Insecure Deserialization

Torrentpier is vulnerable to Insecure Deserialization. The vulnerability is due to a lack of proper validation during deserialization. This allows an attacker to execute arbitrary commands on the server...

Denial Of Service (DoS)

org.apache.commons: commons-compress is vulnerable to Denial Of Service. The vulnerability is due to an infinite loop when parsing dump files, which allows an attacker to inject crafted values to cause Denial of Service DoS...

Path Traversal

PrestaShop is vulnerable to Path Traversal. The vulnerability is due to a lack of file path validation in the getTemplateVarUrls function within FrontController.php. This can potentially lead to sensitive information disclosure...

Improper Access Control

ipmctl is vulnerable to Improper Access Control. The vulnerability due to lack of proper access controls means that an authenticated user could gain unauthorized access to certain functionalities or perform actions. It allows an attacker could gain higher levels of access or control over the...

Missing Permission Checks

libzephyr.so is vulnerable to Missing Permission Checks. This vulnerability is due to improper handling of attribute permissions, specifically for LE Secure Connection encryption. The vulnerability arises because even when the BTGATTPERMREADLESC and BTGATTPERMWRITELESC configuration parameters ar...

Improper Restriction Of Excessive Authentication Attempts

github.com/greenpau/caddy-security is vulnerable to Improper Restriction of Excessive Authentication Attempts via the two-factor authentication 2FA. The vulnerability is due to improper 2FA timeout functionality, allowing an attackers to bypass this blocking mechanism by automating the...

HTTP Header Injection

github.com/greenpau/caddy-security is vulnerable to HTTP Header Injection. The vulnerability is due the handling of the X-Forwarded-Proto header, specifically when redirecting to the injected protocol. Exploiting this vulnerability could lead to the bypass of security mechanisms or TLS protocol...

Insufficient Session Expiration

github.com/greenpau/caddy-security is vulnerable to Insufficient Session Expiration. The vulnerability is due to improper user session invalidation upon clicking the "Sign Out" button. User sessions remain valid even after requests are sent to /logout and /oauth2/google/logout. Attackers who gain...

Improper Validation Of Array Index

github.com/greenpau/caddy-security is vulnerable to Improper Validation of Array Index. The vulnerability is due to improper checks when parsing a Caddyfile. Caddy-security fails to validate whether the input values are nil before attempting to access elements, which can lead to a panic index out...

Cross-site Scripting (XSS)

github.com/greenpau/caddy-security is vulnerable to Cross-site Scripting XSS via the Referer header. The vulnerability is due to improper input sanitization. Although the Referer header is sanitized by escaping some characters that can allow XSS e.g., &, , ", ', it does not account for an attack...

Cross Site Scripting (XSS)

@scrypted/core and @scrypted/server are vulnerable to Cross Site Scripting. The vulnerability is due to insufficient input validation on the login page, allowing attackers to execute arbitrary JavaScript code after the login process...

Path Traversal

react-native-document-picker is vulnerable to a Path Traversal. The vulnerability is due to improper input validation, allowing a local attacker to execute arbitrary code. The attacker can exploit this by crafting a malicious script and executing it via the Android library component...

Resource Exhaustion

bind9 is vulnerable to Resource Exhaustion. The vulnerability due to excessive CPU load on DNS message parsing code in named includes a section whose computational complexity is overly high. It leads to degraded performance, unresponsiveness, or denial of service, affecting the availability and...

Improper Input Validation

tuf is vulnerable to Improper Input Validation. The vulnerability is due to a lack of validation in ensuring that the provided delegatedrolename is actually a delegated role by the Targets, particularly when using "succinct delegation". This allows an attacker to manipulate the delegatedrole...

Server Side Request Forgery (SSRF)

github.com/greenpau/caddy-security is vulnerable of Server Side Request Forgery SSRF. The vulnerability due to improper X-Forwarded-Host validation. An attacker can manipulate the X-Forwarded-Host header to interact with internal services on the network, potentially resulting in sensitive...

Open Redirection

github.com/greenpau/caddy-security is vulnerable to Open Redirect. The vulnerability is caused when a user clicks on a specially crafted link with a redirecturl parameter while logged in, resulting in the user being redirected to an arbitrary site. The user must take an action, such as clicking o...

Buffer Overflow

libzephyr.so is vulnerable to Buffer overflow. The vulnerability is due to signed to unsigned conversion when passing a negative size to memcpy, which can lead to buffer overflow in the esp32ipmsend function...

Out-of-bounds Write

libzephyr.so is vulnerable to Out of Bounds Write. The vulnerability is due to insufficient bounds checks when filtering IDs in the canstm32removerxfilter, cannxps32removerxfilter, and mcp2515removerxfilter functions. This issue arises because these functions do not adequately verify that the...

Stack-based Buffer Overflow

libzephyr.so is vulnerable to a Buffer Overflow. The vulnerability is due to an unchecked length coming from user input in settings shell, specifically during the handling of SETTINGSVALUESTRING type values, which can result in copying data of a length greater than the buffer size allocated for...

Remote Code Execution (RCE)

redaxo/source is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of user-supplied input within the 'Template' functionality with in modules.modules.php, which allows attackers to execute arbitrary code...

Decompression Bomb

scrapy is vulnerable to Decompression Bomb. The vulnerability is caused due to not enforcing validating the maximum size of decompressed data and applying the check only on compressed one. The existing checks only applied to settings DOWNLOADMAXSIZE and DOWNLOADWARNSIZE which only exist on...

Path Traversal

yetiforce/yetiforce-crm is vulnerable of Path Traversal. The vulnerability is caused due to not sanitizing and validating the file path used to load/retrieve file contents in the file LibraryLicense.php. A remote authenticated attacker can exploit this to obtain sensitive information via the...

Improper Authorization

com.hazelcast:hazelcast is vulnerable to Improper Authorization. The issue exists within the SQL mapping for the CSV File Source connector. The vulnerability is due to inadequate permission checking, allowing unauthorized clients to access data from files stored on a member's filesystem. Attacker...

Denial Of Service (DoS)

Undici is vulnerable to Denial of Service DoS. The vulnerability is caused due to calling fetchURL and not consuming the incoming body or consuming it very slowly. This potentially leads to Denial of Service DoS attacks...

Open Redirect

glewlwyd is vulnerable to open redirection. The vulnerability is due to improper validation of the redirecturi parameter, allowing attackers to redirect users to arbitrary web URLs...

Proxy-Authentication Header Leakage

Undici is vulnerable to Proxy-Authentication header leakage. The vulnerability is due to not clearing Proxy-Authentication headers on cross-origin redirects. Attackers could potentially exploit this vulnerability to gain unauthorized access or obtain sensitive data transmitted via these headers,...

Insecure Randomness

github.com/greenpau/go-authcrunch is vulnerable to Insecure Randomness. The vulnerability is caused due to using math/rand Golang library with a seed based on the Unix timestamp to generate strings for three security-critical contexts in the application. Attackers could use the potentially...

Authentication Bypass Via Spoofing

github.com/greenpau/caddy-security is vulnerable to Authentication Bypass via Spoofing the X-Forwarded-For header. The vulnerability is due to improper input validation. An attacker can spoof an IP address used in the user identity module. This could lead to unauthorized access if the system trus...

SMTP Smuggling

sendmail is vulnerable to SMTP Smuggling. The vulnerability is due to injecting email messages with a spoofed MAIL FROM address using sendmail supports . sequence which allows malicious emails to be accepted as legitimate and leads to bypass of SPF protection mechanisms...

Denial Of Service

dnsmasq is vulnerable to Denial of Service. The vulnerability due to KeyTrap issue when dealing with a zone that contains numerous DNSKEY DNS Key and RRSIG Resource Record Signature records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG...

Reachable Assertion

libbind9.so is vulnerable to an assertion failure during recursive resolution. The vulnerability is due to a bad interaction between DNS64 and serve-stale features when both are enabled. This can potentially leads to Denial of service...

Assertion Failure

bind9 is vulnerable to Assertion Failure. The vulnerability is due to assertion failure when the resolver receives a PTR Pointer Record query for an RFC 1918 address a private IP address as defined by the Internet Assigned Numbers Authority in nxdomain-redirect ; configuration. which leads to a...

Denial Of Service

Bind9 is vulnerable to denial of service. The vulnerability is due to asynchronous processes of named running as a recursive resolver component of BIND, when attempting to clean up its cache database which enables the list of queued cleanup events to grow infinitely large over time, allowing the...

Path Traversal

engrampa is vulneravle to Path Traversal. The vulnerability occurs an application does not properly validate or sanitize user input during the handling of CPIO archives which does not adequately check the symlink location. It allows an attacker arbitrary file writes to unintended locations and ca...

Authorization Header Leakage

scrapy is vulnerable to Authorization Header Leakage. The vulnerability is due to improper handling of the Authorization header when the response includes a redirection. The Authorization header is not ommited when Scrapy is redirected, resulting in the Authorization header being sent to the...

Regular Expression Denial Of Service (ReDoS)

scrapy is vulnerable to Regular expression Denial of Service ReDoS. The vulnerability is due to the usage of a regular expression with Inefficient complexity. This may cause extreme CPU and memory usage due, leading to Regular expression Denial of Service ReDoS...

Improper Access Control

gitlab:sid is vulnerable to Improper Access Control. The vulnerability is due to improper access control which allows a maintainer to change the name of a protected branch that bypasses the security policy added to block MR...

Path Traversal

Digdag is vulnerable to Path Traversal. The vulnerability is due to a lack of validation of file paths within LocalFileLogServerFactory.java when its configured to store logs locally.. This could allow an attacker to access and read sensitive data, configuration files, or other information stored...

Cross Site Scripting (XSS)

easy-email-extensions is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient sanitization within the JSON Source Code Panel, allowing an attacker to execute arbitrary JavaScript in the browser. An attacker can exploit this vulnerability by injecting malicious scripts...

Denial Of Service (DoS)

libsquid.so is vulnerable to Denial Of Service DoS. The vulnerability is due to HTTP header parsing, allowing remote attackers to perform Denial of Service attacks by sending oversized headers...

Integer Overflow

libebml.so is vulnerable to Integer Overflow. The vulnerability is due to improper validation of input sizes, leading to potential a crash...

Path Traversal

github.com/helm/helm is vulnerable to Path Traversal. This vulnerability is due to a flaw in the validation and linting process within the client and SDK, allowing the saving of charts outside their expected directory based on changes in relative paths specified in the Chart.yaml file. An attacke...

Cross-Site Scripting (XSS)

sidekiq-unique-jobs is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper parameter sanitization within GET request to the admin webUI. This allows an attacker with super-user permission to execute arbitrary JavaScript code in the browser...

Denial Of Service

dnsmasq is vulnerable to Denial Of Service. The attacker can exploit this vulnerability by sending crafted DNSSEC responses to the target system, causing it to consume excessive CPU resources...

Directory Traversal

diffoscope is vulnerable to Directory Traversal. The vulnerability is due to the trusted value of the gpg --use-embedded-filenames option,which can be exploited by an attacker to disclose contents of arbitrary files, such as ../.ssh/idrsa...

Use After Free

hugin is vulnerable to Use After Free. The vulnerability is due to the ImageVariable::linkWith function. An attacker can exploit this vulnerability by parsing a crafted image...

Buffer Overflow

hugin is vulnerable to Buffer Overflow. The vulnerability is due to the PanoramaMemento::loadPTScript function. This allows an attacker to cause a heap buffer overflow via parsing a crafted image...

Heap Buffer Overflow

hugin is vulnerable to heap buffer overflow. The vulnerability is due to the HuginBase::PTools::setDestImage function. This allows an attacker to cause a heap buffer overflow via parsing a crafted image...

Improper Input Validation

hugin is vulnerable to Improper Input Validation. The vulnerability is due to the mishandling of values in the HuginBase::PTools::Transform::transfor function. This could lead to assertion failure...

Incorrect Authorization

github.com/grafana/grafana is vulnerable to Incorrect Authorization. The vulnerability is due to the verifyemailenabled option validating only at sign-up, allowing a user to change their email after signing up and verifying it without re-verification in the /profile section. This can be exploited...