Arbitrary Systemd Property Injection

github.com/cri-o/cri-o is vulnerable to Arbitrary Systemd Property Injection. The vulnerability is due to improper filtering of systemd property within a Pod annotation, allowing an attacker with the ability to create a pod with arbitrary annotations to perform unauthorized actions on the host...

Use After Free

Chrome is vulnerable to a use-after-free vulnerability. The vulnerability is due to improper handling of memory after it has been freed, potentially allowing a remote attacker to exploit heap corruption via a crafted HTML page...

Out Of Bounds Read

Chrome is vulnerable to Out Of Bounds Read. The vulnerability due to improper handling of out-of-bounds reads, allows a remote attacker to leak cross-site data via a crafted HTML page...

Type Confusion

Chrome is vulnerable to Type Confusion. The vulnerability a type confusion issue in the ANGLE component within Google Chrome, allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Denial Of Service (DoS)

qemu is vulnerable to a Denial of ServiceDoS attack. The vulnerability is due to an assertion failure in the updatesctpchecksum function in hw/net/nettxpkt.c, allows a malicious guest to trigger a denial of service...

Heap Based Buffer Overflow

qemu is vulnerable to a heap-based buffer overflow. The vulnerability is due to insufficient bounds checking in the SDHCI device emulation code of QEMU, when both s-datacount and the size of s-fifobuffer are set to 0x200, allows a malicious guest to crash the QEMU process on the host, resulting i...

Double Free

qemu is vulnerable to a double free vulnerability. The vulnerability is due to insufficient protection of the memreentrancyguard flag, allows a malicious privileged guest user to crash the QEMU process on the host, potentially execute arbitrary code within the context of the QEMU process on the...

Use-After-Free

Chrome is vulnerable to Use-After-Free. The vulnerability due to improper handling of memory in the V8 component within Google Chrome, allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Denial Of Service (DoS)

putty is vulnerable to Denial Of Service DoS. The vulnerability is due to remote SSH-1 servers accessing freed memory locations via an SSH1MSGDISCONNECT message in PuTTY, allows remote SSH-1 servers to trigger a denial of service condition...

Privilege Escalation

VirtualBox is vulnerable to Privilege Escalation. The vulnerability due to inadequate security measures or flaws in the design and implementation of the Oracle VM VirtualBox product, particularly within its Core component, allows a low-privileged attacker with logon access to the infrastructure...

Malleable ECDSA Signature Attacks

PHPECC is vulnerable to malleable ECDSA signature attacks. The vulnerability is caused due to ECDSA signatures not being canonicalized, allowing for multiple valid representations of the same signature...

Exposure Of Sensitive Information

github.com/openshift/cluster-monitoring-operator is vulnerable to Exposure of Sensitive Information. The vulnerability is due to an annotation in the telemeter-client pod in the openshift-monitoring namespace that contains the cluster's pull secret, which can be accessed by users with sufficient...

Remote Code Execution

uvdesk/core-framework is vulnerable to Remote Code Execution. This vulnerability is due to insufficient input validation, allowing attackers to upload malicious files which result in Remote Code Execution...

Improper Authorization

Quarkus is vulnerable to Improper Authorization. This vulnerability is due to the mishandling of method declarations in abstract Java classes or by Quarkus extensions, leading to unenforced authorization for RestEasy Classic or Reactive JAX-RS endpoints...

Sql Injection

Zend framework is vulnerable to Sql Injection. The vulnerability is due to improper input validation, allowing remote attackers to execute arbitrary SQL commands via a null byte...

Double Evaluation

vyper is vulnerable to a Double Evaluation. This vulnerability is due to the buildcreateIR function of the createfromblueprint builtin not caching the args argument, allowing for multiple evaluations instead of retrieving the value from the stack...

Double Evaluation

vyper is vulnerable to Double Evaluation. The vulnerability is due to the buildIR function of the sqrt builtin not caching the argument to the stack, allowing for multiple evaluations when the argument has side-effects...

Improper Input Validation

vyper is vulnerable to Improper Input Validation. The vulnerability is due to using the slice builtin with msg.data, self.code, or .code as the buffer argument, when either the start or length arguments have side-effects, allowing an attacker to manipulate the smart contract's behaviour or extrac...

Improper Locking

vyper is vulnerable to Improper Locking. This vulnerability is due to lack of reentrancy protection in default functions and not respecting nonreentrancy keys and failing to emit the lock, which allows an attacker to bypass the intended security mechanisms...

Improper Cache Handling

gitHub.com/coredns/coredns is vulnerable to Improper Cache Handling. The vulnerability is due to the CD bit disabling validation in the remote server which could allow an attacker to retrieve sensitive information cached erroneously, leading to information disclosure or unauthorized access...

Privilege Escalation

github.com/glpi-project/glpi-agent is vulnerable to Privilege Escalation. The vulnerability is due to the ability of a local user to modify GLPI-Agent code or used DLLs, which can alter agent logic and potentially grant higher privileges...

Privilege Escalation

github.com/glpi-project/glpi-agent is vulnerable to Privilege Escalation. The vulnerability is due to improper security controls in the MSI package installer that allow a local user to manipulate the GLPI server URL or disable the agent service, and in some cases, configure a malicious server to...

Unrestricted Upload Of File With Dangerous Type

thinkcmf/thinkcmf vulnerable to Unrestricted Upload of File with Dangerous Type. The vulnerability is due to insufficient validation of file extensions during the upload process in UeditorController.php. This flaw allows an attacker to execute arbitrary code via uploaded malicious files...

Range-Based Loop Execution

vyper is vulnerable to Range-Based Loop Execution. The vulnerability is due to incorrect assertion handling in the code generation of the range statement stmt.parseForrange within file stmt.py, which allows attackers to manipulate loop parameters...

Arbitrary Command Execution

less is vulnerable to Arbitrary Command Execution.The vulnerability is due to the omission of shellquote calls for LESSCLOSE in the closealtfile function within the filename.c file of the less command-line utility, allows attackers to execute arbitrary commands...

Sensitive Information Into Log File

jberet-core is vulnerable to Insertion of Sensitive Information into Log File. The vulnerability is due to missing data masking during logging via the getConnection method within JdbcRepository.java. It occurs when error messages include sensitive information, such as database connection properti...

Denial Of Service (DoS)

io.quarkus.resteasy.reactive:resteasy-reactive is vulnerable to Denial Of Service. The vulnerability is due to security checks for certain JAX-RS endpoints being performed after serialization, causing increased processing resources to be consumed during HTTP request checks. Attackers with knowled...

Improper Restriction Of Excessive Authentication Attempts

github.com/zitadel/zitadel/ is vulnerable to Improper Restriction of Excessive Authentication Attempts. The vulnerability is due to the absence of a mechanism to restrict failed TOTP authentication attempts...

Improper Input Validation

vyper is vulnerable to Improper Input Validation. The vulnerability is caused by improper handling of memory or storage arguments in the rawlog builtin, which results in incorrect values being logged when these arguments are used as topics...

Arbitrary Code Execution

Flatpak is vulnerable to Arbitrary Code Execution. The vulnerability is due to improper handling of the --command argument to the portal interface org.freedesktop.portal.Background.RequestBackground from within a Flatpak app, which allows malicious or compromised Flatpak apps to pass bwrap...

OS Command Execution

less is vulnerable to OS command execution. The vulnerability is due to mishandling of quoting in the filename.c file within the less command-line utility, allowing attackers to execute arbitrary commands via a newline character in the name of a file...

Denial Of Service (DoS)

Bouncy Castle is vulnerable to an infinite loop. The vulnerability is due to insufficient verification of signatures and public keys during Ed25519 verification, allowing attackers to trigger a denial of service DoS due to the infinite loop...

Observable Discrepancy

Bouncy Castle is vulnerable to Observable Discrepancy. The vulnerability is due to improper handling of exceptions in RSA-based handshakes. An attacker can exploit the timing differences observed during these exceptions to reveal sensitive information...

Denial Of Service (DoS)

Bouncy Castle is vulnerable to Denial of Service DoS. The vulnerability is due to improper validation of F2m parameters, allowing an attacker to craft a certificate that causes high CPU usage during the evaluation of the curve parameters...

Buffer Overflow

libfrr.so is vulnerable to Buffer Overflow. The vulnerability is due to inadequate validation of lengths in Segment Routing Adjacency SID subTLVs within OSPF LSA packets during the parsing process, which could result in a Denial of Service...

Improper Handling Of Case Sensitivity

social-auth-app-django is vulnerable to Improper Handling Of Case Sensitivity. The vulnerability is due to default case-insensitive collation in MySQL or MariaDB databases. This vulnerability could cause different IDs to match, resulting in Business Logic Flaws...

Out-of-bounds Read

FreeRDP is vulnerable to Out-of-bounds Read. The vulnerability is caused due to an incorrect calculation of the WCHAR string length during conversion to UTF-8 within redirection.c, resulting in out-of-bounds reads...

NULL Pointer Dereference

FreeRDP/FreeRDP is vulnerable to NULL Pointer Dereference. The vulnerability is caused due to a missing check for NULL pointers before accessing the domain or username fields in the info structure...

Denial Of Service (DoS)

FreeRDP is vulnerable to Denial of Service DoS. The vulnerability is due to allocating an size, which can cause the FreeRDP client to crash when connected to a malicious server...

Privilege Escalation

github.com/kubevirt/kubevirt/ is vulnerable to Privilege Escalation. This vulnerability arises due to insufficient access controls, enabling an attacker to assume the privileges of the VM process on the host system. Consequently, attackers could potentially read and modify any file on the system...

Improper Access Control

github.com/ipfs/kubo/ is vulnerable to Improper Access Control. The vulnerability is due to the ability of an attacker to generate ephemeral identities, allowing them to exploit the IPFS connection management reputation system. This enables the attacker to poison other nodes' routing tables,...

Privilege Escalation

github.com/rancher/rancher/ is vulnerable to Privilege Escalation. The vulnerability is due to the handling of "Impersonate-User" or "Impersonate-Group" headers, allowing malicious users to access unauthorized information...

Improper Access Control

github.com/rancher/rancher is vulnerable to Improper Access Control. The vulnerability is due to the API proxy not dropping the impersonation header before sending the request to the Kubernetes API, allowing an authenticated user to impersonate any user on a cluster...

Incorrect Permission Assignment

github.com/rancher/rancher is vulnerable to Incorrect Permission Assignment. The vulnerability is due to a flaw where users were granted access to resources regardless of the resource's API group, leading to unauthorized access and modification capabilities across various resources...

Remote Code Execution

pyloadng is vulnerable to remote code execution RCE. The vulnerability is due to improper file path handling and template rendering, allowing an authenticated user to upload and execute a crafted template file...

Out-of-bounds Read

FreeRDP is vulnerable to Out-of-bounds Read. The vulnerability is caused due to inadequate bounds checking when reading data from a buffer.This allows an attacker to access or manipulate data outside its intended range, potentially leading to unauthorized information disclosure...

Improper Access Control

github.com/rancher/rancher is vulnerable to Improper Access Control. The vulnerability is due to incomplete cleanup of access bindings, specifically when a Project Role linked to a group is removed from a project, which fails to delete the bindings granting access to cluster scoped resources...

SQL Injection

umbraco is vulnerable to SQL injection. The vulnerability is due to insufficient input validation in API endpoint handling, that allows attackers to inject SQL code through modified requests...

Open Redirect

cg is vulnerable to Open Redirect. The vulnerability is due to insufficient validation of the referrer header under certain conditions, allowing attackers to manipulate it and potentially redirect users to malicious websites, phishing pages, or other dangerous destinations...

Command Injection

renovate is vulnerable to Command Injection. The vulnerability arises from insufficient input validation, enabling attackers to exploit the helmv3 registryAliases feature...