Insecure Variable Substitution

github.com/go-vela/cli is vulnerable to Insecure Variable Substitution. The vulnerability arises due to the unexpected behavior of variable substitution combined with insensitive fields like parameters, image, and entrypoint. This allows for bypassing log masking and exposing secrets without usin...

Denial Of Service (DoS)

Mattermost is vulnerable to Denial of Service DoS. The vulnerability is due to a lack of limitation on payload size during JSON parsing, This Flaws allows an attacker to send an excessively large email payload and that can crash the server...

Credential Leakage

follow-redirects is vulnerable to Credential Leakage. The vulnerability is due to insufficient redaction of the proxy-authentication header when handing requests. If an attacker can trigger a cross domain redirect, they can capture the request header containing the sensitive proxy-auth header,...

Improper Authentication

wpasupplicant is vulnerable to the Improper Authentication vulnerability. The vulnerability arises because wpasupplicant can be configured to skip TLS certificate verification during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be exploited to bypass Phase 2 authentication...

Performance Degradation

BIND is vulnerable to a performance degradation issue when a resolver cache contains a large number of ECS EDNS Client Subnet records for the same name, impacting query performance during the cache database cleanup process...

Denial Of Service

go is vulnerable to Denial Of Service. The vulnerability is due to insufficient handling of certificate chains containing certificates with unknown public key algorithms...

Interpretation Differences

net/mail in GO is vulnerable to Interpretation Differences. The vulnerability is due to the ParseAddressList function incorrectly handling comments text within parentheses inside display names. The parser handles the display names different then conforming address parsers, which could result in...

Sensitive Information Disclosure

go is vulnerable to Sensitive Information Disclosure. The vulnerability is due to errors returned from MarshalJSON methods containing user-controlled data, which can break contextual auto-escaping behavior, leading to unexpected content injection into templates...

Uncontrolled Resource Consumption

avahi is vulnerable to the Uncontrolled Resource Consumption. avahi library is vulnerable to a flaw that allows an unprivileged user to trigger a dbus call, leading to a crash of the avahi daemon...

Timing Side-Channel Attack

Firefox is vulnerable to Timing Side-Channel Attack. The vulnerability is caused due to the improper handling of timing during decryption, potentially enabling attackers to recover private data...

Reachable Assertion

Avahi is vulnerable to Reachable Assertion. the vulnerability is due to a reachable assertion in the dbussethostname function...

Reachable Assertion

Avahi is vulnerable to Reachable Assertion. the vulnerability is due to a reachable assertion in the avahirdataparse function...

Reachable Assertion

Avahi is vulnerable to Reachable Assertion. the vulnerability is due to a reachable assertion in the avahiescapelabel function...

Reachable Assertion

Avahi is vulnerable to Reachable Assertion. the vulnerability is due to a reachable assertion in the avahialternativehostname function...

Reachable Assertion

Avahi is vulnerable to Reachable Assertion. the vulnerability is due to a reachable assertion in the avahidnspacketappendrecord...

Out-of-bounds Write

openexr is vulnerable to due Out-of-bounds Write. The vulnerability is due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanline data. This vulnerability was addressed in versions v3.2.2 and v3.1.12 of the affected library...

Sensitive Information Disclosure

go is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the client not forwarding sensitive headers such as "Authorization" or "Cookie" when following an HTTP redirect to a domain that is not a subdomain match or exact match of the initial domain...

Memory Exhaustion

go is vulnerable to Memory Exhaustion. The vulnerability is due to the lack of proper enforcement of limits on the total size of parsed form data, leading to unbounded memory consumption while reading a single form line...

Denial Of Service (DOS)

intel-microcode is vulnerable to Denial Of Service. The vulnerability is due to a failure in the protection mechanism of the bus lock regulator, which may allow an unauthenticated user to potentially enable denial of service via network access...

Misinterpretation Of Input

amavis is vulnerable to Misinterpretation of Input. The vulnerability is due to an interpretation conflict in MIME email messages, allows incorrect checks for banned files or malware when multiple boundary parameters are present in the email message...

Denial Of Service (DOS)

Libreswan is vulnerable to Denial Of Service. The vulnerability is due to an issue where Libreswan restarts when a connection configured with PreSharedKeys authby=secret cannot find a matching configured secret. it can cause repeated crashes leading to a Denial of Service...

Use After Free

chromium is vulnerable to Use After Free.The vulnerability is due to improper handling of memory when processing crafted HTML pages, leading to potential heap corruption...

Denial Of Service (DoS)

org.apache.tomcat, tomcat-coyote is vulnerable to Denial of Service DoS. The vulnerability is due to improper request handling when processing an HTTP/2 request that exceeds any of the configured limits for headers, leading to the associated HTTP/2 stream not being reset until after all of the...

Privilege Escalation

intel-microcode is vulnerable to privilege escalation. The vulnerability is due to a failure in the protection mechanism, which may allow an attacker to potentially enable escalation of privileges via local access...

Information Disclosure

intel-microcode is vulnerable to information disclosure. The vulnerability is due to non-transparent sharing of return predictor targets between contexts, which may allow an authorized user to potentially enable information disclosure via local access...

Information Exposure

IntelR AtomR Processors are vulnerable to information exposure through microarchitectural state after transient execution. The vulnerability is due to certain register files, which, when accessed by an authenticated user, may potentially enable information disclosure via local access...

Information Disclosure

intel-microcode is vulnerable to information disclosure. The vulnerability is due to incorrect calculation in the microcode keying mechanism, which may allow a privileged user to potentially enable information disclosure via local access...

Authorization Bypass

apacheairflow is vulnerable to an Authorization Bypass. The vulnerability is due improper permission checks which allows an authenticated user with limited permissions to access resources such as variables, connections, etc, from the UI which they do not have permission to access, resulting in...

Unauthorized File Access

org.apache.pulsar: pulsar-functions-worker is vulnerable to Unauthorized File Access. The vulnerability is due to a feature that allows authenticated users to create functions with implementations referenced by URLs, including file, http, and https schemes. This vulnerability can potentially lead...

Path Traversal

org.apache.pulsar: pulsar-functions-worker is vulnerable to Path Traversal. The vulnerability due to improper validation of uploaded jar or nar files, which allows an authenticated attacker to create or modify files outside the designated directory, resulting in Path Traversal...

Improper Privilege Management

github.com/argoproj/argo-cd is vulnerable to Improper Privilege Management. The vulnerability is due to improper checks to prevent users with the create privilege from syncing local manifests. An attacker can exploit this vulnerability to bypass git merge protections by syncing local manifests on...

Denial Of Service (DoS)

org.apache.tomcat: tomcat-websocket is vulnerable to Denial of Service DoS. The vulnerability is due to improper cleanup of WebSocket connections during a session timeout. If a client fails to send a close message within the timeout period, the websocket connection will continue to hold resources...

Cross-site Scripting (XSS)

Argo CD is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper filtering of URL protocols in the application summary component, allowing a remote attacker with privileges to edit the application to execute Cross-Site Scripting...

Path Traversal

github.com/pterodactyl/wings is vulnerable to Symlink Race condition. The vulnerability is due to improper sandbox and filesystem access controls, which allows an attacker to read files outside of the server's designated base directory...

Stack-based Buffer Overflow

libmicrohttpd.so is vulnerable to a Stack-based Buffer Overflow. The vulnerability is due to boundary error when handling overly long authentication headers inthe MHDdigestauthcheck function. This flaw allows remote attackers to cause a denial of service or possibly execute arbitrary code via a...

Denial Of Service (DOS)

libmicrohttpd.so is vulnerable to Denial of service attack. The vulnerability is due to an out-of-bounds memory read flaw in the MHDhttpunescape function within libmicrohttpd. This could potentially lead to information disclosure or enable a remote attacker to cause an application crash...

Denial Of Service

libmad.so is vulnerable to Denial Of Service. The vulnerability is due to the madlayerIII function in layer3.c when processing a crafted audio file, resulting in a heap-based buffer overflow and possible application crash...

Remote Code Execution (RCE)

mssql-django is vulnerable to Remote Code Execution RCE. The vulnerability is caused due to improper parameter sanitization, allowing attackers to execute arbitrary SQL statements, which can result in Remote Code Execution RCE...

Sensitive Information Disclosure

io.quarkus, quarkus-kubernetes-deployment is vulnerable to Git Credentials Disclosure. The vulnerability due to a flaw in the continuous integration CI configuration, leading to the inadvertent publication of git credentials to the metadata annotation...

Incorrect Authorization

org.apache.pulsar, pulsar-broker is vulnerable to Incorrect Authorization. The vulnerability exists due to inadequate access controls to modify topic-level policies. Only users with the tenant admin or super user role should be permitted to perform such management operations, allowing authenticat...

Stack Based Buffer Overflow

libraw.so is vulnerable to Stack-based Buffer Overflow. The vulnerability is due to improper input validation in xtransinterpolate function within dcrawcommon.cpp. This flaw can potentially leads to a Denial of Service DoS Attack...

Denial Of Service (DoS)

Microsoft QUIC is vulnerable to Denial Of Service DoS. The vulnerability is caused by holding onto failed connections, leading to continuous memory consumption until exhaustion, resulting in Denial of Service. Note that this vulnerability is not exploitable on .NET-based web servers running on...

Denial Of Service

libmad.so is vulnerable to Denial of service attack. The vulnerability is due to an assertion failure and application exit when the madlayerIII function in layer3.c is executed without NDEBUG defined, allowing an attacker to cause denial of service via a specially crafted audio file...

Improper Input Validation

org.apache.pulsar, pulsar-functions-worker is vulnerable to improper input validation. This vulnerability is due to insufficient input validation within the Worker, which fails to adequately check user-provided inputs before executing them, resulting in the execution of arbitrary Java code outsid...

Out-of-bounds Read

libcryptopp.so is vulnerable to Out-of-bounds Read. The vulnerability is due to a lack of validation in zinflate.cpp in the Inflation filter. This can allow attackers to read sensitive information from other memory locations or cause a crash...

Log Injection

ckan is vulnerable Log Injection. The vulnerability is due to the lack of filtering on incoming parameters in the user endpoint, allowing attackers to inject false log entries or corrupt the log file format, resulting in Log Injection...

Off-by-one Error

libvirt.so is vulnerable to Off-by-one Error. The vulnerability is due to a miscalculation in the udevListInterfacesByStatus function when the number of interfaces exceeds the size of the names array. This issue can be exploited by sending specially crafted data to the libvirt daemon, enabling an...

Out-of-bounds Read

libraw.so is vulnerable to an out-of-bounds read. The vulnerability is due to the kodak65000loadraw function within dcraw.c and dcrawcommon.cpp using unchecked index to access the curve array, potentially leading to accessing memory outside the array's valid range. This issue could allow an...

Command Injection

fontforge is vulnerable to Command Injection.The vulnerability is due to improper handling of crafted archives or compressed files...

Command Injection

FontForge is vulnerable to Command Injection. The vulnerability is due to insufficient input validation, which enables malicious actors to manipulate filenames in a way that triggers the execution of unintended commands...