38191 matches found
Denial Of Service (DoS)
es5-ext is vulnerable to a Denial of Service DoS. The vulnerability is due to the handling of functions with very long names or complex default argument names in functioncopy or functiontoStringTokens, which may cause the script to stall. This potentially leads to Denial of Service DoS...
Denial Of Service (DoS)
orjson is vulnerable to Denial Of Service. The vulnerability is due to the lack of recursion depth limits during parsing, which allows attackers to potentially cause denial of service by supplying deeply nested JSON documents...
Insecure File Permissions
rack-cors is vulnerable to Insecure File Permissions. The vulnerability is due to the distribution of files with world-writable permissions. This can potentially lead to unauthorized disclosure or modification...
Buffer Overflow
QEMU is vulnerable to Buffer Overflow. The vulnerability is due to an integer underflow, resulting in a buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in espdonodma in hw/scsi/esp.c because of an underflow...
Path Traversal
@backstage/backend-common is vulnerable to Path Traversal. The vulnerability is due to improper path checks in the resolveSafeChildPath function within paths.ts. Attackers could exploit this weakness to conduct path traversal attacks if they can inject symlink paths...
Cross Site Scripting (XSS)
mlflow is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient sanitization while executing a recipe with an untrusted dataset, which results in client-side RCE in the Jupyter Notebook...
Cross Site Scripting (XSS)
mlflow is vulnerable to Cross Site Scripting XSS. The vulnerability is due to a lack of sanitization within the STACKTRACE and SCHEMA template variables, resulting in a client-side RCE when running an untrusted recipe in Jupyter Notebook...
UI Spoofing
Google Chrome is vulnerable to security UI spoofing. The vulnerability is due to inappropriate implementation in Navigation...
Insufficient Policy Enforcement
chromium is vulnerable to Insufficient Policy Enforcement. The vulnerability is due to the failure to enforce filesystem restrictions adequately. It can allows a remote attacker to bypass filesystem restrictions and can be exploits remotely via a crafted HTML page...
Inappropriate Implementation
chromium is vulnerable to Inappropriate Implementation. The vulnerability is due to inappropriate implementation in the Navigation feature of Google Chrome, allowing a remote attacker to bypass navigation restrictions via a crafted HTML page...
Use After Free
chromium is vulnerable to Use After Free. The vulnerability arises due to improper handling of memory after it has been freed. This allows an attacker who has compromised the renderer process to potentially exploit heap corruption via specific UI gestures...
Bypassing Content Security Policy
Google Chrome is vulnerable to bypassing Content Security Policy. The vulnerability is due to inappropriate implementation in Content Security Policy...
Bypassing Content Security Policy
Google Chrome is vulnerable to bypassing Content Security Policy. The vulnerability is due to inappropriate implementation in Site Isolation...
Use-After-Free
Google Chrome is vulnerable to use-after-free. the vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Out-of-Bounds Write
chromium is vulnerable to Out-of-Bounds Write. The vulnerability is due to improper handling of memory boundaries within the Blink library, which can be exploited by malicious HTML content...
Out-of-bounds Read
onnx is vulnerable to an Out-of-bounds Read. The vulnerability is due to missing buffer size checks which results in an off by one string copy within the ONNXASSERT and ONNXASSERTM functions...
Insecure Deserialization
autoprognosis is vulnerable to Insecure Deserialization. The vulnerability is due to loading untrusted data from loadmodelfromfile function within the Release Note Handler component, resulting in Command Injection...
Heap Corruption
fastecdsa is vulnerable to Denial of Service DoS. The vulnerability is due to the curvemathmul function within curveMath.c being used and interpreted as a user-defined type without proper initialization, leading to potential arbitrary free, realloc, null pointer dereference, and other issues, as...
Information Exposure
sanitize-html is vulnerable to Information Exposure. The vulnerability is due to the parsing of CSS through the style attribute without disabling source maps, which can allow attackers to infer the file system structure and dependencies of the server...
Arbitrary File Read
Appwrite is vulnerable to Directory Traversal. The vulnerability is due to insufficient validation of user-supplied input when creating an ACME challenge file, allowing an attacker to manipulate the request URI to access arbitrary files. The vulnerability is only exploitable if the...
Server Side Request Forgery (SSRF)
org.springframework:spring-web is vulnerable to Open Redirect. The vulnerability is due to insufficient validation checks of the host URL within UriComponentsBuilder.java. If an application utilizes the host validation checks, an attacker can perform an open redirect or Server-Side Request Forger...
Denial Of Service (DoS)
.NET is vulnerable to Denial Of Service Dos. The vulnerability is due to improper handling of x509 certificates, which can result in Denial of Service DoS...
Cross Site Scripting (XSS)
baserproject/basercms is vulnerable to Cross Site Scripting XSS. The vulnerability is due to inadequate input validation, allowing attackers to inject malicious scripts into the search functionality...
Cross-Site Scripting (XSS)
enhavo/enhavo-app is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient input validation in the Undertitle text field, enabling attackers to insert malicious code that is then executed within the context of the website...
Timing Attack
gradio is vulnerable to Timing Attack. The vulnerability is due to string comparisons in Python terminating early upon encountering a string mismatch. This allows an attacker to take advantage of the default lack of rate-limiting, to brute-force the correct username and password of an account...
Unrestricted File Upload
github.com/apache/incubator-answer is vulnerable to Unrestricted File Upload. The vulnerability is due to missing file type checks, which allows an attacker to upload large Pixel files will cause the server to run out of memory, resulting in Denial of Service DoS...
Path Traversal
typo3/cms is vulnerable to Path Traversal. The vulnerability is due to improper type check allowing attackers to bypass directory traversal checks by supplying an invalid UTF-8 encoding sequence...
Race Condition
github.com/apache/incubator-answer is vulnerable to a Race Condition. The vulnerability is due to improper synchronization during user registration, specifically when users rapidly submit multiple registrations using scripts. This can lead to the registration of multiple user accounts with the sa...
Cross Site Scripting (XSS)
labelstudio is vulnerable to Cross Site Scripting XSS. The vulnerability is due to not sanitizing the file in the "data import" function via the file upload feature before being rendered within the Choices or Labels tag. An attacker can inject malicious scripts into the code or imported data whic...
Cross Site Scripting (XSS)
mjml is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper input validation for HTML entities. This allows an attacker to insert untrusted data into MJML templates, which can result in Cross Site Scripting XSS...
External Control Of Filename
phenx/php-svg-lib is vulnerable to External Control of Filename. The vulnerability is due to insecure handling of inline CSS font definitions, allowing an attacker to deserialize a PHAR file through the phar:// URL handler. Note that remote code execution is only possible on PHP versions less the...
Cross-Site Scripting
github.com/apache/incubator-answer is vulnerable to Cross-site Scripting XSS. The vulnerability is due to inadequate sanitization of user input in the summary field, which allows a logged-in attacker to inject malicious code when modifying their own submitted question...
Cross-site Scripting (XSS)
Enhavo is vulnerable to Cross-site Scripting XSS. The vulnerability is due to the Create Tag functionality, allowing attackers to inject arbitrary web scripts or HTML via a crafted payload into the Create Tag field within the New/Edit Article panel...
Chosen-Ciphertext Attack (KyberSlash)
pypqc vulnerable to a chosen-ciphertext attack. The vulnerability is caused by to an attacker submitting numerous ciphertexts for decryption and observing the response, potentially allowing them to recover the private key...
Cross-site Scripting (XSS)
enhavo is vulnerable to Cross-Site Scripting XSS. The vulnerability due to inadequate sanitization of user-supplied input in the Title text field, enabling attackers to inject and execute arbitrary scripts or HTML...
Cross Site Scripting (XSS)
baserproject/basercms is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper sanitation with the content management feature in View/Helper/BcAdminFormHelper.php, which allows an attacker to inject and execute arbitrary JavaScript in the browser...
Permissive Cross-domain Policy With Untrusted Domains
Fiber is vulnerable to Permissive Cross-domain Policy with Untrusted Domains. The vulnerability is due to insecure configurations, specifically allowing the Access-Control-Allow-Origin header to be set to a wildcard while also setting Access-Control-Allow-Credentials to true, contrary to...
Server Side Request Forgery (SSRF)
github.com/grafana/grafana-csv-datasource is vulnerable to Server Side Request Forgery SSRF. The vulnerability is due to improper validation of user input, allowing attackers to craft requests to endpoints within the local network...
Arbitrary Code Execution
pymatgen is vulnerable to Arbitrary Code Execution. The vulnerability is due to missing input sanitization within the JonesFaithfulTransformation.fromtransformationstr method, allowing an attacker to execute malicious code within the context of the application...
Cross-Site Scripting(XSS)
Liferay Portal and Liferay DXP are vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient sanitization in the HtmlUtil.escapeJsLink method, This flaws allowing remote attackers to inject arbitrary web script or HTML via crafted javascript: style links...
Cross Site Scripting
Liferay Portal is vulnerable to Cross Site Scripting. The vulnerability is present in the Users Admin module's edit user page. The vulnerability is due to insufficient sanitization of user input in the "Name" text field, allowing remote authenticated users to inject arbitrary web script or HTML v...
Cross-site Scripting (XSS)
Liferay Portal is vulnerable to stored cross-site scripting. The vulnerability is due to the improper neutralization of input during web page generation which allows remote authenticated users to inject arbitrary web script or HTML via a crafted payload injected into the first/middle/last name te...
Arbitrary Code Execution
phenx/php-svg-lib is vulnerable to Arbitrary Code Execution. The vulnerability due to lack of validation of the font-family attribute. An attacker can parse a Scalable Vector Graphics SVG containing a PHAR url within the the font family attribute, potentially leading to arbitrary code execution...
Cross-site Scripting (XSS)
Liferay Portal is vulnerable to stored cross-site scripting XSS. The vulnerability is due to improper neutralization of input during web page generation which allows remote authenticated users to inject arbitrary web script or HTML via a crafted payload injected into the name text field of a...
Cross-site Scripting (XSS)
Liferay Portal is vulnerable to Stored cross-site scripting XSS. The vulnerability is due to inadequate input validation, allowing remote authenticated users to inject arbitrary web script or HTML via a crafted payload into a document's “Title” text field...
Cross Site Scripting
Liferay Portal is vulnerable to Cross Site Scripting. The vulnerability is due to inadequate input validation and output sanitization on the Language Override edit screen, allowing remote attackers to inject arbitrary web script or HTML via the...
Denial Of Service (DoS)
Helm is vulnerable to Denial Of Service DoS. The vulnerability is due to missing checks during the parsing of index and plugin YAML files leading to a crash when either an index.yaml file or a plugin.yaml file are missing metadata...
Denial Of Service (DoS)
cryptography is vulnerable to Denial Of Service DoS. The vulnerability is caused when a certificate's public key and the provided private key do not match, and the hmachash method is called within the privateFormat.PKCS12.encryptionbuilder object. This vulnerability allows an attacker to crash th...
Cross-site Scripting (XSS)
The Calendar module in Liferay Portal is vulnerable to Cross-site Scripting. The vulnerability is due to not escaping the user-supplied data in the default notification email template, which allows remote authenticated users to inject arbitrary web script or HTML via the title of a calendar event...
Cross-Site Scripting
Liferay portal is vulnerable to reflected cross-site scripting XSS. The vulnerability is due to insufficient input validation that allows remote attackers to inject arbitrary web script or HTML via a crafted payload into the “Blocked Email Domains” text field in the instance settings for Accounts...