Path Traversal

github.com/owncast/owncast is vulnerable to Path Traversal. The vulnerability is due to inadequate input validation on the emoji/delete endpoint, allowing attackers with administrative privileges to delete arbitrary files outside the intended directory...

Regular Expression Denial Of Service (ReDoS)

tecnickcom/tcpdf is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is caused due to a lack of proper validation in a regular expression used to parse colour information from HTML in the convertHTMLColorToDec function. This can lead to excessive backtracking, resulting...

Improper Handling Of Exceptional Conditions

@hono/node-server is vulnerable to Improper Handling of Exceptional Conditions. The vulnerability is caused due to improper exception handling in the newRequest function within request.ts. This function fails with ERRINVALIDURL when handling invalid Host header values, such as empty strings or...

Incorrect Check Of Function Return Value

Envoy is vulnerable to Incorrect Check of Function Return Value. The vulnerability is due to insufficient input validation, which triggers an abnormal termination of the Envoy process when handling requests with overly long longer than 255 characters host/:authority headers or alternate header...

Information Exposure

apache-airflow is vulnerable to Information Exposure. The vulnerability is due a flaw in the "configuration" UI page when "non-sensitive-only" was set as webserver.exposeconfig configuration. An attacker can exploit this vulnerability by sending a specially crafted request to see sensitive provid...

Observable Timing Discrepancy

1Panel is vulnerable to Observable Timing Discrepancy. The vulnerability is due to the use of != for comparisons of cryptographically sensitive password verification operations, rather than hmac.Equal. This can lead to timing attack vulnerability...

Sensitive Information Disclosure

Ansible Automation Platform is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper handling of private keys, where the ec2key module prints the private key directly to the standard output when creating a new keypair. This flaw allows an attacker to retrieve the ke...

Denial Of Service (DoS)

FRRouting/frr is vulnerable to Denial of Service DoS. This vulnerability occurs due to improper handling of the Prefix SID attribute in the bgpattrmalformed function within bgpattr.c, leading to a crash of the bgpd daemon...

HTTP/2 CONTINUATION Frame Processing

firefox is vulnerable to an HTTP/2 CONTINUATION frame processing vulnerability. The vulnerability is due to an absence of limits on the number of HTTP/2 CONTINUATION frames processed, allowing a server to potentially trigger an Out of Memory condition in the browser...

Denial Of Service (DoS)

libfrr.so is vulnerable to Denial of Service DoS. The vulnerability is caused when receiving a MP/GR capability as a dynamic capability due to an incorrect placement of a continue statement within a while loop that iterates over a pointer. In this case, the pointer is not incremented before the...

Denial Of Service (DoS)

libhtp.so is vulnerable to Denial Of Service DoS. The vulnerability is due to inadequate handling of malformed request traffic, leading to excessive CPU usage...

Resource To Wrong Sphere

github.com/docker/docker is vulnerable to Exposure of Resource to Wrong Sphere. The vulnerability is due to IPv6 being enabled on network interfaces, even in configurations where --ipv6=false is specified. The impact of this flaw is containers can communicate with other hosts on the local network...

Prototype Pollution

@andrei-tatar/nora-firebase-common is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of the updateState parameter in the updateStateInternal method. This allows remote attackers to execute malicious scripts, resulting in Arbitrary Code Execution...

Cross Site Scripting(XSS)

aiohttp is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to the web.static..., showindex=True function, allowing an attacker with the ability to upload arbitrary filenames to the static file directory to perform Cross Site Scripting due to improper filename santization. Uses wh...

Heap Buffer Overflow

torch is vulnerable to a Heap Buffer Overflow. The vulnerability is due to improper size checks in the tupleConstruct function within varargfunctions.cpp, allowing attackers to cause a Denial of Service DoS...

JIT (Just-In-Time) Crash

firefox is vulnerable to JIT Just-In-Time crash. The vulnerability is due to a flaw in the JIT compiler, allowing attackers to crash the browser by mutating specific JavaScript objects during tracing...

Integer Overflow

firefox-esr is vulnerable to Integer Overflow. The vulnerability is due to insufficient input validation, allowing a malformed OpenType font to trigger integer overflows on 32-bit versions and resulting in an out-of-bounds read...

Use-After-Free

firefox is vulnerable to Use-After-Free. The vulnerability is due to occurrence of garbage collection during the creation of an array in Mozilla Firefox's WebAssembly WASM execution process, potentially leading to a use-after-free condition...

Use-After-Free

firefox is vulnerable to Use-After-Free. The vulnerability is due to the JIT creating incorrect code for arguments, leading to potential use-after-free crashes when garbage collection occurs in certain cases...

Out-of-Bounds-Read

firefox is vulnerable to Out-of-Bounds-Read. The vulnerability is due to incorrect optimization of switch statements by the JIT Just-In-Time compiler. It results in code with out-of-bounds-reads in certain code patterns involving switch statements...

Out-of-Bounds-Read

firefox is vulnerable to Out-of-Bounds-Read. The vulnerability is due to the incorrect optimization of MSubstr operations by the JIT Just-In-Time, leading to out-of-bounds reads in certain cases where MSubstr operations are incorrectly optimized...

Incorrect Return Value

firefox is vulnerable to Incorrect Return Value . The vulnerability is due to the incorrect handling of JIT optimizations, allows for the incorrect return of object versions by the GetBoundName function...

Use-After-Free

Firefox vulnerable to a use-after-free vulnerability. The vulnerability is due to improper handling where a use-after-free could occur if a JavaScript realm was being initialized when garbage collection started...

Memory Safety Bug

Firefox is vulnerable to memory safety bugs. The vulnerability is due to memory corruption, with evidence indicating potential exploitation to execute arbitrary code...

Memory Safety Bug

Firefox and Thunderbird are vulnerable to a Memory Safety Bug. The vulnerability is due to memory corruption, with evidence indicating potential exploitation to execute arbitrary code...

Use-After-Free

Firefox and Thunderbird are vulnerable to a use-after-free vulnerability. The vulnerability is due to incorrect reference counting, where assigning an AlignedBuffer to itself can lead to an incorrect reference count and subsequent use-after-free...

Memory Access Issue

Firefox is vulnerable to a memory access issue. The vulnerability is due to accessing uninitialized memory when the MarkStack assignment operator, part of the JavaScript engine, is used in a self-assignment...

Denial Of Service (DoS)

firefox is vulnerable to Denial of Service DoS. The vulnerability is due to an empty shape list caused by memory exhaustion, leading to a crash if the JIT traces the object...

Privilege Escalation

virtualBox is vulnerable to Privilege Escalation. The vulnerability is due to inadequate access controls to Oracle VM VirtualBox product of Oracle Virtualization, allowing a high privileged attacker with login credentials to compromise Oracle VM VirtualBox installations...

Unauthorized Access

virtualBox is vulnerable to Unauthorized Access. The vulnerability is due to inadequate access controls to the Oracle VM VirtualBox product of Oracle Virtualization, allowing a low-privileged attacker with login credentials to compromise Oracle VM VirtualBox...

Denial Of Service (DoS)

virtualBox is vulnerable to Denial of Service DOS.The vulnerability is due to insufficient input validation in VM VirtualBox product of Oracle Virtualization , allowing a low privileged attacker with login access to compromise Oracle VM VirtualBox installations...

Privilege Escalation

virtualBox is vulnerable to Privilege Escalation. The vulnerability is due to inadequate access controls to Oracle VM VirtualBox product of Oracle Virtualization, allowing a low-privileged attacker with login credentials to compromise installations of Oracle VM VirtualBox...

Privilege Escalation

virtualBox is vulnerable to Privilege Escalation. The vulnerability is due to insufficient security controls in Oracle VM VirtualBox affects Linux hosts and stems from a flaw in the Core component, allows a low-privileged attacker with login credentials to compromise Oracle VM VirtualBox...

Privilege Escalation

virtualbox is vulnerable to Privilege Escalation. The vulnerability is due to insufficient access controls in Oracle VM VirtualBox product of Oracle Virtualization, allowing a low-privileged attacker with login credentials to compromise Oracle VM VirtualBox installations...

Privilege Escalation

virtualBox is vulnerable to Privilege Escalation. The vulnerability is due to inadequate access controls in Oracle VM VirtualBox product of Oracle Virtualization, allowing a low-privileged attacker with login credentials to compromise Oracle VM VirtualBox installations...

Privilege Escalation

virtualBox is vulnerable to Privilege Escalation. The vulnerability is due to insufficient access controls in the Oracle VM VirtualBox product of Oracle Virtualization, allowing a low-privileged attacker with login credentials to compromise Oracle VM VirtualBox installations...

Privilege Escalation

virtualBox is vulnerable to Privilege Escalation. The vulnerability is due to insufficient access controls in the Oracle VM VirtualBox product of Oracle Virtualization, allowing a low-privileged attacker with login credentials to compromise Oracle VM VirtualBox installations...

Privilege Escalation

virtualBox is vulnerable to Privilege Escalation. The vulnerability is due to inadequate access controls in the Oracle VM VirtualBox product of Oracle Virtualization, allowing a low-privileged attacker with login credentials to compromise Oracle VM VirtualBox installations...

Privilege Escalation

virtualBox is vulnerable to Privilege Escalation. The vulnerability is due to inadequate access controls in the Oracle VM VirtualBox product of Oracle Virtualization, allowing a low-privileged attacker with login credentials to compromise Oracle VM VirtualBox installations...

Cross-site Scripting (XSS)

geonode is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization within the rich text editor, which allows an attacker to retrieve a victims CSRF token and issue a request to change another user's email address to perform a full account takeover...

Cross-site Scripting (XSS)

keycloak is vulnerable to Cross-site Scripting XSS. The vulnerability is due to allowing arbitrary URLs, including JavaScript URIs javascript:, as SAML Assertion Consumer Service POST Binding URL ACS. Allowing JavaScript URIs in combination with HTML forms results in Cross-site Scripting in the...

Authorization Bypass

keycloak is vulnerable to Authorization Bypass. The vulnerability is due to a hardcoded permissive regular expression which is used to filtering allowed hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with specific...

Denial Of Service

@solana/web3.js is vulnerable to Denial Of Service. The vulnerability is due improperly handling of particular inputs, which can cause memory exhaustion, leading to application crash and loss of availability...

Server-side Request Forgery (SSRF)

gradio is vulnerable to Server-side Request Forgery SSRF. The vulnerability is due to improper handling of the 'file' parameter in a GET request, enabling attackers to scan and identify open ports within an internal network by observing responses for 'Location' headers or 'File not allowed' error...

Code Injection

keras is vulnerable to Code Injection. The vulnerability is due to improper model sanitization through the Lambda layer, allowing an attacker to inject arbitrary Python code into a model via a lambda function. If an unsuspecting developer then loads this model, arbitrary code execution occurs...

Cross Site Scripting (XSS)

@excalidraw/excalidraw is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper sanitization against HTML injection in two vectors: rendering untrusted strings as iframe's srcdoc and attribute HTML injection in conjunction with allowing the allow-same-origin sandbox flag...

Session Hijacking

org.keycloak:keycloak-services is vulnerable to Session Hijacking. This vulnerability is due to an issue where an active Keycloak session can be hijacked by initiating a new authentication using the query parameter prompt=login, prompting the user to enter their credentials again. If the user...

Buffer Overflow

libfrr.so is vulnerable to Buffer Overflow. The vulnerability is due to inadequate validation of the size of Segment Routing subTLVs in ospfteparseri function within ospfte.c. An attacker can trigger this vulnerability by crafting OSPF LSA packets with maliciously crafted Segment Routing subTLVs...

Session Hijacking

dolibarr/dolibarr is vulnerable to Session Hijacking. The vulnerability is due to inadequate user session management, allowing authenticated attackers to hijack victim users' session cookies and gain access to the CSRF protection tokens through interaction with a malicious web page, consequently...

Improper Logs Output Neutralization

org.keycloak:keycloak-services is vulnerable to Improper Logs Output Neutralization . The vulnerability is due to errors in the browser client setup/auth process with "Security Key login" WebAuthn, which are written into the form, sent to Keycloak, and are logged without proper escaping, which...