38191 matches found
Cross-Site Scripting (XSS)
tecnickcom/tcpdf is vulnerable to Cross-Site Scripting. The vulnerability is due to insecure processing of HTML content inside PDF documents, which could result in Cross-Site Scripting...
Firewall Bypass
github.com/edgelesssys/constellation is vulnerable to Firewall Bypass. The vulnerability is due to the world configuration which does not prevent unauthorized access to entities inside the cloud VPC to directly reach pods using their internal IP addresses...
Remote Code Execution
microsoft.windowsdesktop.app.runtime is vulnerable to Remote Code Execution. The vulnerability is due to improper memory management resulting in a use-after-free condition, which allows attackers to execute arbitrary code by convincing a user to open a specially crafted file or application...
Path Traversal
pgAdmin is vulnerable to unauthorized file uploads. The vulnerability is due to insufficient access control, allowing an authenticated attacker to upload files to any location the operating system permits...
Integer Overflow
GTKWave is vulnerable to Integer Overflow. The vulnerability is due to integer overflow when allocating the lsb array, which can be exploited by opening a specially crafted .lxt2 file, potentially leading to arbitrary code execution...
Use After Free
GTKWave is vulnerable to multiple use-after-free in the VCD getvartoken realloc functionality. The vulnerability is due to improper handling of memory deallocation, specifically when triggered via the GUI's legacy VCD parsing code, which can be exploited by opening a specially crafted .vcd file,...
Use-After-Free
gtkwave is vulnerable to Use-After-Free. The vulnerability is due to improper memory management in the VCD getvartoken realloc functionality via the vcd2lxt conversion utility, allowing a specially crafted .vcd file to trigger arbitrary code execution...
Use-After-Free
gtkwave is vulnerable to Use-After-Free. The vulnerability is due to improper memory management in the VCD getvartoken realloc functionality via the vcd2lxt2 conversion utility, allowing an attacker to execute arbitrary code by crafting a malicious .vcd file...
Use-After-Free
gtkwave is vulnerable to Use-After-Free. The vulnerability is due to improper handling of memory reallocation in the VCD getvartoken function when triggered via the vcd2vzt conversion utility. It allows a specially crafted .vcd file can lead to arbitrary code execution...
Use-After-Free
gtkwave is vulnerable to Use-After-Free. The vulnerability is due to improper handling of memory reallocation in the VCD getvartoken function when triggered via the GUI's interactive VCD parsing code. It allows a specially crafted .vcd file can lead to arbitrary code execution...
Regular Expression Denial Of Service (ReDoS)
pydantic is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to a regex with inefficient complexity in networks.py, which allows an attacker to cause excessive computation time via a crafted email string...
Use After Free
SixLabors.ImageSharp is vulnerable to Use After Free. The vulnerability is due to improper input validation within the JPEG and TGA decoders, which allows an attacker to craft malicious image files that could result in Information Disclosure during the conversion process...
Out-of-Bounds-Read
gtkwave is vulnerable to Out-of-Bounds-Read. The vulnerability is due to improper handling of memory reallocation in the VCD var definition section functionality via the vcd2lxt conversion utility. It allows a specially crafted .vcd file can lead to arbitrary code execution...
Out-of-bounds Write
gtkwave is vulnerable to Out-of-bounds Write. The vulnerability is due to improper handling of memory reallocation in the VCD parsevaluechange portdump functionality via the GUI's interactive VCD parsing code, allows specially crafted .vcd file can lead to arbitrary code execution...
Out-of-bounds Write
gtkwave is vulnerable to Out-of-bounds Write. The vulnerability is due to insufficient bounds checking in the in the VCD parsevaluechange portdump functionality via the GUI's legacy VCD parsing code, allows specially crafted .vcd file can lead to arbitrary code execution...
Out-of-bounds Write
gtkwave is vulnerable to Out-of-bounds Write. The vulnerability is due to inadequate bounds checking within its VCD parsevaluechange portdump functionality by the vcd2lxt2 conversion utility. It allows a Crafting a specially designed .vcd file can result in arbitrary code execution...
Out-of-bounds Write
gtkwave is vulnerable to Out-of-bounds Write. The vulnerability is due to insufficient bounds checking within its VCD parsevaluechange portdump functionality via the vcd2vzt conversion utility. It allows a Crafting a specially designed .vcd file can result in arbitrary code execution...
Out-of-bounds Write
gtkwave is vulnerable to Out-of-bounds Write. The vulnerability is due to insufficient bounds checking within its VCD parsevaluechange portdump functionality via the vcd2lxt conversion utility. It allows a Crafting a specially designed .vcd file can result in arbitrary code execution...
Out-of-Bounds-Read
gtkwave is vulnerable to Out-of-Bounds-Read. The vulnerability is due to inadequate bounds checking within its VCD var definition section functionality via the GUI's default VCD parsing code. It allows a Crafting a specially designed .vcd file can result in arbitrary code execution...
Out-of-Bounds-Read
gtkwave is vulnerable to Out-of-Bounds-Read. The vulnerability is due to inadequate bounds checking within its VCD var definition section functionality via the vcd2lxt2 conversion utility. It allows a Crafting a specially designed .vcd file can result in arbitrary code execution...
Out-of-Bounds-Read
gtkwave is vulnerable to Out-of-bounds Write. The vulnerability is due to inadequate bounds checking within its VCD var definition section functionality via the vcd2vzt conversion utility. It allows a Crafting a specially designed .vcd file can result in arbitrary code execution...
Out-of-Bounds-Read
gtkwave is vulnerable to Out-of-bounds Write. The vulnerability is due to inadequate bounds checking within its VCD var definition section functionality via the GUI's interactive VCD parsing code. It allows a Crafting a specially designed .vcd file can result in arbitrary code execution...
Out-of-Bounds-Read
gtkwave is vulnerable to Out-of-bounds Write. The vulnerability is due to inadequate bounds checking within its VCD var definition section functionality via the GUI's legacy VCD parsing code. It allows a Crafting a specially designed .vcd file can result in arbitrary code execution...
Denial Of Service (DoS)
Traefik is vulnerable to a Denial Of Service DoS. The vulnerability is due improper input validation when managing requests with a Content-length and no body. An attacker can send a GET request to any Traefik endpoint with the Content-length request header which results in an indefinite hang due ...
Server-Side Request Forgery (SSRF)
mautic/core is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to a flaw in the Asset section, an authenticated user could read system files and access the internal addresses of the application...
Deserialization Of Untrusted Data
timber/timber is vulnerable to Deserialization of Untrusted Data. The vulnerability due to a lack of input validation before passing it into the fileexists function. An attacker can execute arbitrary code by uploading files of any type to the server which then gets passed in the phar:// protocol ...
Sensitive Information Disclosure
OpenTelemetry.Instrumentation.AspNetCore and OpenTelemetry.Instrumentation.Http are vulnerable to Sensitive Information Disclosure. The vulnerability is due to the url.full attribute/tag on spans Activity writing the raw query string to logs, which can potentially expose sensitive data such as En...
Sensitive Information Disclosure
Azure.Identity is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper validation of user-supplied input, allowing an attacker to access sensitive information...
Sensitive Information Disclosure
mautic/core is vulnerable to Sensitive Information Disclosure. The vulnerability is due to inadequate user permission settings. An attacker can access areas of the application that they should be prevented from accessing by exploiting these settings. This could potentially lead to the access of...
Denial Of Service (DoS)
eventlet and dnspython are vulnerable to Denial Of Service DoS. The vulnerability is due to a lack of enforcing the preferred behavior of waiting for a valid packet during DNS name resolution, allowing remote attackers to interfere with the resolution process by quickly sending an invalid packet...
Denial Of Service (DoS)
idna is vulnerable to Denial Of Service. The vulnerability is due to a specially crafted argument to the idna.encode function, which could consume significant resources...
Remote Code Execution (RCE)
magnum is vulnerable to Remote Code Execution RCE. The vulnerability is due to a race condition bug within certmanager.py, which allows a remote attacker to execute arbitrary code...
Local File Inclusion (LFI)
nicegui is vulnerable to Local File Inclusion. The vulnerability is due to improper handling of resource file requests under the /nicegui/version/resources/key/path:path route, allowing attackers with access to the NiceUI leaflet website to read any file on the backend filesystem accessible to th...
Insufficient Verification Of Data Authenticity
org.wildfly.security:wildfly-elytron-http-oidc is vulnerable to Insufficient Verification of Data Authenticity. The vulnerability is due to the session token caching logic when an OIDC app serving multiple tenants accesses a new tenant with a different OIDC configuration. This flaw occurs in...
Cross-Site Scripting (XSS)
mautic/core is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient sanitization of user inputs in the description fields. This can potentially lead an attacker getting elevated access to the system...
Code Injection
org.apache.zeppelin,zeppelin is vulnerable to Code Injection. The vulnerability is due to the use of the Shell interpreter as a code generation gateway, allowing attackers to execute generated code...
Denial Of Service (DOS)
github.com/sigstore/cosign is vulnerable to a Denial of Service DoS. The vulnerability is due to allocating excessive memory when creating slices based on the number of signatures, manifests, or attestations in untrusted artifacts. This flaw allows an attacker to trigger a Denial of Service via...
Denial Of Service (DoS)
github.com/sigstore/cosign is vulnerable to a Denial of Service DoS. The vulnerability is due to reading the attachment from a remote image entirely into memory without checking the size of the attachment first. This flaw allows an attacker to trigger a Denial of Service via a large crafted...
Path Traversal
mautic/core is vulnerable to Path Traversal. The vulnerability is due to inadequate input validation in the GrapesJS builder implementation within FileManagerController.php, allowing logged-in users to delete critical files outside media folders...
Cross Site Scripting (XSS)
Summernote is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper sanitization of the codeview parameter, which can result in the the execution of arbitrary JavaScript code via a crafted payload...
Improper Handling Of Exceptional Conditions
github.com/authzed/spicedb is vulnerable Improper Handling Of Exceptional Conditions. The vulnerability causes incorrect results when using a specific schema involving the same subject type multiple times in a relation. This issue leads to incorrect access control decisions when relying on...
Incorrect Access Control
Apache Kafka is vulnerable to Incorrect Access Control. The vulnerability is due to an error in ACL management during ZK to KRaft mode migration, specifically when an ACL is removed while two or more other ACLs remain associated with the same resource. This condition results in Kafka treating the...
State Manipulation Attack
github.com/evmos/evmos is vulnerable to state manipulation attacks. The vulnerability is due to an inconsistency between the originStorage and dirtyStorage states during transaction execution, which allows for the potential minting of arbitrary tokens...
Improper Privilege Management
winter/wn-dusk-plugin is vulnerable to Improper Privilege Management. The vulnerability is due to the exposure of a route URL/dusk/login/USER ID/MANAGER that allows unauthenticated access to user accounts in Winter CMS instances with the Dusk plugin installed and configured improperly...
Sensitive Data Exposure
Phin is vulnerable to Sensitive Data Exposure. The vulnerability is due to improper handling of requests, which allows an attacker to expose sensitive information in specific headers during the redirection process if followredirects is enabled...
Information Disclosure
reportico-web/reportico is vulnerable to Information Disclosure. The vulnerability is due to improper handling of user input within the executemode parameter of the URL, which allows attackers obtain sensitive information...
SQL Injection
mautic/core is vulnerable to SQL Injection. The vulnerability is due to improper sanitization of user-supplied input within the Reports bundle. An attacker can retrieve and alter sensitive data, including login credentials, and depending on database permissions, manipulate file systems by injecti...
Cross-site Scripting (XSS)
github.com/tiagorlampert/chaos is vulnerable to Cross-site Scripting XSS. The vulnerability is due to the sendCommandHandler function accepting unsanitized input via the output parameter and passing it along to the DOM, which results in a payload being executed by a user sending a request to the...
Code Injection
tiagorlampert CHAOS is vulnerable to a Code Injection. The vulnerability is due to the BuildClient function within clientservice.go, which allows a remote attacker to execute arbitrary code...
Insufficient Session Expiration
@digitalbazaar/zcap is vulnerable to Insufficient Session Expiration. This vulnerability is due to improper validation of the expires property when invoking a capability with a chain depth of 2, allowing invocations outside the intended period...