Improper Input Validation

Apache Hop Engine is vulnerable to Improper Input Validation. The vulnerability is due to improper escape functionality within the "id" parameter in links written to the PrepareExecutionPipelineServlet page...

HTTP Policy Bypass

Cilium is vulnerable to HTTP Policy Bypass. The vulnerability is due to inconsistencies when applying HTTP policies. This inconsistency allows HTTP traffic to be incorrectly and intermittently forwarded when it should be dropped, potentially allowing unauthorized access or information disclosure...

Cross-Site Request Forgery (CSRF)

Apache Wicket is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is caused due to an error in the evaluation of the fetch metadata headers within FetchMetadataResourceIsolationPolicy.java. This allows an attacker to bypass the Cross-Site Request Forgery CSRF protection mechanism...

Regular Expression Denial Of Service (ReDoS)

django-wiki is vulnerable to Regular Expression Denial Of Service ReDoS. This vulnerability is due to improper input validation, allowing maliciously crafted article content to cause severe CPU usage through a regular expression loop, which results in a Denial of Service DoS condition...

Speculative Race Condition

Modern CPU architectures supporting speculative execution are vulnerable to a Speculative Race Condition SRC vulnerability, akin to Spectre V1. The vulnerability arises from race conditions that allow an unauthenticated attacker to exploit speculative executable code paths, potentially disclosing...

Buffer Overflow

GifLib Project GifLib v.5.2.1 is vulnerable to a Buffer Overflow Vulnerability. The vulnerability is due to inadequate input validation in the DumpSCreen2RGB function within gif2rgb.c, which could be exploited by a local attacker to access sensitive information...

Buffer Overflow

giflib is vulnerable to Buffer Overflow vulnerability. The vulnerability is due to a flaw in the getarg.c component, leading to a segmentation fault...

Out Of Memory

giflib 5.1.4 is vulnerable to a memory leak out-of-memory in gif2rgb. The vulnerability is due to inadequate memory management in util/gif2rgb.c, enabling remote attackers to trigger an out-of-memory exception or denial of service via a GIF format file...

Improper Check For Unusual Or Exceptional Conditions

Nix is vulnerable to a Improper Check for Unusual or Exceptional Conditions which can send file descriptors to files in the Nix store to another program running on the host or another fixed-output derivation through Unix domain sockets in the abstract namespace. This allows the modification of th...

Incorrect Default Permissions

rotp is vulnerable to Incorrect Default Permissions. The vulnerability is due to an oversight in the file permissions settings, which allows an attacker to modify the libraries files on the system...

Remote Code Execution

Astropy is vulnerable to remote code execution. The vulnerability is due to improper input validation in the todotgraph function in the file transformations.py, allowing an attacker to execute commands or scripts as a value to the savelayout argument, which are then executed through the...

Incorrect Authorization

Liferay Portal is vulnerable to Incorrect Authorization. The vulnerability is due to the lack of proper validation of user permissions, enabling authenticated users with certain privileges to manipulate their own permissions...

SpEL Injection

OpenMetadata is vulnerable to Expression Language SpEL Injection. The vulnerability is caused due to a lack of validation of user-controlled data within the AlertUtil::validateExpression method, which allows the execution of arbitrary system commands through user-controlled data, leading to Remot...

Authentication Bypass

OpenMetadata is vulnerable to Authentication Bypass. The vulnerability is caused due to improper path validation in the JwtFilter, allowing attackers to bypass authentication mechanisms by exploiting the presence of path parameters in requests...

Decryption Failure

ilicmiljan/secure-props is vulnerable to Decryption Failure. The vulnerability due to a regex which fails to detect tags during the decryption of encrypted data encoded with the NullEncoder and contains special characters such as \n. When this encrypted data is passed to the TagAwareCipher, the...

OS Command Injection

github.com/fluid-cloudnative/fluid is vulnerable to OS Command Injection. The vulnerability is due to insufficient input validation within the JuicefsRuntime, allowing an authenticated user with the authority to create or update the K8s CRD Dataset/JuicefsRuntime to execute arbitrary OS commands...

Cross-Site Scripting (XSS)

octoprint is vulnerable to Cross-Site Scripting XSS. The vulnerability due to improper input validation and sanitization of the webcam snapshot URL input field, which allows for the execution of malicious JavaScript code into the victim's browser...

Server Side Request Forgery (SSRF)

org.springframework:spring-web is vulnerable to Open Redirect. The vulnerability is due to insufficient validation checks of the host URL within UriComponentsBuilder.java. If an application utilizes the host validation checks, an attacker can perform an open redirect or Server-Side Request Forger...

Weak Cryptographic Hash

Liferay Portal is vulnerable to Weak Cryptographic Hash. The vulnerability exists due to the default password hashing algorithm PBKDF2-HMAC-SHA1 having a low work factor in the Liferay Portal. It allows attackers to crack password hashes quickly, potentially compromising user accounts and gaining...

Cross-Site Request Forgery (CSRF)

liferay.portal is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability exists due to insufficient validation of requests in the terms of use page within Liferay Portal, which can be exploited by remote attackers through social engineering, enticing users to visit a malicious page and...

Improper Access Control

org.springframework.security: spring-security-core is vulnerable to Authentication Bypass. The vulnerability is due to the isFullyAuthenticated method within the AuthenticatedVoter class incorrectly returning true if the authentication parameter is null, resulting in broken access control. Note...

Man-in-the-middle Attack

Liferay Portal is vulnerable to Man-in-the-middle Attack. The vulnerability is due to the failure to obfuscate password reminder answers on the page, allowing attackers to exploit man-in-the-middle or shoulder-surfing attacks to steal user's password reminder answers...

Open Redirect

Liferay Portal is vulnerable to Open Redirect. The vulnerability is due to improper handling of the 'REPLACEMENT CHARACTER' U+FFFD in HtmlUtil.escapeRedirect, allowing remote attackers to redirect users to arbitrary external URLs...

Open Redirect

Liferay Portal is vulnerable to Open Redirect. The vulnerability exists due to improper input validation and sanitization in the HtmlUtil.escapeRedirect function within Liferay Portal, Liferay DXP. This allows remote attackers to redirect users to arbitrary external URLs via parameters such as th...

Cross Site Scripting(XSS)

Liferay Portal vulnerable to Cross-Site Scripting XSS. The vulnerability is due to inadequate input sanitization of blog entries in Liferay Portal and Liferay DXP. Specifically, the default configuration does not properly filter JavaScript from blog entry content, allowing remote authenticated...

Uncontrolled Resource Consumption

Liferay Portal is vulnerable to Uncontrolled Resource Consumption. The vulnerability is due to reliance on a request parameter to limit file size, enabling remote authenticated users to upload excessively large files to the system's temp folder by altering the 'maxFileSize' parameter...

Information Disclosure

Liferay Portal is vulnerable to Information Disclosure. The vulnerability is due to an enumeration of user screen names, allowing remote authenticated users to obtain a user's full name from the page's title. This potentially leads to Information Disclosure...

Exposed Dangerous Method Or Function

turboboost-commands is vulnerable to Exposed Dangerous Method or Functions. The vulnerability is due to the existing checks that aren't robust enough to prevent sophisticated attackers from invoking more methods than should be permitted. Although commands verify that the class must be a Command a...

Insecure Default Initialization Of Resource

Liferay Portal is vulnerable to Insecure Default Initialization of Resource. This vulnerability is due to the default value of the portal property http.header.version.verbosity being set to full, allowing remote attackers to easily identify the version of the application and its vulnerabilities v...

Open Redirect

Liferay Portal is vulnerable to Open Redirect. The vulnerability is due to improper validation of user-supplied input in the edit region page of Countries Management, allowing remote attackers to redirect users to arbitrary external URLs via the...

Arbitrary Code Execution

github.com/projectdiscovery/nuclei is vulnerable to Arbitrary Code Execution. The vulnerability is due to improper validation of signed workflows within the parseWorkflowTemplate function in workflows.go, which allows the execution of unsigned code templates through workflows...

Denial Of Service (DoS)

github.com/mattermost/mattermost-server is vulnerable to Denial of Service DoS. The vulnerability due to there is no proper validation or check on the length when setting the title in a run checklist in Playbooks. An attacker can send a specially crafted request and potentially leads to crash of...

Improper Check For Unusual Or Exceptional Conditions

Mattermost is vulnerable to Denial Of Service. The vulnerability is due to there is no proper validation for the type of the "reminder" body request parameter. This allows an attacker to crash the Playbook Plugin when updating the status dialog...

Improper Access Control

Mattermost is vulnerable to Improper Access Control. The vulnerability is due to Mattermost's failure to check whether a user is a guest when updating the tasks of a private playbook run. It allows a guest to update the task of a private playbook run if they know the run ID...

Uncontrolled Resource Consumption

Mattermost is vulnerable to Uncontrolled Resource Consumption. The vulnerability is due to Mattermost's failure to handle a null request body in the /add endpoint, which allows a simple member to send a request with a null request body to that endpoint, causing it to crash. After a few repetition...

Authorization Bypass

Mattermost is vulnerable to Authorization Bypass in Playbooks Plugin Endpoint. The vulnerability is due to Mattermost's failure to perform authorization checks in the /plugins/playbooks/api/v0/runs/add-to-timeline-dialog endpoint of the Playbooks plugin. This allows an attacker to obtain limited...

Denial Of Service (DoS)

iperf is vulnerable to a Denial Of Service DoS. The vulnerability is due to a flaw in the iperf utility, causing it to hang indefinitely while waiting for the remainder or until the connection is closed, allows a malicious or malfunctioning client to send less data than expected to the iperf serv...

Error Log Leakage

fgr is vulnerable to Error Log Leakage. The vulnerability is due to insufficient sanitization of error messages or tracebacks within the code. The vulnerability allows an attacker with access to the log stream to expose potentially sensitive information through error messages or tracebacks...

Incorrect Default Permissions

Liferay Portal is vulnerable to Incorrect Default Permissions. This vulnerability is due to insufficient access control mechanisms for guest users. The guest users can view any web content template by default. An attackers can exploit this to view any template via the UI or API...

Insecure Variable Substitution

github.com/go-vela/server is vulnerable to Insecure Variable Substitution. This vulnerability is due to the use of variable substitution combined with insensitive fields such as parameters, image, and entrypoint in Vela pipelines. The vulnerability allows an attacker to bypass log masking and...

Insertion Of Sensitive Information Into Log File

Kibana is vulnerable to Insertion of Sensitive Information into Log File. The vulnerability is caused due to improper handling of errors or debug logging, leading to the inclusion of credentials, API keys, and other sensitive data in Kibana logs. This potentially leads to Sensitive Information...

Sensitive Information Disclosure

Mattermost-plugin-playbooks is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper authorization checks when creating a playbook action. An attacker with limited privileges can leak sensitive playbook information, such as the playbook's name, by creating a playboo...

Server-Side Request Forgery (SSRF)

org.apache.cxf, cxf-rt-databinding-aegis is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due improper URL sanitisation which allows an attacker to perform SSRF attacks on web services that take at least one parameter of any type. Users of other data bindings, including the...

Username Enumeration

Vantage6 is vulnerable to Username Enumeration. This vulnerability is due to inadequate access controls of sensitive information due to the exposure of API routes /recover/lost and /2fa/lost, which allows unauthorized individuals to trigger password or Multi-Factor Authentication MFA token recove...

Improper Resource Shutdown Or Release

CoreWCF.NetFramingBase is vulnerable to Improper Resource Shutdown or Release. The vulnerability is due to a failure to close established connections after the timeout has occurred, which can result in Denial of Service. An attacker can trigger this vulnerability by either establishing a connecti...

Insecure Variable Substitution

github.com/go-vela/types is vulnerable to Insecure Variable Substitution. The vulnerability arises due to the unexpected behavior of variable substitution combined with insensitive fields like parameters, image, and entrypoint. This allows for bypassing log masking and exposing secrets without...

Sensitive Information Disclosure

Apache ZooKeeper is vulnerable to Sensitive Information Disclosure. The vulnerability is due to missing ACL checks in the persistent watcher feature. An attackers can monitor child znodes by attaching a persistent watcher to a parent node they already have access to. When the persistent watcher i...

Out-of-bounds Read

gpac is vulnerable to Out-of-bounds Read. The vulnerability is caused due to a lack of input validation in the gfdashsetupperiod function within dashclient.c. This can potentially lead to Denial of ServiceDoS...

Insecure CORS Configuration

vantage6 is vulnerable to Insecure CORS Configuration. This vulnerability is due to the absence of proper CORS configuration, which can allow unauthorized domains to access sensitive data...

Out-of-bounds Read

gpac is vulnerable to Out-of-bounds Read. The vulnerability is caused due to incorrect bounds checking when accessing the name array within swfparse.c. This allows an attacker to potentially execute arbitrary code or cause Denial of Service DoS...