38191 matches found
Sensitive Information Disclosure
libmbedtls.so is vulnerable to Sensitive Information Disclosure. The vulnerability is due to inadequate handling of shared memory within the PSA Crypto API, potentially leading to information disclosure...
Missing Authentication
apacheairflow is vulnerable to Missing Authentication. The vulnerability due to lack of authentication enforcement on the lineage endpoint of the deprecated Experimental API, allows unauthenticated users to access the endpoint, potentially exposing metadata about a Directed Acyclic Graph DAG and...
Denial Of Service (DoS)
moodle/moodle is vulnerable to Denial of Service DoS. The vulnerability is due to insufficient file size checks in the file picker's unzip functionality. An attacker can cause a denial of service by uploading specially crafted zip files...
Information Disclosure
apacheairflow is vulnerable to a Information Disclosure. The vulnerability is due to an insecure umask configuration in numerous Airflow components when running with the --daemon flag, resulting in a race condition that results in setting files within the airflow home directory world writable...
Cross Site Scripting(XSS)
github.com/ca17/teamsacs is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input validation in the errmsg parameter, allowing remote attackers to execute arbitrary code through a crafted script...
Connection ID Exhaustion
github.com/quic-go/quic-go is vulnerable to a Connection ID exhaustion. The vulnerability is caused by an attacker manipulating of the round-trip time RTT estimate of the peer by sending a large number of NEWCONNECTIONID frames to exhaust the memory of the receiver, which allows an attacker to...
Improper Privilege Management
uvdesk/community-skeleton is vulnerable to Improper Privilege Management. This vulnerability is due to inadequate access controls, allowing unauthorized users to gain privileged access to system resources...
Cross Site Request Forgery (CSRF)
github.com/mudler/localai is vulnerable to Cross Site Request Forgery CRSF. The vulnerability is due to a lack of CSRF tokens, allowing an attacker to host malicious JavaScript on a host. When visited by a LocalAI user, this could allow the attacker to fill disk space to deny service or abuse...
Incorrect Authorization
Apache Pulsar is vulnerable to Incorrect Authorization. The vulnerability is due to improper permission checks, which allows an attacker to perform operations such as unloading topics or triggering compaction. Additionally, the vulnerability allows an authenticated user to read, create, modify, a...
Authentication Bypass
causal/oidc is vulnerable to Authentication Bypass. The vulnerability is due to improper verification of the OpenID Connect authentication state from the user lookup chain, leading to authentication of any valid frontend user with a non-empty "txoidc" field...
Cross-Site Scripting (XSS)
github.com/temporalio/ui-server is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper sanitization of signal names, allowing an attacker to inject a script that executes when a victim views the signal in the timeline page displaying the workflow execution details...
Memory Leak
vertx-core is vulnerable to a Memory Leak. The vulnerability is due to erroneous caching in the server name map for TCP servers configured with TLS and SNI support. This allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error...
Stack Based Buffer Overflow
gtkwave is vulnerable to Stack Based Buffer Overflow. The vulnerability is due to insufficient bounds checking in the fstReaderVarint32WithSkip function. Crafted .fst files, allowing attackers to execute arbitrary code execution when opened by a victim...
Stack Based Buffer Overflow
gtkwave is vulnerable to Stack Based Buffer Overflow. The vulnerability is due to insufficient bounds checking in the fstReaderVarint64 function. Crafted .fst files, allowing attackers to execute arbitrary code execution when opened by a victim...
Stack Based Buffer Overflow
gtkwave is vulnerable to Stack Based Buffer Overflow. The vulnerability is due to insufficient bounds checking in the fstReaderVarint32 function. Crafted .fst files, allowing attackers to execute arbitrary code execution when opened by a victim...
Arbitrary Write
gtkwave is vulnerable to Arbitrary Write. These vulnerabilities can be exploited via a specially crafted .vcd file, allows a victim would need to open the malicious file and potentially leading to arbitrary code execution...
Arbitrary Write
gtkwave is vulnerable to Arbitrary Write. These vulnerabilities can be exploited via a specially crafted .vcd file, allows a victim would need to open the malicious file and potentially leading to arbitrary code execution...
Arbitrary Write
gtkwave is vulnerable to Arbitrary Write. These vulnerabilities can be exploited via a specially crafted .vcd file, allows a victim would need to open the malicious file and potentially leading to arbitrary code execution...
Integer Overflow
gtkwave is vulnerable to an Integer Overflow. This vulnerability due to integer overflow via a specially crafted .fst file in the timetable tsecnitems functionality of the fstReaderIterBlocks2 module, allows a victim would need to open the malicious file...
Integer Overflow
gtkwave is vulnerable to Integer Overflow. The vulnerability is due to an integer overflow in the value elements within its LXT2 lxt2rdtrace value elements allocation functionality Crafting a specially designed .lxt2 file can allows an unsuspecting victim must open the malicious file...
Integer Overflow
gtkwave is vulnerable to an Integer Overflow. The vulnerability is due to integer overflow within its VZT longestlen value allocation functionality in the .vzt file, allows an unsuspecting victim must open the malicious file...
Cross Site Scripting (XSS)
Bonita is vulnerable to Cross Site Scripting XSS. The vulnerability is due to inadequate input validation on a UI screen within the administration panel, allowing malicious scripts to be stored and executed...
Authorization Bypass
moodle/moodle is vulnerable to Authorization Bypass. The vulnerability is due to insufficient permission checks, which allow unauthorized users to add comments to the comments block on another user's dashboard when it is not otherwise available...
Username Enumeration
IceWhaleTech/CasaOS-UserService is vulnerable to username enumeration. The vulnerability is due to improper error handling on the login page, which discloses whether a username exists based on the application's response to authentication attempts...
NULL Pointer Dereference
Libvirt is vulnerable to NULL pointer dereference. The vulnerability is caused by a race condition due to the simultaneous detachment of a host interface while collecting the list of interfaces using the virConnectListAllInterfaces API. This race condition leads to a situation where the path...
Improper Access Control
moodle/moodle is vulnerable to Improper Access Control. This vulnerability is due to a failure to honor Separate Groups mode restrictions, allowing users from different groups to be displayed. By default, this provides additional access to non-editing teachers...
NULL Pointer Dereference
xfig is vulnerable to NULL Pointer Dereference. The vulnerability is caused due to improper handling of the XGetWMHints function. The vulnerability allows an attacker to crash the application by exploiting the NULL pointer dereference condition with specially crafted input...
Improper Access Control
moodle/moodle is vulnerable to Improper Access Control. The vulnerability is caused by a failure to enforce Separate Groups mode restrictions during forum exports, resulting in exporting data for all groups...
Cross-Site Scripting (XSS)
Jenkins is vulnerable to Cross-site scripting XSS. The vulnerability is due to improper handling of workspaces and archived artifacts, allowing remote authenticated users to inject arbitrary web scripts or HTML...
Denial Of Service (DoS)
Libvirt is vulnerable to Denial of ServiceDoS. The vulnerability is due to improper handling of negative array lengths during memory allocation. If an attacker can pass a negative length to the gnew0 function will usually result in a Denial of ServiceDoS...
Cross-Origin Resource Sharing (CORS) Bypass
@kindspells/astro-shield is vulnerable to Cross-Origin Resource Sharing CORS Bypass. This vulnerability due to the introduction of valid integrity attributes to injected code and SRI hash added to the generated Content Security Policy CSP header, fooling the browser into believing that the inject...
SVG Injection
piccoloadmin is vulnerable to SVG Injection. This vulnerability due to insufficient input validation and improper handling of SVG files within Piccolo's admin panel, allowing attackers to upload a malicious SVG file, which, when loaded under certain contexts, permits arbitrary access to the admin...
Infinite Loop
protobuf is vulnerable to an infinite loop. The vulnerability is due to improper handling of malformed JSON structures, specifically when unmarshaling into messages containing a google.protobuf.Any value or when the UnmarshalOptions.DiscardUnknown option is set. This can potentially leads to deni...
Remote Code Execution (RCE)
jenkins-core is vulnerable to Remote Code Execution. The vulnerability is due to unsafe deserialization of Java objects. This flaw allows attackers to execute arbitrary code via a crafted serialized Java object, which could trigger an LDAP query to a third-party server...
Incorrect Authorization
quarkus is vulnerable to Incorrect Authorization. The vulnerability is due to improper sanitization or validation for certain character permutations when accepting requests. This potentially can leads to improper evaluation of permissions, resulting in security bypass or Denial of Service...
Buffer Overflow
gtkwave is vulnerable to Buffer Overflow. The vulnerability is due to inadequate bounds checking in the fstFread copy function. This allows an attacker to execute arbitrary code by providing a maliciously crafted .fst file...
Buffer Overflow
gtkwave is vulnerable to Buffer Overflow. The vulnerability is due to insecure handling of decompression in the uncompress function. This allows an attacker to execute arbitrary code by providing a maliciously crafted .fst file...
Buffer Overflow
gtkwave is vulnerable to Buffer Overflow. The vulnerability is due to insufficient input validation in the fastlzdecompress decompression function, allowing arbitrary code execution via a specially-crafted .fst file...
Buffer Overflow
gtkwave is vulnerable to Buffer Overflow. The vulnerability is caused due to insufficient input validation in the decompression function LZ4decompresssafepartial.This potentially leads to arbitrary code execution...
OS Command Injection
gtkwave is vulnerable to OS Command Injection. The vulnerability is due to insufficient validation of input during the decompression functionality while .ghw decompression, enabling attackers to execute arbitrary commands by crafting a malicious wave file...
OS Command Injection
gtkwave is vulnerable to OS Command Injection. The vulnerability is due to insufficient input validation in the decompression functionality in vcdrecordermain, allowing attackers to execute arbitrary commands by crafting a specially crafted wave file...
OS Command Injection
gtkwave is vulnerable to OS Command Injection. The vulnerability is due to inadequate input validation in the decompression functionality in vcdmain, enabling attackers to execute arbitrary commands through a specially crafted wave file...
OS Command Injection
gtkwave is vulnerable to OS Command Injection. The vulnerability is due to insufficient input validation in the decompression functionality in the vcd2lxt utility, which allows attackers to execute arbitrary commands by exploiting a specially crafted wave file...
OS Command Injection
gtkwave is vulnerable to OS Command Injection. The vulnerability is due to inadequate input validation in the decompression functionality in the vcd2lxt2 utility, allowing attackers to execute arbitrary commands by crafting a specially crafted wave file...
OS Command Injection
gtkwave is vulnerable to OS Command Injection. The vulnerability is due to inadequate input validation in the decompression functionality in the vcd2vzt utility, allowing attackers to execute arbitrary commands by exploiting a specially crafted wave file...
Heap Based Buffer Overflow
gtkwave is vulnerable to Heap Based Buffer Overflow. The vulnerability is due to insufficient bounds checking in the fstReaderIterBlocks2 chaintable parsing functionality using chaintable of FSTBLVCDATA and FSTBLVCDATADYNALIAS , allowing attackers to execute arbitrary code by crafting a specially...
Heap Based Buffer Overflow
gtkwave is vulnerable to Heap Based Buffer Overflow. The vulnerability is due to insufficient bounds checking in the fstReaderIterBlocks2 chaintable parsing functionality using the chaintable of the FSTBLVCDATADYNALIAS2, allowing attackers to execute arbitrary code by crafting a specially crafted...
Improper Array Index Validation
gtkwave is vulnerable to Improper Array Index Validation. The vulnerability is due to inadequate validation of array indices in the fstReaderIterBlocks2 tdelta functionality when signallens is 2 or more, allowing attackers to execute arbitrary code by crafting a specially crafted .fst file...
Arbitrary Code Execution
gtkwave is vulnerable to Arbitrary Code Execution. The vulnerability is due to insufficient validation of array indexes, specifically in the tdelta indexing when signallens is 0. A specially crafted .fst file can exploit these vulnerabilities to execute arbitrary code when opened by a victim...
Arbitrary Code Execution
gtkwave is vulnerable to Arbitrary Code Execution. The vulnerability arises from a specially crafted .fst file, allowing for arbitrary code execution upon opening the file. This vulnerability specifically relates to the tdelta indexing when signallens is 1...