Out-of-bounds Write

github.com/onosproject/onos-lib-go is vulnerable to Out-of-bounds Write. The vulnerability is due to an incorrect boundary check within the putBitString method, which could lead to a Denial of Service DoS attack...

Cross-site Scripting(XSS)

lavalite/cms is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input validation, allowing attackers to execute arbitrary code and obtain sensitive information via a crafted payload in the URL...

Authorization Bypass

roundup is vulnerable to Authorization Bypass. The vulnerability is due to improper property permissions checks, allowing unauthorized manipulation or access to restricted properties through certain methods...

Sensitive Information Exposure

RhodeCode and Kallithea is vulnerable to Sensitive Information Exposure. The vulnerability is due to a lack of admin authentication which allows remote users to obtain API keys and other sensitive information via the getrepo API method...

Cross Site Scripting(XSS)

roundup is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper escape mechanisms within templating.py, which allows an attacker to preform cross site scripting...

Directory Traversal

cherryPy is vulnerable to Directory Traversal. The vulnerability is due to improper input validation in the getfilepath function, allowing remote attackers to manipulate session IDs in cookies to create, delete, or possibly read and write arbitrary files...

Insertion Of Sensitive Information Into Log File

freeipa is vulnerable to Insertion Of Sensitive Information Into Log File. The vulnerability is due to a flaw in FreeIPA's batch processing API resulting in improper masking of sensitive information in logs, such as clear text user passwords...

Improper Certificate Validation

Salt is vulnerable to improper SSL certificate validation. The vulnerability is due to the absence of proper default verification for SSL certificates when authenticating to services using certain modules. This flaw allows attackers to perform man-in-the-middle attacks...

Authentication Bypass By Capture-replay

LinOTP is vulnerable to Authentication Bypass By Capture-replay. The vulnerability is due to the activation of automatic resynchronization, allowing an attacker to successfully log in with OTP values recorded at a previous point in time...

Sensitive Information Disclosure

Home Assistant is vulnerable to Sensitive Information Disclosure. The vulnerability is due to an unauthenticated attacker being able to read the application's error log via components/api.py...

Buffer Overflow

tftpy is vulnerable to a Buffer Overflow. The vulnerability is due to inadequate input validation in the parse function within the TftpPacketFactory class, allowing a remote attacker to cause a denial of service...

Privilege Escalation

couchbase is vulnerable to Privilege Escalation. The vulnerability is due to improper verification of admin credentials when Sync Gateway is configured to authenticate with Couchbase Server using X.509 client certificates, which could result in privilege escalation for unauthenticated users...

Improper Access Control

Postorius is vulnerable to Improper Access Control. The vulnerability is due to insufficient validation which allows any logged-in user to send a crafted POST request to unsubscribe any user from a mailing list as well as verify if the address was subscribed in the first place...

Credential Exposure

cloudtoken is vulnerable to Credential Exposure. The vulnerability is due to improper authentication when accessing the cloudtoken daemon via a HTTP endpoint on the same subnet, which allows an attackers to gain temporary AWS credentials for user roles...

HTML Injection

contao is vulnerable to HTML injection. The vulnerability is due to improper fieldname form sanitization, which allows an attacker to insert tags in form fields which are then rendered on the page...

Improper Certificate Validation

scalyr-agent-2 is vulnerable to Improper Certificate Validation. The vulnerability is due to calling the openssl binary without the -verifyhostname option in some circumstances, which can result in Man-in-the-Middle attacks...

Buffer Overflow

pypxe is vulnerable to Buffer Overflow. The vulnerability is due to insufficient input validation in the handle function within the tftp module, which allows a remote attacker to cause a Denial of Service...

Deserialization Of Untrusted Data

ops-cli is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper handling of user-supplied data in the checkoutrepo function, which allows an attacker to execute arbitrary code on the victim's machine...

Denial Of Service (DoS)

nfstream is vulnerable to Denial of Service DoS. The vulnerability is due to unfreed allocated modules when the nfstream object is destroyed without being used, potentially causing a local Denial of Service DoS...

Denial Of Service (DoS)

github.com/osrg/gobgp/ is vulnerable to Denial Of Service DoS. The vulnerability is due to improper memory management which results in an application crash due to the handlingError function in pkg/server/fsm.go...

Arbitrary Code Execution

snapcraft is vulnerable to Arbitrary Code Execution. The vulnerability is due to including the current directory in LDLIBRARYPATH under certain conditions, allowing a malicious snap to execute code within the context of another snap if both have access to the home interface or similar...

Improper Certificate Validation

osxcollector is vulnerable to Improper Certificate Validation. The vulnerability is due to incomplete inspection of Universal/fat binaries, which allows malicious code to appear as if it is signed by Apple, leading to the execution of unsigned code...

Cross-site Scripting (XSS)

ajenti is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper filename sanitization within the File Manager, which allows an attacker to inject malicious JavaScript...

Email Enumeration Attack

org.keycloak, keycloak-parent is vulnerable to Email Enumeration Attack. The vulnerability allows a logged-in user to enumerate valid account emails...

Privilege Escalation

github.com/projectcalico/calico/ is vulnerable to Privilege Escalation. The vulnerability is due to an incorrect SUID bit configuration in the Calico CNI install binary, combined with the ability to control the input binary, allows an attacker to execute an arbitrary binary with elevated privileg...

Cross-site Scripting (XSS)

knowledge-repo is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper user input validation in the post comments functionality. This allows an attacker to inject arbitrary web scripts or HTML content into the application, potentially leading to cross-site scripting XSS...

Denial Of Service (DoS)

github.com/mattermost/mattermost-server is vulnerable to Denial Of Service. The vulnerability is due to a lack of session limit enforcement, enabling an authenticated attacker to crash the server by flooding the sessions table through repeated requests to the getSessions API...

Sensitive Information Disclosure

github.com/mattermost/mattermost-server is vulnerable to Sensitive Information Disclosure. The vulnerability is due to a failure to remove detailed error messages in API requests, even when developer mode is off, allowing attackers to obtain sensitive server information such as file paths...

Denial Of Service (DoS)

github.com/mattermost/mattermost-server is vulnerable to Denial Of Service. The vulnerability is due to insufficient limitation of the size of request paths that contain user inputs, allowing attackers to send large request paths, causing excessive resource usage...

Denial Of Service (DoS)

python-jose is vulnerable to Denial of Service DoS. The vulnerability is due to missing token size limits during the decoding process of a JSON Web Encryption JWE token. An attacker can submit a token with a high compression ratio, depleting system resources which can result in Denial of Service...

Information Disclosure Through Timing Attack

mdanter/ecc is vulnerable to Sensitive Information Disclosure. The vulnerability is due to computing point addition in a non constant time, which allows an attacker to deduce the private key by comparing the time it takes to compute each point addition...

Open Redirect

github.com/portainer/portainer is vulnerable to Open Redirect. The vulnerability is due to improper validation of user-supplied URLs which allow redirects to arbitrary web pages not limited to index.yaml...

Server Side Template Injection

changedetection.io is vulnerable to Remote Command Execution. The vulnerability is due to improper sanitization of user summited input, which allows an attacker to execute arbitrary code on the host...

Improper Validation Of Integrity Check Value

github.com/mcu-tools/mcuboot is vulnerable to Improper Validation of Integrity Check Value. The vulnerability is due to inadequate distinction between protected and unprotected TLV tag-length-value entries, enabling potential tampering by injecting unauthorized entries...

HTML Injection

passbolt/passboltapi is vulnerable to HTML injection. The vulnerability is due to improper sanitization of URL parameters, resulting in custom content being displayed when a user visits the crafted URL...

Improper Access Control

Mattermost Server is vulnerable to Improper Access Control. The vulnerability is due to incomplete validation of role changes within team.go, allowing an attacker authenticated as a team admin to promote guests to team admins through crafted HTTP requests...

Improper Signature Validation

python-jose is vulnerable to Improper Signature Validation. This vulnerability is due to improper verification of OpenSSH ECDSA keys along with other key formats, allowing attackers to bypass security measures or manipulate cryptographic functions by submitting crafted signatures with a specific...

Improper Access Control

Mattermost Server is vulnerable to Improper Access Control. The vulnerability is due to improper validation when updating team member roles, allowing users with certain administrative privileges to demote other users to guest status through crafted HTTP requests...

Command Injection

dcnnt is vulnerable to Command Injection. The vulnerability is due to improper input validation within notifications.py of Notification Handler, allowing remote attackers to execute arbitrary commands...

Denial Of Service (DoS)

github.com/argoproj/argo-cd/ is vulnerable to Denial Of Service DoS. The vulnerability is due to inadequate validation of input within the ignoreDifferences configuration, allowing an attacker to craft a jqPathExpressions which consumes excessive memory, leading to a DoS condition...

Improper Check For Unusual Or Exceptional Conditions

Mattermost Server is vulnerable to Improper Check for Unusual or Exceptional Conditions. The vulnerability is caused due to inadequate validation of custom status values in the user properties within user.go.This allows an attacker to crash users' web clients by submitting malformed custom status...

Prototype Pollution

ejs is vulnerable to Prototype Pollution. The vulnerability is due to inadequate object checks which lack prototype protection measures, which allows an attackers to overwrite certain object prototypes...

Cross-site Scripting (XSS)

Sidekiq is vulnerable to Cross-site Scripting XSS. The vulnerability is due to a lack of encoding within the Queues page in metrics.erb, which allows an attacker to inject JavaScript code through the substr parameter in the response, potentially compromising user accounts and data...

Arbitrary Systemd Property Injection

github.com/cri-o/cri-o is vulnerable to Arbitrary Systemd Property Injection. The vulnerability is due to improper filtering of systemd property within a Pod annotation, allowing an attacker with the ability to create a pod with arbitrary annotations to perform unauthorized actions on the host...

Use After Free

Chrome is vulnerable to a use-after-free vulnerability. The vulnerability is due to improper handling of memory after it has been freed, potentially allowing a remote attacker to exploit heap corruption via a crafted HTML page...

Out Of Bounds Read

Chrome is vulnerable to Out Of Bounds Read. The vulnerability due to improper handling of out-of-bounds reads, allows a remote attacker to leak cross-site data via a crafted HTML page...

Type Confusion

Chrome is vulnerable to Type Confusion. The vulnerability a type confusion issue in the ANGLE component within Google Chrome, allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Denial Of Service (DoS)

qemu is vulnerable to a Denial of ServiceDoS attack. The vulnerability is due to an assertion failure in the updatesctpchecksum function in hw/net/nettxpkt.c, allows a malicious guest to trigger a denial of service...

Heap Based Buffer Overflow

qemu is vulnerable to a heap-based buffer overflow. The vulnerability is due to insufficient bounds checking in the SDHCI device emulation code of QEMU, when both s-datacount and the size of s-fifobuffer are set to 0x200, allows a malicious guest to crash the QEMU process on the host, resulting i...

Double Free

qemu is vulnerable to a double free vulnerability. The vulnerability is due to insufficient protection of the memreentrancyguard flag, allows a malicious privileged guest user to crash the QEMU process on the host, potentially execute arbitrary code within the context of the QEMU process on the...