38184 matches found
Access Control Bypass
github.com/pterodactyl/wings is vulnerable to Access Control Bypass. The vulnerability is due to improper access controls within the pull endpoint, allowing authenticated users to evade restrictions and potentially access resources on local networks...
Unauthorized File Access
github.com/pterodactyl/wings is vulnerable to Unauthorized File Access. The vulnerability is caused by a leaked Wings token either through inadvertent disclosure of the node configuration or accidental leakage, which allow an attackers arbitrary file read and write access on associated nodes...
Cross-Site Scripting (XSS)
pgAdmin is vulnerable to a Cross-site Scripting XSS in the JSON payload of the /settings/store API response. The vulnerability arises due to inadequate input sanitization, enabling attackers to inject and execute malicious scripts on the client's side...
Type Confusion
libxmljs is vulnerable to Type Confusion. The vulnerability is due to parsing a specially crafted XML document and invoking a function on the result of attrs that was called on a parsed node. This issue may lead to Denial of Service DoS, data exfiltration or Remote Code Execution RCE...
Cross Site Scripting (XSS)
vditor is vulnerable to Cross Site Scripting XSS. The vulnerability is due to a lack of default xss sanitization within the editor, which allows an attacker to execute XSS via an attribute of an A element...
Authentication Bypass
pgadmin4 is vulnerable to Authentication Bypass. The vulnerability is due to a flaw in the multi-factor authentication process, which allows an attacker with knowledge of a legitimate account's username and password to authenticate to the application and perform sensitive actions within the...
DNS Poisoning
Bouncy Castle Java Cryptography APIs are vulnerable to improper SSL/TLS hostname verification. The vulnerability is due to hostname verification potentially being performed against a DNS-resolved IP address when no explicit hostname is provided, which could lead to DNS poisoning risks...
Improper Authentication
Salt aka SaltStack is vulnerable to Improper Authentication. The vulnerability is due to a lack of authentication during routine execution, allowing authenticated users with certain privileges to bypass restrictions by nesting restricted routines within other routines...
Cross-Site Scripting (XSS)
pterodactyl/panel is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient user input sanitization within Egg Docker images and variables, which results in cross site scripting XSS on the panel...
Integer Overflow
uriparser is vulnerable to integer overflow. The vulnerability is due to improper validation of long keys or values in the ComposeQueryEngine function within UriQuery.c, which results in a buffer overflow by suppling crafted values...
Integer Overflow
uriparser is vulnerable to an Integer overflow. The vulnerability is due to insufficient input validation in ComposeQueryMallocExMm within UriQuery.c , which allows attackers to cause a Denial of service via long crafted strings...
Type Confusion
libxmljs2 is vulnerable to Type Confusion. The vulnerability is caused by parsing a specially crafted XML documented due to invoking the namespaces function on a grand-child node that refers to an entity. This allows an attacker to execute arbitrary code, or cause Denial of Service DoS...
Deserialization Of Untrusted Data
sagemaker is vulnerable to Deserialization of Untrusted Data. The vulnerability is due the deserialization of pickled object arrays within the sagemaker.basedeserializers.NumpyDeserializer module, which could allow an unprivileged third party to cause Remote Code Execution or Denial of Service...
Denial Of Service (DoS)
kurwov is vulnerable to Denial Of Service DoS. The vulnerability is due to improper sanitization within the MarkovDatagetNext method, which is utilized in both Markovgenerate and Markovchoose functions, which results in a maliciously crafted string within the dataset to bypass sanitization checks...
Type Confusion
libxmljs2 is vulnerable to Type Confusion. The vulnerability is caused by improper type checks when parsing untrusted XML with a DOCTYPE that contains an entity due to invoking the attrs function on the grandchild node referring the entity. This can lead to Denial of Service, Data Exfiltration, a...
Man-in-the-Middle (MITM)
Salt vulnerable to Man-in-the-Middle MITM. The vulnerability is due to the absence of SSH host key validation in the default configuration of salt-ssh, which can be exploited by attackers to carry out man-in-the-middle attacks...
Code Injection
Apache Hive is vulnerable to Code Injection. The vulnerability is caused by improper sanitization or validation of user-supplied URLs in the openBrowserWindow method within HiveJdbcBrowserClient.java, which allows an authenticated attacker to submit a malicious URL which results in command...
Arbitrary Code Execution
r-base is vulnerable to Arbitrary Code Execution. The vulnerability is due to deserialization of untrusted data, which can occur when interacting with a maliciously crafted RDS R Data Serialization formatted file or R package, allows maliciously crafted RDS R Data Serialization formatted files to...
Out-of-Bounds Read
FreeRDP is vulnerable to an Out-of-Bounds Read. The vulnerability is due to the legacy GDI drawing path with the /bpp:32 setting in FreeRDP, which results in Out-of-Bounds Read...
Insecure Cryptography
elixir is vulnerable to Insecure Cryptography. The vulnerability is due to Elixir's implementation of Blowfish in CFB mode without generating a unique initialization vector IV for each encryption operation, which allows context-dependent users to obtain sensitive information and decrypt the...
Cross Site Scripting (XSS)
ajenti is vulnerable to Cross Site Scripting XSS. The vulnerability is due to inadequate input validation in the command field of the Cron functionality, allowing remote authenticated users to inject arbitrary web script or HTML...
Denial Of Service (DoS)
Zope Object Database ZODB is vulnerable to Denial Of Service DoS. The vulnerability is due to a flaw that allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, resulting in unexpected return values for the accept function...
Improper Certificate Validation
transifex-client is vulnerable to Improper Certificate Validation. The vulnerability is due to not validating X.509 certificates during data transfer connections, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate...
Reflected Cross-site Scripting (XSS)
changedetection.io is vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is due to insufficient input sanitization within the notificationurls parameter, resulting in malicious JavaScript execution on affected pages...
Remote Code Execution (RCE)
uamqp for python is vulnerable to Remote Code Execution RCE. The vulnerability is due to the installation process that attempts to load a non-existent cloud resource, which an attacker could theoretically take over to execute arbitrary code...
Cross Site Scripting (XSS)
Jfinalcms is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper input validation in the friendship link component, allowing a remote attacker to execute arbitrary code through a crafted script...
Arbitrary Code Execution
Mercurial is vulnerable to a Arbitrary Code Execution. The vulnerability is due to incorrect bound checks in the binary delta decoder which allows an attacker to execute arbitrary code via a clone, push, or pull command, related to either list sizing rounding error or short records...
Out-of-bounds Read
libfreerdp.so is vulnerable to an out-of-bounds read. This vulnerability is due to inadequate bounds checking in the planarskipplanerle function, leading to potential out-of-bounds reads when processing RLE-encoded data...
Out-of-bounds Read
libfreerdp.so is vulnerable to an out-of-bounds read. The vulnerability is due to inadequate bounds checking in the zgfxdecompresssegment function because the variable count is not checked against StreamGetRemainingLength. This could allow an attacker to potentially access sensitive information o...
Improper Access Control
Apache ActiveMQ is vulnerable to Improper Access Control. The vulnerability is due to a default configuration which does not secure the API web context, allowing unrestricted use of the Jolokia JMX REST API and the Message REST API. This vulnerability potentially enables anyone to interact with t...
Out-of-bounds Write
libfreerdp.so is vulnerable to Out-of-bounds write. The vulnerability is due to improper validation of runLengthFactor which can lead to values that exceed the buffer limits, causing memory corruption. This could allow an attacker to potentially access sensitive information or cause a crash in th...
Integer Underflow
libfreerdp.so is vulnerable to an Integer Underflow. The vulnerability is due improper check to ensure a value remains greater than the len value during decompression in the nscrledecode function, which results in improper memory operations based on unchecked length values...
Out-of-bounds Read
libfreerdp.so is vulnerable to an out-of-bounds read. The vulnerability is due to insufficient validation of the SrcSize before reading data from pSrcData, potentially allowing reading beyond the allocated memory when SrcSize is less than 4. This could allow an attacker to access sensitive...
Cross-Site Request Forgery (CSRF)
firebase-tools is vulnerable to a Cross-Site Request Forgery CSRF. This vulnerability is due to the export endpoint in the Firebase emulator suite. If a user runs the emulator while visiting a malicious website, the browser can call out to localhost, which could result in the exfiltration of...
Authorization Bypass
Wagtail is vulnerable to Authorization Bypass. The vulnerability is due to inadequate checks in the ModelViewSet and wagtail.contrib.settings modules, allowing users with general edit permissions to update fields they are otherwise restricted from accessing via crafted HTTP POST requests...
Signature Verification Bypass
xml-crypto is vulnerable to Signature Verification Bypass. The vulnerability is due to inadequate authorization checks for signed certificates, which allows an attacker to manipulate XML documents with falsified signatures or certificates which can bypass the library's default validation mechanis...
Denial Of Service (DOS)
ibm.mq is vulnerable to a Denial of service. The vulnerability is due to insufficient handling of HTTP requests, which allows an attacker to craft requests that cause excessive resource consumption. This can potentially leads to Denial of service...
Out-of-Bounds Read
github.com/onosproject/onos-lib-go is vulnerable to Out-of-Bounds Read. The vulnerability is due to improper bounds checking within the parseAlignBits function, which could allow an attacker to trigger an index out-of-range condition resulting in Denial of Service...
Incorrect Access Control
github.com/spidernet-io/spiderpool is vulnerable to Incorrect access control. The vulnerability is due to improper clusterRole configurations, which allows a local attackers to execute arbitrary code by using crafted commands to access token components, potentially compromising the entire...
Denial Of Service (DoS)
github.com/onosproject/rimedo-ts is vulnerable to Denial Of Service DoS. The vulnerability is due to inadequate bounds checking within reader.go, when accessing elements out of the slice bounds...
Denial Of Service (DoS)
github.com/onosproject/onos-kpimon is vulnerable to Denial of Service DoS. The vulnerability is due to the blocking of the errCh channel within the Start function of the monitoring package, leading to resource exhaustion as the associated indication processing goroutine can't process further...
Denial Of Service (DoS)
github.com/onosproject/rimedo-ts is vulnerable to Denial Of Service DoS. The vulnerability is due to an out-of-range panic within reader.go, when accessing elements out of the slice bounds, which could result in Denial of Service...
Reflected Cross-Site Scripting (Reflected XSS)
nautobot is vulnerable to Reflected Cross-Site Scripting Reflected XSS. The vulnerability is due to improper handling and escaping of user-provided query parameters, allowing a maliciously crafted Nautobot URL to potentially execute malicious scripts against users...
Arbitrary Code Execution
org.xmlunit: xmlunit-core is vulnerable to Arbitrary Code Execution. The vulnerability is due to enabling XSLT extension transformation functions by default within TransformerFactoryConfigurer.java, which could allows attackers to execute arbitrary code during XSLT transformations if an applicati...
Cross Site Scripting (XSS)
yapi-vendor is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient input validation in its Advanced Expectation - Response module, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the body field...
Denial Of Service (DoS)
github.com/onosproject/onos-ric-sdk-go is vulnerable to Denial of Service DoS.The vulnerability is due to indefinite repetition of error processing within the Subscribe function when handling the subscribed indication stream. This issue may lead to resource exhaustion...
Out-of-bounds Read
github.com/onosproject/onos-kpimon is vulnerable to Out-of-bounds Read. The vulnerability is due to improper handling of array indices in the processIndicationFormat1 function. This allows an attacker to cause a crash or potentially execute arbitrary code by exploiting the out-of-bounds array...
Symlink Attack
Salt is vulnerable to Symlink attacks. The vulnerability is due to insecure creation of temporary files in seed.py ,salt-ssh, or salt-cloud, which allows a local attacker to exploit this by creating symbolic links to overwrite arbitrary files with elevated privileges...
HTTP Parameter Tampering
github.com/navidrome/navidrome is vulnerable to HTTP Parameter Tampering. The vulnerability is due to improper parameter validation within HTTP requests. An attacker can impersonate other users and perform unauthorized actions such as creating playlists, adding songs, posting comments, and changi...
Cross Site Scripting (XSS)
phlex is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient sanitization of user-provided data in HTML attributes. If an application renders an tag within a href attribute thats set to a user provided link, arbitrary JavaScript execution may occur due to overly...