions, which allowed...

Information Disclosure

ezsystems/ezpublish-legacy is vulnerable to Information Disclosure. The vulnerability is caused due to the module not properly checking access permissions when rendering the content tree menu. This allows the tree menu to display hidden items to unauthorized users if they access the backend URL...

Identity Spoofing

doctrine/doctrine-module is vulnerable to Identity Spoofing. The vulnerability is due to improper handling of numerically valued credentials in DoctrineModule\Authentication\Adapter\ObjectRepository, which allows attackers to obtain valid authentication identities without knowing the user's actua...

Cross-site Scripting (XSS)

drupal/core is vulnerable to Cross Site Scripting XSS. The vulnerability is due to Drupal configurations using the WYSIWYG CKEditor, which can be exploited by an attacker with content creation or editing capabilities to target users with access to CKEditor, including site admins with privileged...

Authorization Bypass

Drupal is vulnerable to an Authorization Bypass. The vulnerability is due to the content moderation module failing to check a user's access to use certain transitions, potentially allowing unauthorized access to restricted translations...

SQL Injection

cacti is vulnerable to SQL injection. The vulnerability is due to insufficient validation of data in the formsave function within graphtemplateinputs.php, which is used to concatenate SQL statements in the drawnontemplatedfieldsgraphitem function fromhtmlformtemplates.php. Attackers can exploit...

Cross-Site Scripting

Cacti is vulnerable to Cross-site scripting. The vulnerability is due to insufficient data validation in the formsave function in dataqueries.php, which is used to concatenate the HTML statement in the growrightpanetree function from html.php...

Remote Code Execution

Ghostscript, the GPL PostScript/PDF interpreter is vulnerable to Remote Code Execution. The vulnerability is due to multiple security issues which can result in denial of service and potentially the execution of arbitrary code if malformed document files are processed...

Weak Entropy In Token Generation

friendsofsymfony/user-bundle is vulnerable to Weak Entropy in Token Generation. The vulnerability is due to the imprecise nature of the baseconvert function used in FOSUserBundle, which allows attackers to exploit the weakened randomness of tokens generated for email confirmation and password...

Weak Encryption

fuel/core is vulnerable to Weak Encryption. The vulnerability is due to the usage of the Crypt encryption algorithm, which potentially allows an attacker with sufficient knowledge, code, and GPU calculation power to break and potentially compromise the security of encrypted data...

Authentication Bypass

friendsofsymfony/user-bundle is vulnerable to Authentication Bypass. The vulnerability is due to an insecure user refresh implementation due to using the primary key instead of the username, which can result in authentication bypass if users are allowed to change usernames...

Improper Access Control

mlflow is vulnerable to Improper Access Control. The vulnerability is due to improper validation of DELETE requests by users with EDIT permissions, allowing unauthorized deletions of artifacts...

Path Traversal

mlflow is vulnerable to Path Traversal. The vulnerability is due to improper validation of artifact URLs, particularly in handling the fragment part of the URL. Attackers can exploit this by inserting a 'character, allowing the artifact to bypass validation, resulting an arbitrary file access on...

Cross-Site Scripting (XSS)

apache airflow is vulnerable to Cross-site Scripting XSS. The vulnerability is caused by improper handling of user input, which allows an authenticated attacker to inject malicious JavaScript into the task instance logs...

Remote Code Execution

drupal/drupal is vulnerable to Remote Code Execution. The vulnerability is due to the Contextual Links module not properly validating the contextual links requested by users, which may result in Remote Code Execution...

Authentication Bypass

ezsystems/ezpublish-legacy is vulnerable to Authentication Bypass. The vulnerability is due the standard login handler failing to verify passwords correctly in rare cases when using the legacy LDAP login handler or the TextFile login handler in combination with the standard legacy login handler...

Authentication Bypass

firebase/php-jwt is vulnerable to Authentication Bypass. The vulnerability is due to missing algorithm checks when calling the decode method allowing attackers bypass verification when using asymmetric keys RS256, RS384, RS512, ES256, ES384, ES512 when there is no algorithm specified within the...

Remote Code Execution

ezsystems is vulnerable to Remote Code Execution. The vulnerability is due to object injection in the SiteAccessMatchListener, which could lead to remote code execution RCE...

Cross Site Scripting (XSS)

ezsystems is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper sanitization in "protected" comments, resulting in Cross Site Scripting...

Cross-site Scripting (XSS)

ezsystems/ezpublish-legacy is vulnerable to Cross-site Scripting XSS. The vulnerability is due to unsanitized parameters input within the 'disabled module' error template, leading to Cross-site Scripting XSS...

Information Disclosure

microsoft.powerbi.javascript is vulnerable to an Information Disclosure. The vulnerability is due to improper handling of sensitive information, which may allow an attacker to access unauthorized data if a user visits a site with malicious content...

Session Hijacking

illuminate/auth is vulnerable to Session Hijacking. The vulnerability is due to insecure handling of "remember me" cookies, where previously hijacked cookies would remain valid even after the user's password was reset or they logged out...

Code Injection

ezsystems/ezpublish-legacy is vulnerable to Code Injection. The vulnerability is due to improper handling of uploaded PHP and PHAR files due to inadequate web server configurations and enabled PHAR stream wrappers. This allows attackers to execute arbitrary code, potentially leading to privilege...

Insecure Deserialization

laravel/framework is vulnerable to Insecure Deserialization. The vulnerability is due to the potential misuse of the application's encryption key, which allows an attacker to craft a serialized cookie, which upon deserialization results in arbitrary code execution...

Remote Code Execution

magento/community-edition vulnerable to Remote Code Execution RCE. The vulnerability is due to improper input validation and security controls, allowing authenticated Admin users to execute arbitrary code and scripts...

Decryption Failure

illuminate/encryption is vulnerable to a Decryption Failure. The vulnerability is due to improper handling of encrypted payloads in the Laravel Encrypter component, allowing attackers to craft an encrypted payload, which upon decryption returns false, possibly resulting in unintended behavior in ...

Cross Site Scripting (XSS)

friendsofsymfony/rest-bundle is vulnerable to Cross Site Scripting XSS. The vulnerability is due to incorrect jsonp validation due to sanitizing the callback query param name rather than its value, which allows potentially malicious callback values to be processed, leading to Cross Site Scriping...

Denial Of Service (DOS)

IntelR CoreTM Ultra Processors are vulnerable to Denial Of Service DOS. The vulnerability is caused due to a Sequence of processor instructions leading to unexpected behavior. This can allow an authenticated user to potentially enable Denial Of Service DOS via local access...

Spoofing Attack

GNOME GLib is vulnerable to spoofing Attack. The vulnerability is due to inadequate validation of the source of D-Bus signals in GDBus-based clients, allowing spoofed signals from other users on a shared system to be accepted as legitimate...

Sql Injection

laravel/framework is vulnerable to Sql Injection. The vulnerability is due to user input passed directly to the limit and offset functions in SQL Server, resulting is SQL injection...

Session Hijacking

laravel/socialite is vulnerable to Session Hijacking. The vulnerability is due to the state guessing during OAuth authentication, which could potentially lead to session hijacking...

Remote Code Execution

magento/community-edition is vulnerable to Remote Code Execution. The vulnerability is due to unpatched security issues allowing unauthorized code execution and script injection...

Remote Code Execution (RCE)

laravel/framework is vulnerable to Remote Code Execution RCE. The vulnerability is caused by an encryption oracle exposed by applications using the "cookie" session driver, allowing attackers to craft Laravel session payloads by generating valid signed encryption strings for any plain-text string...

Improper Query Binding

Laravel/framework is vulnerable to Improper Query Binding. If a request is crafted with a non-array field as an array without proper validation or casting, it can lead to an unexpected number of query bindings being added to the query. This can result in queries returning either no results or...

NULL Pointer Dereference

VTK is vulnerable to a NULL Pointer Dereference. The vulnerability is due to improper return value validation, where the libxml2 API xmlDocGetRootElement function can return NULL, but the code in IO/Infovis/vtkXMLTreeReader.cxx dereferences it without a check, allowing an attacker to trigger a...

Header Leakage

amphp/http-client is vulnerable to Header leakage. The vulnerability is due to the incomplete handling of request headers in the Message::setHeaders method, which allows sensitive request headers from the initial request to be leaked to the redirected host during cross-domain redirects...

Cross Site Scripting(XSS)

codeIgniter/Framework is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to inadequate sanitization in the xssclean method within security.php, which allows an attacker can bypass the intended protection to execute arbitrary JavaScript code in the browser...

Unauthorized Data Access

Klaviyo Magento 2 is vulnerable to Unauthorized Data Access. The vulnerability is due to insufficient access controls in an endpoint, allowing attackers to read private customer data from stores by reclaiming guest-carts and accessing order details via the Magento API...

Cross-site Scripting (XSS)

Magento Commerce is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input validation and sanitization, allowing attackers to inject malicious scripts into web pages viewed by other users...

Mass Assignment

Laravel is vulnerable to Mass Assignment. The vulnerability is due to insufficient column quoting for all database drivers, which could allow attackers to perform unauthorized mass assignment operations. If using guarded and passing a user-controlled array into an "update" or "save" function,...

Sensitive Information Disclosure

github.com/kubernetes-sigs/azurefile-csi-driver is vulnerable to Sensitive Information Disclosure. This vulnerability is due to tokens being logged when TokenRequests is configured in the CSIDriver object and the driver is set to run at log level 2 or greater via the -v flag, which allows an...

Insufficient Entropy

laravel/socialite is vulnerable to Insufficient Entropy. The vulnerability is due to an insecure state generation mechanism, potentially exposing the OAuth authentication process to security risks...

OS Command Execution

fuel/core is vulnerable to OS Command Execution. The vulnerability is due to insufficient image filenames validation when constructing the ImageMagick command, which allows specially crafted filenames to be executed as operating system commands...

Data Leakage

livewire/livewire is vulnerable to Data Leakage. The vulnerability is caused by the $this-validate method not properly filtering the data before returning it, resulting in all properties of the Livewire component, including unvalidated data, being exposed...