Overly Restrictive Account Lockout Mechanism

org.keycloak, keycloak-core is vulnerable to Overly Restrictive Account Lockout Mechanism. The vulnerability is due to improper handling of login attempts, which may allow a remote unauthenticated attacker to block other accounts from logging in by exploiting this flaw under certain conditions...

Improper Access Control

Suricata is vulnerable to Improper Access Control. The vulnerability is due to the way rules inspecting HTTP2 headers are implemented. An attacker can bypass these rules by splitting header frames...

Sensitive Information Disclosure

github.com/helm/helm/ is vulnerable to Sensitive Information Disclosure. The vulnerability is due to displaying secret values during a --dry-run call, posing a security risk of information disclosure, especially in CI/CD tool usage...

Path Traversal

langchain is vulnerable to Path Traversal. This vulnerability is due to a flaw in the loadchain function, allowing an actor to control the final part of the path parameter. This bypasses the intended behavior of loading configurations solely from a specific GitHub repository. The consequence coul...

Denial Of Service (DoS)

phpseclib/phpseclib is vulnerable to a Denial Of Service DoS. The vulnerability is due to a flaw in processing the ASN.1 object identifier of a certificate in ASN1.php file, where providing a sub identifier may lead to denial of service due to excessive CPU consumption during the decodeOID...

Remote Code Execution(RCE)

Nteract is vulnerable to Remote Code Execution RCE. The vulnerability is caused due to a lack of input validation in the Markdown link parsing functionality, allowing malicious actors to execute arbitrary code remotely...

Insecure Deserialization

Dataease is vulnerable to Insecure Deserialization. The vulnerability is due not considering URL encoding while blacklisting certain user-controllable jdbc parameters in the JDBC connection url while calling methods getExtraParams and URLDecoder.decodegetExtraParams within Mysql.java. An attacker...

Memory Leak

libming.so is vulnerable to Memory Leak. The vulnerability is due to a failure to free allocated heap memory for SWFFILLSTYLE in the fillstyle-FillStyles member during parsing of a crafted SWF file, leading to a Denial of Service DoS...

Denial Of Service (DoS)

phpseclib/phpseclib is vulnerable to a Denial Of Service DoS. The vulnerability is due to a flaw in handling malformed certificates in the phpseclib/Math/BigInteger.php file by using the method isPrime. It allows an attacker to trigger excessive CPU consumption during the isPrime primality check...

Cross-site Scripting (XSS)

Concrete CMS is vulnerable to cross-site scripting. The vulnerability is due to improper input validation, allowing an administrator to inject malicious code through the Layout Preset name, posing a risk of executing unauthorized scripts within the context of the targeted user's browser...

Memory Leak

libming/libming is vulnerable to Memory Leak. The vulnerability is due to a failure to free dynamically allocated memory for gerec-GlyphIndex, resulting in a denial of service DoS when processing a crafted SWF file...

Cross Site Scripting

sidekiq-unique-jobs is vulnerable to Cross Site Scripting XSS. The vulnerability is due to a missing input validation and output sanitization for the GET request parameters handled by the endpoints - /changelogs, /locks and /expiringlocks of the "admin" web UI. This can allow an attacker to...

Cross Site Scripting(XSS)

bagisto/bagisto is vulnerable to Cross Site ScriptingXSS.The vulnerability is due to insufficient validation of user-uploaded PNG files in the ThemeCustomizationRepository.php file by using the product review option, allowing attackers to inject malicious scripts into the application, posing a ri...

Cross Site Scripting(XSS)

org.apache.archiva, archiva-common is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of input during web page generation, allowing malicious scripts to be injected into web pages. This poses a risk of executing arbitrary code in the context of a user's...

Type Confusion

Google Chrome is vulnerable to Type Confusion. The vulnerability is due to type confusion in the V8 engine of Google Chrome versions prior to 122.0.6261.94. A remote attacker could potentially exploit this by using a crafted HTML page to corrupt objects, leading to security issues...

Type Confusion

Google Chrome is vulnerable to Type Confusion. The vulnerability is due to type confusion in the V8 engine of Google Chrome versions prior to 122.0.6261.94. A remote attacker could potentially exploit this by using a crafted HTML page to corrupt objects, leading to security issues...

Integer Overflow

github.com/authzed/spicedb is vulnerable to Integer Overflow. The vulnerability is due to a potential panic scenario, rendering the server unavailable and this arises from an excessive number of relationships for a specific resource and subject type within any SpiceDB cluster. It may lead to...

Cross Site Request Forgery (CSRF)

mongo-express is vulnerable to Cross Site Request Forgery CSRF. The vulnerability is due a missing CSRF protection in an end point /admin. An attacker can exploit this to do unauthorized actions, such as deletion of a Collection...

Improper Authentication

ZenML Server is vulnerable to Improper Authentication. The vulnerability is due to the REST API /api/v1/users/usernameorid/activate allows access on the basis of a valid username along with a new password in the request body. An attacker can exploit this to mount remote privilege escalation...

Missing Critical Step In Authentication

Central Dogma is vulnerable to Missing Critical Step in Authentication. The vulnerability is due accepting unsigned SAML messages assertions, logout requests, etc. as they are when using SAML as the authentication mechanism instead of rejecting them. An attacker can forge a SAML message to...

Improper Input Validation

Apache DolphinScheduler is vulnerable to Improper Input Validation. The vulnerability is due to a missing input validation in method generateContentWithTaskParams for the parameter condition. An authenticated user can execute arbitrary, unsandboxed JavaScript on the server by submitting crafted...

Denial Of Service (DoS)

phpseclib/phpseclib is vulnerable to a Denial Of Service DoS. The vulnerability is due to a flaw in handling malformed certificates in the phpseclib/Math/BigInteger.php file by using the method isPrime. It allows an attacker to trigger excessive CPU consumption during the isPrime primality check...

Exposure Of Resource To Wrong Sphere

Apache-airflow is vulnerable to Exposure of Resource to Wrong Sphere. The vulnerability is due to improper permission checks in the API and UI components. An attacker can view DAG code and import errors for DAGs they are not authorized to access by exploiting this vulnerability...

Uncontrolled Resource Consumption

Mattermost is vulnerable to Uncontrolled Resource Consumption. The vulnerability is due to the failure in limiting the number of role names that can be requested from the API. An attacker can cause the server to run out of memory and crash by issuing an unusually large HTTP request...

Cross-site Request Forgery (CSRF)

phpPgAdmin is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to insufficient validation of the request source in the "database.php" area of phpPgAdmin. This allows sensitive actions to be performed without proper verification of the request's origin. A remote attacker can...

Out-of-bounds Read

@openzeppelin/contracts, @openzeppelin/contracts-upgradeable are vulnerable to Out-of-bounds Read. The vulnerability is due to Base64.encode function which encodes a byte input by iterating over it in chunks of 3 byte and reading the parts of the memory beyond the input buffer when the input is n...

Improper Access Control

github.com/mattermost/mattermost/ is vulnerable to Improper Access Control. The vulnerability is due to inadequate authorization checks for requests fetching the team associated AD/LDAP groups. This enables users to retrieve details of AD/LDAP groups from teams they are not part of...

Improper Access Control

github.com/mattermost/mattermost/ is vulnerable to Improper Access Control. The vulnerability is due to a failure in restricting the access of files attached to posts in an archived channel even if the Allow users to view archived channels option is disabled. This may lead to leak of sensitive...

Improper Access Control

github.com/mattermost/mattermost/ is vulnerable to Improper Access Control. The vulnerability is due to a failure to check compliance export settings, allowing non-members to fetch posts without being audited. Attackers can exploit this to access sensitive information without detection...

Memory Leak

libming/libming is vulnerable to Memory Leak. The vulnerability is due to heap memory allocations on Characters and Actions within the function parseSWFDEFINEBUTTON, which are not subsequently deallocated. This allows an attacker to trigger a Denial of Service DoS through a manipulated SWF file...

Cross Site Scripting(XSS)

cockpit-hq/cockpit is vulnerable to Cross Site ScriptingXSS. The vulnerability is due to inadequate input validation, allowing an authenticated user to upload a PDF file containing a malicious JavaScript payload, which is executed upon file upload...

Open Redirect

docassemblewebapp is vulnerable to open redirect. The vulnerability is due to inadequate validation or sanitization of user input in the redirect URL parameter, allowing malicious actors to create URLs that redirect users to arbitrary external websites...

Cross Site Scripting

concrete5/concrete5 is vulnerable to cross-site scripting. The vulnerability is due to inadequate input validation on user-supplied data through the URL path /dashboard/system/basics/name, allowing malicious scripts to be stored and executed in the context of the user's browser when the affected...

Memory Leak

libming/libming is vulnerable to Memory Leak. The vulnerability is due to the allocation of brec-GlyphCount into heap memory inside function parseSWFTEXTRECORD, which is never freed. This allows attackers to execute a Denial of Service DoS by exploiting the flaw with a crafted SWF file...

Out-Of-Bounds

arm-trusted-firmware is vulnerable to a potential out-of-bounds. The vulnerability is due to insufficient validation of the input parameter in register x1 within the sdeiinterruptbind function and this parameter is subsequently used in the platicgetinterrupttype call, allowing an arbitrary value...

Sensitive Information Disclosure

Mattermost server is vulnerable to Sensitive Information Disclosure. The vulnerability is caused as the server fails to sanitize data associated with permalinks when a plugin updates an ephemeral post. This results an authenticated attacker who can control the ephemeral post update to access...

Classic Buffer Overflow

zephyrproject-rtos/zephyr is vulnerable to Classic Buffer Overflow. The vulnerability is due to not properly checking the length of the path before copying it into the dirpath in the ismountpoint function within fusefsaccess.c.This potentially leads to Denial of Service DoS...

HTML Injection

docassemblewebapp is vulnerable to HTML injection. The vulnerability is due to improper handling of user-added HTML including user's name field, allowing the input to be displayed on the screen as HTML which can also include...

Race Condition

github.com/mattermost/mattermost-server is vulnerable to a race condition. The vulnerability is due to a failure in handling concurrent requests of post creation and post deletion. An authenticated attacker can exploit this to gain an unauthorized access to individual post's contents via carefull...

Information Disclosure

github.com/mattermost/mattermost-server is vulnerable to an information disclosure. The vulnerability is due to insufficient sanitization of the metadata on posts containing permalinks under specific conditions, allowing an authenticated user to access the contents of individual posts in channels...

Cross Site Request Forgery (CSRF)

concrete5/concrete5 is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to the sequential and numeric nature of event IDs via /ccm/calendar/dialogs/event/delete/submit endpoint, allowing an attacker to manipulate an admin into unintentionally deleting events on the site...

Improper Access Control

Mattermost is vulnerable to Improper Access Control. The vulnerability is due to an improper check of the inviteguest permission, allowing a member with permissions to add other members but not to add guests to add a guest to a team, provided the guest was already a guest in another team of the...

Denial Of Service (DOS)

github.com/mattermost/mattermost-server is vulnerable to a Denial of Service DoS. The vulnerability is due to improper validation of the length of the emoji value in the custom user status, allowing an attacker to send a very long string as an emoji value multiple times, causing high resource...

Denial Of Service (DoS)

jose2go is vulnerable to Denial of Service DoS. The vulnerability is caused due to a lack of input validation and handling for the "p2c" PBES2 Count parameter. This allows an attacker to provide a large "p2c" value, leading to a Denial of Service DoS CPU consumption vulnerability...

Cross Site Request Forgery (CSRF)

concrete5/concrete5 is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to insufficient validation in the /ccm/system/dialogs/file/delete/1/submit endpoint, allowing attackers to forge requests to delete files without proper authorization...

Server Side Request Forgery (SSRF)

mpdf/mpdf is vulnerable to Server Side Request Forgery SSRF. The vulnerability is due to not sanitizing user input while creating PDF when using html2pdf service. An attacker can exploit this flaw to use crafted html to include any arbitrary URL in the input to read the data from or to attack the...

Memory Leak

libming.so is vulnerable to Memory Leak. The vulnerability is due to the failure to de-allocate the memory from SWFParserstruct variable in parser.c. The attacker can perform a DoS via a crafted SWF file...

Cross Site Scripting (XSS)

Flask-AppBuilder is vulnerable to Cross-Site Scripting XSS. The vulnerability is caused by insufficient sanitization of user-provided data in the handling of URLs within the OAuth login page, allowing an attacker inject and execute malicious JavaScript code in the user's browser...

Deserialization Of Untrusted Data

org.apache.james: james-server is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to a JMX endpoint being exposed on localhost, allowing exploitation with a deserialization gadget, potentially resulting in privilege escalation or remote code execution...

Cross Site Scripting (XSS)

intelliants/subrion is vulnerable to Cross Site Scripting XSS. The vulnerability is due to inadequate input sanitization in the adminer.php script, allowing attackers to inject malicious scripts into web pages viewed by other users...