Use After Free

Chrome is vulnerable to a use-after-free vulnerability. The vulnerability is due to improper handling of memory after it has been freed, allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Use After Free

Chrome is vulnerable to a use-after-free vulnerability. The vulnerability is due to improper handling of memory after it has been freed, allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Credential Exposure

gradio is vulnerable to Credential Exposure. The vulnerability is caused by a lack of strict pattern validation in determining network or file paths in the startswithprotocol function, which can lead to the exposure of sensitive information through incorrect interpretation of network or file path...

Unauthorized Access

org.neo4j:neo4j-cypher is vulnerable to Unauthorized Access. The vulnerability is due to the improper handling of IMMUTABLE privileges within the Cypher component, potentially leading to unauthorized access or manipulation of sensitive data by an admin authenticated attacker...

Cross-site Scripting (XSS)

Jinja2 is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper handling of keys with non-attribute characters within the xmlattr filter. This leads to potential XSS attacks when an application accepts user input for keys and rendering it on a webpage...

Information Disclosure

lief is vulnerable to Information Disclosure. The vulnerability is due to improper handling of the name parameter in the machdreader.c component, allowing a local attacker to obtain sensitive information...

Sensitive Information Disclosure

Kimai is Sensitive Information Disclosure. The vulnerability is caused by manipulating of the PHPSESSIONID argument in the Session Handler component, which results in the sensitive information...

Remote Code Execution (RCE)

github.com/tiagorlampert/chaos is vulnerable to Remote Code Execution. The vulnerability is due to unsafe concatenation of the filename argument into the buildStr without any sanitization or filtering, which allows a remote attacker to execute arbitrary code...

Cross-site Scripting (XSS)

MS Basic vulnerable to a cross-site scripting XSS vulnerability. The vulnerability is due to insufficient input sanitization in the search function, allowing attackers to inject malicious scripts into the search input, potentially leading to the execution of arbitrary code in the context of other...

Sensitive Information Disclosure

org.eclipse.edc: data-plane-http-oauth2-core is vulnerable to Sensitive Information Disclosure. The vulnerability arises from a misconfiguration in the OAuth2-protected data sink feature, where the consumer-provided clientSecretKey is resolved in the context of the provider's vault instead of the...

Improper Authorization

org.jenkins-ci.plugins: git-server is vulnerable to Improper Authorization. The vulnerability is due to improper permission checks for read access to a Git repository over SSH. This allows attackers with a previously configured SSH public key but lacking Overall/Read permission to access Git...

Cross-Site Scripting (XSS)

trix is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper sanitization of pasted content, which allows attackers to embed malicious scripts, resulting in Cross-Site Scripting XSS within the application's context...

Arbitrary Code Execution

org.jenkins-ci.plugins:script-security is vulnerable to Arbitrary Code Execution. The vulnerability is due to crafted constructor bodies that invoke other constructors which can then be used to construct any subclassable type via implicit casts, which bypasses the sandbox protection, resulting in...

Improper Access Control

org.jenkins-ci.plugins: script-security is vulnerable to Improper Access Control. The vulnerability is due to improper permission checks during read access to a Git repository over SSH. This allows attackers with a previously configured SSH public key but lacking Overall/Read permission to access...

Incorrect Authorization

apachesuperset is vulnerable to Incorrect Authorization. The vulnerability is due to improper validation on user permissions when accessing datasource metadata through REST API's. This allows attackers to access sensitive information without the necessary authorization...

Use After Free

protobuf is vulnerable to a Use After Free. The vulnerability is due to improper handling of chunked JSON input, which causes the parser to attempt to read bytes from a chunk that has already been freed...

Improper Access Control

gradio is vulnerable to Improper Access Control . The vulnerability is due to improper validation of the isserverfn attribute for functions. This allows attackers to execute functions that should be restricted, potentially leading to unauthorized actions or access to sensitive data...

Cross-Site Scripting (XSS)

yab/quarx is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input validation and sanitization in several components including Blog Title, FAQ Question, Pages Title, Widgets Name, and Menus Name...

Cross-Site Scripting

libSOGo.so is vulnerable to Cross-Site Scripting. The vulnerability is due to inadequate sanitization during attachment preview. This allows an attacker to execute arbitrary JavaScript code within the context of the user's browser session...

Arbitrary JavaScript Execution

react-pdf is vulnerable to Arbitrary JavaScript Execution. This vulnerability is due to isEvalSupported set to true by default, allowing for the execution of arbitrary JavaScript code embedded within the PDF...

Denial Of Service (DoS)

github.com/stacklok/minder is vulnerable to Denial Of Service DoS. The vulnerability is due to improper validation of HTTP requests before processing them in server.go, allowing untrusted requests to crash the Minder control plane, denying service to other users...

Remote Code Execution (RCE)

pdfjs-dist is vulnerable to Remote Code Execution RCE. The vulnerability is due to the default setting isEvalSupported set to true, which allows unrestricted execution of attacker-controlled JavaScript within the hosting domain context...

Heap-Based Buffer Overflow

radare2 is vulnerable to heap-based buffer overflow. The vulnerability is due to insufficient input validation, allowing attackers to overwrite data in the heap memory...

Resource Exhaustion

go-ethereum geth is vulnerable to a Resource Exhaustion. The vulnerability is due to a lack of proper handling of specially crafted p2p messages sent from an attacker node, causing vulnerable nodes to consume excessive amounts of memory...

Cross-site Scripting (XSS)

tribalsystems/zenario is vulnerable to Cross-site Scripting XSS via the Tree Explorer tool. An attacker can inject malicious scripts that can be executed in the context of the user's browser by crafting malicious input...

Local File Inclusion (LFI)

Litestar and Starlite are vulnerable to a Local File Inclusion LFI. The vulnerability is due to path traversal flaws within staticfiles/base.py, allowing attackers to access sensitive files outside designated directories, potentially leading to information disclosure or server compromise...

Denial Of Service (DoS)

ryu is vulnerable to Denial Of Service DoS. The vulnerability is due to inadequate input validation when the OFPQueueProp length is 0 within the OFPPacketQueue function in parser.py, which allows an attacker to trigger an infinite loop by setting the length parameter to 0...

Denial Of Service (DoS)

ryu is vulnerable to Denial Of Service DoS. The vulnerability is due to inadequate input validation within the OFPFlowStats function in parser.py, which allows an attackers to trigger an infinite loop by setting the length of the inst parameter to 0...

Denial Of Service (DoS)

ryu is vulnerable to Denial Of Service DoS. The vulnerability is due to inadequate input validation within the OFPMultipartReply function in parser.py, allowing an attacker to trigger an infinite loop by setting the length parameter to 0...

Denial Of Service (DoS)

ryu is vulnerable to Denial of service. The vulnerability is due to inadequate input validation when the length=0 within the OFPHello function in parser.py, which results in an infinite loop...

Denial Of Service (DoS)

ryu is vulnerable to Denial of Service DoS. The vulnerability is due to the OFPBucket function in parser.py when processing an OpenFlow action with a length of zero, which results an infinite loop...

Sensitive Information Disclosure

nebari is vulnerable to Privilege Escalation. This vulnerability due to printing the temporary Keycloak root password to console during project initialization, which results in sensitive information disclosure...

Arbitrary Code Execution

Zenario is vulnerable to Arbitrary Code Execution. The vulnerability is due to insecure usage of Twig filters in the Twig Snippet plugin and in the site-wide HEAD and BODY elements, allowing designers or administrators to execute arbitrary code...

Remote Code Execution (RCE)

werkzeug is vulnerable to Remote Code Execution. The vulnerability is due to the debugger accepting requests from non localhost locations, which allows an attacker to execute arbitrary code under specific situations. The prerequisites to this attack are the attacker must convince a developer into...

Race Condition

wordops is vulnerable to Time-of-check Time-of-use TOCTOU Race Condition in stackpref.py. The vulnerability is due to calling os.open without a mode parameter during file creation, potentially allowing an attacker to manipulate the file before it is opened by the application...

Race Condition

btcd is vulnerable to a Race Condition. The vulnerability is due to the incorrect implementation of consensus rules as outlined in BIP 68 and BIP 112, specifically by treating the transaction version as a signed integer instead of unsigned. This misinterpretation can lead to a chain split and...

Denial Of Service (DoS)

ryu is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of OFPGroupDescStats in ofprotov13parser.py, where setting the length of OFPBucket to 0 causes the offset and length to remain unchanged, leading to an infinite loop during parsing...

HTML Injection

html-sanitizer is vulnerable to HTML injection. The vulnerability is due to improper handling of unicode normalization, which results in certain unicode characters normalizing to chevrons enabling specially crafted HTML to evade sanitization...

Sensitive Information Disclosure

topthink/framework is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper handling of error messages, which can reveal the PHPSESSION cookie through debug error output source code when a crafted URI is used in a GET request...

Improper Access Control

github.com/piraeusdatastore/piraeus-operator is vulnerable to Improper access control. The vulnerability is due to the ClusterRole being granted excessive permissions, specifically the ability to list all secrets in the cluster, which allows an attacker to impersonate the service account bound to...

Improper Access Control

kubevirt.io/kubevirt is vulnerable to Improper Access Control. The vulnerability is due to ClusterRole allowing excessive permissions to list all secrets in the cluster. This setup does not adhere to the principle of least privilege and potentially allowing an attacker to impersonate the service...

Improper Origin Validation

github.com/jub0bs/cors is vulnerable to Improper Origin Validation. The vulnerability due to middleware configured with multiple origin patterns that share a similar suffix which mistakenly permits access from some untrusted origins, potentially leading to cross-origin attacks...

Improper Origin Validation

github.com/jub0bs/fcors is vulnerable to Improper Origin Validation. The vulnerability is due to the lack of proper validation of origin patterns, which permits untrusted origins sharing suffixes with allowed ones...

Deserialization Of Untrusted Data

spatie/image-optimizer is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to a lack of file protocol checks before it's passed to the fileexists function. This allows attackers to use the phar:// protocol to deserialize a malicious script, which results in Remote Code...

Denial Of Service (DoS)

pdns-recursor is vulnerable to a Denial of ServiceDoS. The vulnerability is due to the Recursor's improper handling of crafted responses received from upstream servers during recursive forwarding, allows attackers to trigger a Denial of Service...

OS Command Injection

sagemaker is vulnerable to OS Command Injection. The vulnerability is due to the capturedependencies function in the sagemaker.serve.saveretrive.version100.save.utils module. An attacker can execute arbitrary code or cause a denial of service by passing an inappropriate command as the...

Code Injection

tqdm is vulnerable to Code Injection. The vulnerability is due to the handling of optional non-boolean CLI arguments such as --delim, --buf-size, --manpath which get passed through python's eval function without proper sanitization. An attacker can execute arbitrary code by injecting malicious...

Improper Cluster Permissions

Carina is vulnerable to Improper Cluster Permissions. The vulnerability is due to insecure cluster configuration, allowing local attackers to execute arbitrary code through crafted commands, leading to the extraction of cluster secrets and potential takeover of the entire cluster...

Improper Cluster Permissions

karmada-io karmada is vulnerable to Improper Cluster Permissions. The vulnerability is due to inadequate cluster permission which allows a local attacker to execute arbitrary code via a crafted command to get the token...

Type Confusion

libxmljs is vulnerable to Type Confusion. The vulnerability is caused by parsing a specially crafted XML documented due to invoking the namespaces function on a grand-child node that refers to an entity. This allows an attacker to execute arbitrary code, or cause Denial of Service DoS...