Cross-Site Request Forgery (CSRF)

gradio is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to inadequate Cross-Origin Resource Sharing CORS validation, which allows an external websites to make requests to gradio applications running locally...

Sensitive Information Disclosure

Liferay Portal is vulnerable to Sensitive Information Disclosure. This vulnerability is due to improper handling of hashed passwords within the page source...

User Enumeration

Liferay Portal is vulnerable to a User Enumeration. The vulnerability is due to differences in response times of requests, allowing remote attackers to determine the existence of an account in the application...

Improper Privilege Management

Snowflake Hive MetaStore Connector is vulnerable to Improper Privilege Management. The vulnerability is caused due to improper content validation within the addsnowflakehivemetastoreconnectorscriptaction.sh script, allowing a malicious actor to replace the valid content with malicious code,...

Expression Language Injection

OpenMetadata is vulnerable to Expression Language Injection. The vulnerability is due to in validateExpression function evaluates SpEL expressions using a StandardEvaluationContext, This enabling interaction with Java classes like java.lang.Runtime, ultimately resulting in Remote Code Execution...

Denial Of Service (DoS)

jwcrypto is vulnerable to Denial Of Service DoS. The vulnerability is due to there is no proper validation on the length of tokens being processed by JWCrypto in the file jwe.py. This flaw allowing an attacker being able to exploit a high compression ratio in a malicious JWE Token, consuming...

Expression Language Injection

OpenMetadata is vulnerable to Expression Language Injection. The vulnerability is caused due to a lack of proper authorization checks, allowing attackers to execute arbitrary code by exploiting Expression language injection in the CompiledRule::validateExpression method...

Cross Site Scripting(XSS)

survey-creator is vulnerable to Cross Site Scripting XSS. This vulnerability is due to improper handling of the title parameter in form within string-editor.ts. This flows allows an attackers to execute arbitrary code and obtain sensitive information...

Cross-Site Request Forgery (CSRF)

github.com/owncast/owncast is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to allowing cross-origin requests using function RequireAdminAuth in the auth.go file, This flows enabling attackers to access privileged information such as the admin password by exploiting the...

Arbitrary Code Execution

ldap-account-manager vulnerable to arbitrary code execution. The vulnerability is due to improper log file path validation, allowing attackers to create a PHP file and log PHP code to it, which can be executed when accessed via the web...

Denial Of Service (DoS)

node-tar is vulnerable to Denial of service DoS. The vulnerability is caused due to lack of validation on the number of folders created during the folder creation process.This allows an attackers to consume excessive CPU and memory resources, potentially causing the system to become unresponsive ...

Clickjacking

Firefox is vulnerable to Clickjacking. The vulnerability is due to permission prompt input delay expiring while the window is not in focus, allowing malicious websites to exploit it...

Integer Overflow

Firefox, Firefox ESR, Thunderbird is vulnerable to integer overflow leading to out-of-bounds write. The vulnerability is due to integer overflows in AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding, and AppendEncodedCharacters, causing underallocation of an output buffer, which can...

Return-Oriented Programming(ROP)

thunderbird:sid, firefox-esr:sid is vulnerable to Return-Oriented ProgrammingROP. The vulnerability is due to improper handling of return registers, potentially allowing attackers to execute arbitrary code by overwriting them with controlled values...

Improper Input Validation

firefox is vulnerable to Improper Input Validation. The vulnerability is due to improper data handling leading to the creation of invalid Wasm values, potentially converting arbitrary integers into pointer values...

Out-of-Memory

thunderbird is vulnerable to Out-of-Memory. The vulnerability is due to the library's previous behavior of attempting to continue execution despite encountering out-of-memory conditions, which could potentially lead to exploitation...

Arbitrary Code Execution

firefox is vulnerable to Arbitrary Code Execution. The vulnerability is due to memory safety bugs leading to memory corruption which could be exploited to execute arbitrary code...

Memory Corruption

thunderbird is vulnerable to Memory Corruption.The vulnerability is due to improper handling of memory allocation or deallocation, It allows for potential memory corruption within the Firefox and Thunderbird applications, which could lead to the execution of arbitrary code by attackers...

Denial Of Service (DoS)

Firefox is vulnerable to Denial Of Service DoS. The vulnerability is caused due to improper sanitization of data when decoding a QUIC ACK frame, potentially leading to memory exhaustion and system crashes...

Code Execution

thunderbird is vulnerable to Code Execution. The vulnerability is due to insufficient input validation of certain code paths within the SafeRefPtr class, allowing the attacker to execute arbitrary code...

Permissions Bypass

thunderbird is vulnerable to a Permissions Bypass. The vulnerability is due to a missing delay on pointer lock usage, allowing a malicious page to deceive users into granting permissions...

Content Security Policy Bypass

firefox-esr is vulnerable to Content Security Policy Bypass. The vulnerability is due to insufficient validation of nonce values, allowing attackers to bypass strict content security policies...

User Interface Misrepresentation Of Critical Information

chromium is vulnerable to User Interface Misrepresentation of Critical Information. This vulnerability is due to incorrect security UI in iOS. It allows a remote attacker to perform UI spoofing via a crafted HTML page...

User Interface (UI) Misrepresentation Of Critical Information

chromium is vulnerable to User Interface UI Misrepresentation of Critical Information. The vulnerability is due to inappropriate implementation in the Downloads feature. This allows a remote attacker to conduct UI spoofing via a crafted URL...

Use After Free

chromium is vulnerable to Use After Free.The vulnerability is due to improper handling of memory objects, potentially leading to heap corruption when processing a crafted HTML page...

Out Of Bounds Read

chromium is vulnerable to Out Of Bounds Read.The vulnerability is due to a remote attacker being able to perform out-of-bounds memory access via a crafted HTML page...

Denial Of Service

chromium is vulnerable to Denial Of Service. The vulnerability is due to potential object corruption resulting from a crafted HTML page...

User Interface (UI) Misrepresentation Of Critical Information

chromium is vulnerable to User Interface UI Misrepresentation of Critical Information. The vulnerability is due to inappropriate implementation in iOS, which allows a remote attacker to perform UI spoofing via a crafted HTML page...

Sensitive Information Disclosure

chromium is vulnerable to Sensitive Information Disclosure. The vulnerability is due to inappropriate implementation, allowing a remote attacker to leak cross-origin data through a crafted HTML page...

Privilege Escalation

Firefox is vulnerable to a Privilege Escalation. The vulnerability is due to the unauthorized injection of an event handler into a privileged object, leading to arbitrary JavaScript execution in the parent process...

Out-of-bounds Read

Firefox is vulnerable to Out-of-bounds Read. The vulnerability is caused due to the manipulation of range-based bounds check elimination, allowing attackers to perform unauthorized access on JavaScript objects...

Username Enumeration

umbraco.cms is vulnerable to User Enumeration. The vulnerability is due to improper user authentication checks, which allows an attacker to enumerate valid usernames by exploiting access to the native login screen...

Missing Authorization Check

djangorestframeworksimplejwt is vulnerable to Missing Authorization Check. The vulnerability is due to the foruser function which fails to check if a user is active before generation. Django's built in user model contains the isactive field which can be used to block a user from authenticating. I...

Missing Websocket Authentication

Jupyter Server Proxy is vulnerable to Missing Websocket Authentication. The vulnerability is caused due to improper user authentication checks when proxying websockets within handlers.py. This allows an attacker to gain unauthenticated remote access to any websocket endpoint made accessible via t...

Missing Encryption Of Sensitive Data

Cilium is vulnerable to Missing Encryption Of Sensitive Data. The vulnerability is due to WireGuard eligible traffic sent between a node's Envoy/DNS proxy and pods on other nodes being sent unencrypted when traffic matches Layer 7 policies. This issue can expose sensitive data as it travels betwe...

File Validation Bypass

ezsystems/ezplatform-kernel is vulnerable to File Validation Bypass. The vulnerability is due to improper file validation, which allows an attacker to save article content even if its rejected during validation...

SpEL Injection

OpenMetadata is vulnerable to SpEL Injection. This vulnerability is due to insufficient input validation within the EventSubscriptionRepository.prepare method, which allows an attacker to inject a specially crafted SpEL statement to the api/v1/events/subscriptions endpoint, which can result in...

Authentication Bypass

oauthenticator is vulnerable to Authentication Bypass. The vulnerability exists due to insufficient validation of Google accounts, which allowed access to accounts created by anyone with emails ending with a specified domain...

Out-of-Bounds Write

Apache Commons Configuration is vulnerable to Out-of-Bounds Write. The vulnerability is due to improper iterator handling within the AbstractListDelimiterHandler.flattenIterator method, which can result in Denial of Service if crafted input is passed to the method...

File Validation Bypass

ibexa/core is vulnerable to File Validation Bypass. The vulnerability is due to inadequate file type validation within the validate function in FileExtensionBlackListValidator.php. When attempting to publish content with rejected file types, the validation fails which does prevent publication, bu...

Out-of-Bounds Write

Apache Commons Configuration is vulnerable to Out-of-Bounds Write. The vulnerability is due to improper handling of a cyclical object tree, which can trigger a StackOverflowError when the ListDelimiterHandler.flatten method is called. This occurs because the method recursively traverses the objec...

Missing Encryption Of Sensitive Data

Cilium is vulnerable to Missing Encryption of Sensitive Data. The vulnerability is due to missing encryption in IPsec-eligible traffic between a node's Envoy proxy/DNS proxy and pods on other nodes, when traffic matches Layer 7 policies. This issue can expose sensitive data as it travels between...

Regular Expression Denial Of Service (ReDoS)

Django is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to a regular expression with inefficient complexity within the django.utils.text.Truncator.words function. When this function has the html parameter set to true, and is utilizing the truncatewordshtml...

Cross-site Scripting (XSS)

ZITADEL is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper sanitization when rendering login UI templates. This vulnerability allows an attacker to inject HTML into the login page via crafted links...

Denial Of Service (DoS)

github.com/argoproj/argo-cd is vulnerable to Denial of Service DoS. The vulnerability is due to unsafe manipulation of an array in a multi-threaded environment. When two threads interact with the same array simultaneously this flaw can potentially leads to an application crash...

Improper Input Validation

parse-server is vulnerable to Improper Input Validation. The vulnerability is due to insufficient string sanitation for Cloud Function or Cloud Job names, which allows an attacker to crash the server, manipulate internal object storage, or potentially execute arbitrary code...

Code Injection

qiskitibmruntime is vulnerable to Code Injection. The vulnerability is due to the presence of the eval method within the Options.getprograminputs function, which allows an attacker to inject and execute arbitrary code within the application's context...

Arbitrary Code Execution

qiskitibmruntime is vulnerable to Arbitrary Code Execution. The vulnerability is due to insufficient input validation during the deserialization of JSON data using qiskitibmruntime.RuntimeDecoder. This lack of proper validation allows an attacker to craft malicious input strings that, when...

Cross Site Scripting(XSS)

livewire/livewire is vulnerable to Cross-site Scripting XSS. The vulnerability is due to inadequate input sanitization, allowing attackers to inject malicious HTML code via crafted URLs...

PKCE Downgrade Attack

spring-security-oauth2-authorization-server is vulnerable to PKCE Downgrade. The vulnerability is due to improper handling of PKCE authorization when a Confidential Client requests an Authorization Code Grant. Note that this vulnerability only applies to Confidential Clients, Public Clients are...