Escape Sequence Injection

util-linux is vulnerable to Escape Sequence Injection. The vulnerability is due to escape sequences being allowed to be sent to other users' terminals through argv, especially when util-linux is often installed with setgid tty permissions, potentially leading to account takeover scenarios...

Improper Access Control

Mattermost Server is vulnerable to Improper Access Control . The vulnerability is caused due to a lack of proper access control in the SanitizeTeam function within team.go. This allows an attacker to invite others to the team, bypassing intended access controls and permissions...

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is due to a flaw that allows an attacker in a channel with an active call to remain in the call even after being removed from the channel...

Remote Code Execution

maildev is vulnerable to Remote Code Execution. The vulnerability is due to insufficient input validation and sanitization of crafted Content-ID header for an e-mail attachment, resulting in lib/mailserver.js writing arbitrary code into the routes.js file...

Out-of-bounds Write

GTKWave 3.3.115 is vulnerable to Out-of-bounds Write. The vulnerability is caused due to a defect in VZT LZMARead dmem extraction functionality. An attacker can execute arbitrary code by specially crafted .vzt file when the victim opens the malicious file...

Incorrect Behavior Order

github.com/cosmos/ibc-go/ is vulnerable to Incorrect Behavior Order. The vulnerability is due to the ability of an attacker to execute the same MsgTimeout inside the IBC hook for the OnTimeout callback before the packet commitment is deleted...

Exposure Of Resource To Wrong Sphere

github.com/hashicorp/nomad is vulnerable to Exposure Of Resource To Wrong Sphere. The vulnerability is due to the API caller’s ACL token secret ID getting exposed to Sentinel policies...

Arbitrary File Read

github.com/canonical/pebble is vulnerable to a Arbitrary File Read. The vulnerability is due to the read-file API and the associated pebble pull command, allowing unprivileged local users to access files with root-equivalent permissions when Pebble is operating as root...

Cross-Site Request Forgery (CSRF)

github.com/AlexxIT/go2rtc is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to the /api/config endpoint which lacks validation for user-supplied input, allowing an attacker to gain unauthorized access and execute arbitrary commands...

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is due to the failure in authenticating the source of certain types of post actions. An attacker can create posts as other users by crafting a specific post action...

File Integrity Manipulation

psitransfer is vulnerable to File integrity Manipulation. The vulnerability is due to the lack of proper access controls or restrictions on the endpoint designed for uploading files, allowing an attacker with the file distribution ID to alter the files within that distribution...

Intent Redirection

@kyivstarteam/react-native-sms-user-consent is vulnerable to Intent Redirection vulnerability. The vulnerability is due to improper export of android application components due to a flaw in the registerReceiver function...

Denial Of Service (DoS)

Envoy is vulnerable to Denial of Service DoS. The vulnerability is due to allowing an unlimited number of CONTINUATION frames to be sent by the peer, even after exceeding Envoy's header map limits. Attackers can exploit this by sending a sequence of CONTINUATION frames without the ENDHEADERS bit...

SQL Injection

Centreon is vulnerable to SQL Injection. The vulnerability is due to improper validation of user-supplied strings before using them to construct SQL queries, specifically within the updateDirectory function. An attacker can leverage this vulnerability to execute code in the context of the service...

SQL Injection

Centreon is vulnerable to SQL Injection. The vulnerability is due to improper validation of user-supplied strings before using them to construct SQL queries, specifically within the updateLCARelation function. An attacker can leverage this vulnerability to execute code in the context of the servi...

Improper Authorization

github.com/hashicorp/nomad is vulnerable to Improper Authorization. The vulnerability is due to a lack of proper access controls in the search HTTP API, allowing unauthenticated users or users without the necessary policy to view the names of available CSI plugins...

SQL Injection

Centreon is vulnerable to SQL Injection. The vulnerability is due to improper validation of user-supplied strings before using them to construct SQL queries, specifically within the updateContactServiceCommands function. An attacker can leverage this vulnerability to execute code in the context o...

SQL Injection

centreon is vulnerable to SQL Injection. The vulnerability is due to improper sanitization of user-supplied strings before using them to construct SQL queries, specifically within the updateGroups function. An attacker can leverage this vulnerability to execute code in the context of the service...

Out-of-bounds Read

pymongo is vulnerable to Out-of-bounds Read. The vulnerability is due to improper validation of encoded BSON data during the deserialization process, which allows an attacker to submit a crafting payload resulting in an out-of-bounds read...

Insecure Deserialization

WordPress is vulnerable to Insecure Deserialization. The vulnerability is due to deserialization of untrusted data containing the instances of the WPHTMLToken class. This can lead to remote code execution via the destruct magic method of the class...

Remote Code Execution

WordPress is vulnerable to Remote Code Execution RCE. The vulnerability is due to a defect in the Plugins - Add New - Upload plugin functionality where uploaded file other than a zip file remains temporary available in the Media Library despite being not allowed during FTP upload when that file i...

Integer Overflow

GTKWave 3.3.115 is vulnerable to Integer Overflow. The vulnerability is caused due to a defect in the LXT2 lxt2rditerradix shift operation functionality when performing right shift operation. This can lead to memory corruption via a crafted .lxt2 file when the victim opens this malicious file...

Integer Underflow

GTKWave 3.3.115 is vulnerable to an Integer Underflow. The vulnerability is caused due to a defect in the LXT2 lxt2rditerradix shift operation functionality when performing the left shift operation. A specially crafted .lxt2 file can lead to memory corruption when the victim opens the file...

Out-of-bounds Write

gtkwave is vulnerable to Out-of-bounds Write. The vulnerability is due to out-of-bounds writes performed by the prefix copy loop in its LXT2 parsing functionality, allowing a specially-crafted .lxt2 file to trigger arbitrary code execution when opened by a victim...

Out-of-bounds Write

gtkwave is vulnerable to Out-of-bounds Write.The vulnerability is due to the out-of-bounds writes performed by the string copy loop in its LXT2 parsing functionality, allowing a specially-crafted .lxt2 file to trigger arbitrary code execution when opened by a victim...

Cleartext Transmission Of Sensitive Information

dectalk-tts is vulnerable to Cleartext Transmission of Sensitive Information 'Man-in-the-Middle'. The vulnerability is due to unencrypted HTTP traffic being sent to a third-party API. This could allows an attacker to intercept and modify traffic, leading to potential man-in-the-middle MITM attack...

Out-of-bounds Write

gtkwave is vulnerable to Out-of-bounds Write. A specially crafted .lxt2 file can exploit this vulnerability in its LXT2 numtimetableentries functionality, It allows a victim would need to open the malicious file, finally leading to arbitrary code execution...

Integer Overflow

gtkwave is vulnerable to integer overflow. The vulnerability due to a specially crafted .fst file within its FST fstReaderIterBlocks2 chaintable allocation functionality. It allows a victim must open the malicious file, with the vulnerability revolving around the allocation of the chaintable arra...

Integer Overflow

gtkwave is vulnerable to Integer Overflow. The vulnerability due to a specially crafted .fst file within the FST fstReaderIterBlocks2 chaintable allocation functionality. It allows victims would need to open the malicious file to trigger these vulnerabilities, resulting in arbitrary code executio...

Out-of-Bounds Memory Access

Google Chrome is vulnerable to an out-of-bounds memory access. The vulnerability allows a remote attacker to perform arbitrary read/write operations via a crafted HTML page...

Use-After-Free

Bookmarks in Google Chrome is vulnerable to a use-after-free vulnerability. The vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Out-of-Bounds Memory Access

Google Chrome is vulnerable to Out-of-Bounds Memory Access. The vulnerability allows a remote attacker to potentially perform out-of-bounds memory access via a crafted HTML page...

Integer Overflow

gtkwave is vulnerable to Integer Overflow. The vulnerability due to flaw with a specifically crafted .fst file in the tempsignalvaluebuf allocation functionality. It allows a victim must open the malicious file, can execute arbitrary code...

Out-of-bounds Write

gtkwave is vulnerable to Out-of-bounds Write. The vulnerability due to a specially crafted .vzt file in the LZMAreadvarint functionality. It allows Victims would need to open the malicious file to trigger the vulnerability, potentially leading to arbitrary code execution...

NULL Pointer Dereference

MiniZinc is vulnerable to a NULL pointer dereference via tiexpr in a crafted .mzn file. This vulnerability arises due to improper handling of tiexpr, allowing attackers to trigger a NULL pointer dereference by providing a specially crafted .mzn file...

Improper Array Index Validation

gtkwave is vulnerable to Improper Array Index Validation. The vulnerability due to a specially crafted .evcd file in the var len parsing functionality. It allows a victim must open the malicious file with may result in arbitrary code execution...

Heap-Based Buffer Overflow

gtkwave is vulnerable to Heap-Based Buffer Overflow. The vulnerability due to processing a specially crafted .fst file in the fstReaderIterBlocks2 fstWritex len functionality. It allows a victim must open the malicious file, can lead to memory corruption...

Heap Based Buffer Overflow

GTKWave is vulnerable to Heap Based Buffer Overflow. The vulnerability is due to improper handling of len in fstWritex when begtime does not match the start of the time table, It allows Victims are at risk of exploitation if they open a malicious file triggering these vulnerabilities, leading to...

Certificate Validation

curl is vulnerable to Certificate Validation. The vulnerability is due to a flaw in libcurl when built with wolfSSL and the error path inadvertently bypassing certificate verification when encountering unknown or bad ciphers or curves, allows for certificate verification to be skipped for QUIC...

Memory Leakage

libcurl is vulnerable to a Memory Leakage. The vulnerability is due to the improper handling of HTTP/2 server push requests, allows server push and the number of received headers exceeds the maximum limit...

Arbitrary Code Execution

emacs is vulnerable to Arbitrary Code Execution. The vulnerability is due to a lack of proper validation of user input during the activation process of Org mode in Emacs, allowing the execution of arbitrary Lisp code during the activation process...

Trust Boundary Violation

emacs is vulnerable to Trust Boundary Violation. The vulnerability is due to a flaw in the processing logic of Emacs Gnus, allows attackers to potentially exploit trust assumptions in Emacs Gnus, as it incorrectly treats inline MIME contents as trusted without appropriate validation...

Privacy Leakage

emacs is vulnerable to a Privacy Leakage. The vulnerability is due to LaTeX preview being enabled by default for email attachments, allows attackers can automatically generating LaTeX previews for email attachments, potentially disclosing sensitive information to unintended recipients...

Improper Input Validation

emacs is vulnerable to Improper Input Validation. The vulnerability is due to a flaw in the processing logic of Emacs Org mode, allows attackers to potentially exploit trust assumptions in Emacs Org mode, as it incorrectly treats the contents of remote files as trusted without appropriate...

Logic Error

curl is vulnerable to Logic Error. The vulnerability is due to an error in the logic for removing protocols when a protocol selection parameter option disables all protocols without adding any, allows attackers to potentially bypass protocol restrictions and perform requests with disabled protoco...

Improper Certificate Validation

github.com/hashicorp/vault vulnerable to Improper Certificate Validation. The vulnerability exists due to inadequate validation during the TLS certificate authentication process, specifically in handling OCSP responses when one or more OCSP sources are configured...

Header Injection

undici is vulnerable to Header Injection. The vulnerability is due to inconsistent header handling, where headers were cleared for fetch but not for undici.request, which could result in unauthorized access to sensitive information...

Server Side Request Forgery

mobsf is vulnerable to Server Side Request Forgery. The vulnerability is due to a flaw in the firebase database check logic, allowing attackers to manipulate the server to make connections to internal-only services within the organization's infrastructure when a malicious app is uploaded to the...

Denial Of Service (DoS)

github.com/nghttp2/nghttp2/ is vulnerable to Denial of Service DoS. The vulnerability is due a lack of frame count restrictions, which can result in nghttp2 reading an unbounded number of HTTP/2 CONTINUATION frames even after the stream is reset to keep HPACK context in sync. An attacker can...

Denial Of Service (DoS)

github.com/envoyproxy/envoy is vulnerable to Denial Of Service. This vulnerability is due to not resetting a request when header map limits are exceeded, allowing attackers to send a sequence of CONTINUATION frames without the ENDHEADERS bit set, leading to unlimited memory consumption and denial...