Stack Overflow

XPDF is vulnerable to a Stack Overflow in the Catalog::readPageLabelTree2Object function. The vulnerability is due to attackers causing a Denial of Service DoS via a crafted PDF file...

Improper Input Validation

Apache is vulnerable to Improper Input Validation. The vulnerability is caused due to inadequate input validation, which can be exploited by attackers to manipulate HTTP responses...

Integer Overflow

FreeRDP is vulnerable to an Integer Overflow in freerdpbitmapplanarcontextreset, leading to a heap-buffer overflow. The vulnerability is due to a malicious server preparing a RDPGFXRESETGRAPHICSPDU to allocate too small buffers, potentially triggering later out-of-bounds read/write...

Stack Overflow

XPDF is vulnerable to a Stack Overflow via the function FileStream::copy at xpdf/Stream.cc:795...

Denial Of Service (DoS)

OpenSSL is vulnerable to Denial of Service DoS. The vulnerability is caused by incorrect handling of TLSv1.3 sessions when certain non-default server configurations are used without proper anti-replay protection, causing the session cache to grow unbounded and potentially leading to a Denial of...

Integer Overflow

Xpdf is vulnerable to an integer overflow in JPXStream.cc...

Memory Exhaustion

nghttp2 is vulnerable to a memory exhaustion issue. The vulnerability is due to temporary buffering of HTTP/2 incoming headers exceeding the limit, which is intended to generate an informative HTTP 413 response. However, if a client continues to send headers without stopping, it leads to memory...

Stack Overflow

XPDF is vulnerable to a stack overflow via the Object::Copy class in object.cc files...

Deadlock

Xpdf is vulnerable to a deadlock when encountering a PDF object stream where the "Length" field is contained within another object stream...

Integer Overflow

Xpdf is vulnerable to an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc, allowing crafted PDF files or JBIG2 images to crash or execute arbitrary code...

Unrestricted File Upload

perl-http-body is vulnerable to Unrestricted File Upload. The vulnerability is due to improper handling of the uploaded file's name, where the suffix of a temporary file is derived from the part of the name after the first "." character, potentially allowing remote attackers to exploit subsequent...

Use-After-Free

Xpdf is vulnerable to a use-after-free issue in JBIG2Stream::close located in JBIG2Stream.cc in Xpdf 4.04. The vulnerability is due to a use-after-free issue in the mentioned function. It can be triggered by sending a crafted PDF file to for example the pdfimages binary. This vulnerability allows...

Denial Of Service (DoS)

linux-pam is vulnerable to a denial of service. The vulnerability is due to attackers being able to cause a blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...

Crash Issue

Xpdf is vulnerable to a crash issue. The vulnerability is due to a crash in the gfseekIOFILE, long, int function in goo/gfile.cc...

Crash Issue

Xpdf is vulnerable to a crash issue. The vulnerability is due to a crash in the XRef::fetchint, int, Object, int function in xpdf/XRef.cc...

Stack Overflow

XPDF is vulnerable to a stack overflow. The vulnerability is due to a stack overflow via the function Catalog::countPageTree in Catalog.cc...

Denial Of Service (DoS)

Wireshark is vulnerable to a Denial of Service. The vulnerability is due to a T.38 dissector crash in versions 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13, which allows denial of service via packet injection or crafted capture file...

Out-Of-Bounds Read

libgig.so is vulnerable to Out-Of-Bounds Read. The vulnerability is caused by gig::Region::UpdateChunks function in gig.cpp, which results in an out-of-bounds read...

XML External Entity Injection

org.apache.zeppelin: sap is vulnerable to XML External Entity Injection. This vulnerability is due to a lack of proper XML validation...

Cross Site Request Forgery (CSRF)

org.apache.zeppelin: zeppelin-web is vulnerable to Cross Site Request Forgery CSRF. The vulnerability is due to inadequate validation of requests, which allows an attacker to submit malicious requests via phishing...

Timing Based Side-Channel Attack

Libgcrypt is vulnerable to a timing-based side-channel attack. The vulnerability is due to the handling of RSA decryption, which may allow a remote attacker to initiate a Bleichenbacher-style attack and decrypt arbitrary RSA ciphertexts...

Session Fixation

contao/core-bundle is vulnerable to Session Fixation. The vulnerability is due to a flaw in the personal data and password lost modules. allowing compromised accounts to retain access even after password changes...

Path Traversal

gin-vue-admin is vulnerable to Path Traversal. The vulnerability is due to improper validation for PlugName field within a struct, which allows an attacker to perform directory traversal by manipulating the plugName parameter in the Plugin System - Plugin Template feature...

File Upload Injection

contao/core-bundle is vulnerable to File Upload Injection. The vulnerability is due to inadequate sanitization of filenames during the upload process, which allows users to inject malicious code in filenames, leading to code execution in tooltips and popups in the back end...

Out Of Bounds Exception

Apfloat is vulnerable to Out of Bounds Exception. The vulnerability is due to missing validation in the DoubleCRTMath::adddouble, double method, which returns an ArrayIndexOutOfBoundsException if either of the two array arguments are of size 3 or less...

NULL Pointer Dereference

ThreeTen Backport is vulnerable to NULL Pointer Dereference. The vulnerability is due to missing null value checks in the org.threeten.bp.LocalDate::compareToChronoLocalDate method, resulting in a NullPointerException if an attacker can pass a null value to the method...

Authentication Bypass

Apache Zeppelin is vulnerable to an Authentication Bypass. The vulnerability is due to the ability to replace existing notes, which can result in authentication bypass via spoofing...

NULL Pointer Dereference

org.apfloat: apfloat is vulnerable to NULL Pointer Dereference. The vulnerability is caused due to a lack of input validation in the org.apfloat.internal.DoubleCRTMath::add method. An attacker can exploit this vulnerability by passing a null value as an argument, resulting in a Denial of ServiceD...

Tag Injection

contao/core-bundle is vulnerable to Tag Injection. The vulnerability is due to insufficient validation within SimpleTokenParser.php, allowing malicious users to inject tags via the form generator in frontend forms if the output is structured in a specific way...

CSS Injection

contao/comments-bundle is vulnerable to CSS Injection. The vulnerability is due to insufficient input validation and sanitization within the BBCode parsing mechanism in Comments.php, allowing attackers to inject CSS styles via comments...

Denial Of Service (DoS)

OpenEXR is vulnerable to a Denial of Service DoS.The vulnerability is due to improper input validation within the convert function in exrmultipart.cpp, which results in Denial of Service if an attacker can pass a crafted input to the function...

Exposure Of Resource To Wrong Sphere

dirac is vulnerable to Exposure of Resource to Wrong Sphere. The vulnerability is due to the proxy generation process in ProxyFile.py, which allows unauthorized users on the same machine to read the proxy file allowing them to perform any action possible with the original proxy...

Out Of Bounds Exception

JGraphT Core is vulnerable to an Out of Bounds Exception The vulnerability is due to missing input validation in the org.jgrapht.util.ArrayUtil::reverseint, int, int method. If the value of the parameter to is greater than the length of the array arr, an ArrayIndexOutOfBoundsException is raised...

NULL Pointer Dereference

JGraphT Core is vulnerable to NULL Pointer Dereference. The vulnerability is caused by a lack of null value validation in the org.jgrapht.alg.util.ToleranceDoubleComparator::compareDouble, Double method, which results in a NullPointerException if an attacker can pass a null value to one of the...

Cookie Header Leakage

contao/core-bundle is vulnerable to Cookie Header Leakage. The vulnerability is due to a flaw in the implementation of the HTTP client options being applied to all requests, including those to external URLs. It allows attackers to potentially access sensitive cookie data from protected pages...

Denial Of Service (DoS)

org.apache.zeppelin:zeppelin-server is vulnerable to Improper Input Validation. The vulnerability is due to insufficient note path validation, which allows an attacker to cause Denial of Service...

Buffer Overflow

org.apfloat:apfloat is vulnerable to Stack-based Buffer Overflow. The vulnerability is due to improper input validation within the org.apfloat.internal.DoubleModMath::modPow method, which can result in Denial of Service if an attacker can input arbitrary values to the method...

NULL Pointer Exception

org.jfree: jfreechart is vulnerable to a NULL Pointer Exception. The vulnerability is due to missing null value checks in the chart.annotations.CategoryLineAnnotation class, which results in Denial of Service if a null value is passed to one of the plot parameter methods...

Denial Of Service (DOS)

libslang.so is vulnerable to Denial of Service. The vulnerability is due to an uncaught exception caused by parsing a corrupted terminfo file, which results in an application crash...

Segmentation Fault

libslang.so is vulnerable to a segmentation fault. The vulnerability is due to improper handling of a corrupted terminfo file within the fixuptgetstr function, which results in Denial of Service...

Path Traversal

org.apache.zeppelin: zeppelin-server is vulnerable to Path Traversal. The vulnerability is due to improper sanitization of user-supplied input, allowing attackers to use relative paths e.g., ".." to access files on the server's filesystem that the server account has permissions to access...

Integer Overflow

ThreeTen backport is vulnerable to integer overflow. The vulnerability is due to missing string validation in the org.threeten.bp.format.DateTimeFormatter::parseCharSequence, ParsePosition method, which returns a StringIndexOutOfBoundsException if the CharSequence is empty...

Denial Of Service (DoS)

libmojolicious-perl is vulnerable to Denial Of Service DoS. The vulnerability due to a flaw in format detection within the mojolicious module, allowing attackers to cause a denial of service condition...

Information Disclosure

WordPress Core is vulnerable to Sensitive Information Exposure. The vulnerability is due the redirectguess404permalink function, which can allow unauthenticated attackers to expose the slug of a custom post whose 'publiclyqueryable' post status has been set to 'false'...

Remote Code Execution (RCE)

com.xuxueli:xxl-job-core is vulnerable to Template Injection. The vulnerability is due a lack of sanitization in the deserialize method within com/xxl/job/core/util/JdkSerializeTool.java. This allows an attacker to provide a manipulated byte array containing a malicious object for deserialization...

Insufficient Session Expiration

Shopware is vulnerable to Insufficient Session Expiration. The vulnerability is caused due to improper session management within LogoutRoute.php, specifically in the handling of authenticated logout requests to the /store-api/account/logout POST endpoint. This leads to the cart being cleared...

Denial Of Service (DOS)

Ryu is vulnerable to a denial of service. This vulnerability is due to an infinite loop triggered by the processing of a OFPMatch in parser.py, enabling remote attackers to induce a crash of the application...

DNS Rebinding

github.com/ollama/ollama is vulnerable to DNS rebinding. The vulnerability is due to ollama inadvertently allowing remote access to the full API, thereby letting an unauthorized user chat with a large language model, delete a model, or cause a denial of service...

Regular Expression Denial Of Service (ReDoS)

xlsx is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to a regex with inefficient complexity that can be exploited by specially crafted inputs to cause excessive consumption of resources...

Path Traversal

github.com/mholt/archiver is vulnerable to Path Traversal. The vulnerability is due to improper validation of file paths within tar archives, allowing an attacker to craft a tar file that, when unpacked, can access or modify files or directories outside of the intended directory...