Improper Access Control

openjdk is vulnerable to an Improper Access Control vulnerability. The vulnerability is due to improper handling of certain APIs within the Scripting component, allowing attackers to exploit it through multiple network protocols without authentication...

Unauthorized Access

Oracle openjdk vulnerable to Unauthorized Access to critical data. The vulnerability is due to insufficient validation in the Hotspot component, particularly when APIs within this component receive and process data from sources such as web services.The vulnerability allows an unauthenticated...

Unauthorised Data Access

openjdk is vulnerable to an unauthorized data access vulnerability. The vulnerability is due to insufficient security controls that allow an unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful...

Stack-based Buffer Overflow

epub2txtedge is vulnerable of Stack-based Buffer Overflow. The vulnerability due to processing a crafted EPUB document with function xhtmltranslateentity in xhtml. It allows an attacker could potentially exploit this issue by providing specially crafted input within an EPUB file...

Information Exposure

gnutls is vulnerable to Information Exposure. The vulnerability is due to differential response times to malformed ciphertexts versus correctly padded PKCS1 v1.5 ciphertexts during RSA-PSK ClientKeyExchange. This behavior allows an remote attacker to perform a timing side-channel attack,...

Improper Verification Of Cryptographic Signature

gnutls is vulnerable to Improper Verification Of Cryptographic Signature. The vulnerability is due to improper handling of certificate chains with distributed trust, particularly when used with cockpit and validated through cockpit-certificate-ensure. This allows an unauthenticated attacker to...

Out-of-bounds Write

ARM is vulnerable to Out-of-bounds Write. The vulnerability is due to arithmetic overflows during cache cleaning and invalidation, which can skip the intended cache operations, leading to undefined behavior where writes may not reach memory as expected...

NULL Pointer Dereference

Xen is vulnerable to NULL Pointer Dereference. The vulnerability is caused by transmit requests in Xen's virtual network protocol consisting of multiple parts, where any of them, except for the initial part, may be of zero length, leading to a NULL dereference...

OS Command Injection

OpenSSH is susceptible to an OS command injection flaw because it fails to adequately validate user names or host names that include shell metacharacters. This flaw enables attackers to exploit these names through an expansion token in certain scenarios, such as when a submodule in an untrusted G...

Improper Authentication

OpenSSH is vulnerable to Improper Authentication. The vulnerability is due to destination constraints being incompletely applied due to their limitation to the first key when a PKCS11 token returns multiple keys, even though these constraints are specified during the addition of PKCS11-hosted...

Timing Side-Channel Attack

darkhttpd is vulnerable of Timing Side-Channel Attack. The vulnerability due to strcmp is not implemented in constant time. it allows a remote attacker may exploit timing differences in the comparison process to deduce information which leads to bypass authentication...

Integer Overflow

mbedtls is vulnerable to Integer Overflow. The vulnerability is due to improper handling within the mbedtlsx509setextension function. This flaw allows an attacker to cause Denial of service via crafted malicious Input...

Request Smuggling

aiohttp is vulnerable to Request Smuggling.The vulnerability is caused due to improper parsing of HTTP requests within httpparser.py. This flaw results in excessive resource consumption on the application server, resulting in Denial of Service DoS and/or Request Smuggling...

Sensitive Information Disclosure

Apache Kylin is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the exposure of credentials within the kylin.properties file through the Server Config web interface when the Kylin service runs over HTTP. This could allow an attacker to gain unauthorized access to the...

Arbitrary File Write

Nginx-UI is vulnerable to Arbitrary File Write vulnerability. The vulnerability is due to improper input validation when adding certificates. This issue can be exploited by an attacker to write into arbitrary paths in the system...

Weak TLS Encryption

MeshCentral is vulnerable to TLS Downgrade Attack. The vulnerability is due to the usage of TLS that includes known vulnerabilities. An attacker can possibly eavesdrop on communication as result of this vulnerability...

Path Traversal

aiohttp is vulnerable to Path Traversal. The vulnerability is due to faulty path validation which checks if the file being accessed is within the intended static root directory when followsymlinks = True. This allows an attacker to access files and directories outside the intended static root...

Remote Code Execution

Nginx-UI is vulnerable to Remote Code Execution. The vulnerability is due to improper input validation within testconfigcmd or startcmd. This issue can be exploited by an attacker by modifying the values, resulting in Remote Code Execution...

Authentication Bypass

Authentik is vulnerable to Authentication Bypass. The vulnerability is due to improper validation of the codechallenge parameter from the PKCE authorization request. This issue can be exploited by an attacker by removing the codechallenge parameter resulting in authentication downgrade...

Cross Site Scripting (XSS)

Orthanc is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to a missing sanitization in the server's error reporting. This can lead to compromising Confidentiality and Integrity of the system...

HTTP Request Smuggling

chasquid is vulnerable to HTTP Request Smuggling. The vulnerability is caused because of LF-terminated lines being accepted. This can lead to compromizing Integrity of the system...

Improper Access Control

GitLab EE is vulnerable to Improper Access Control. The vulnerability is caused due to a flaw in authorization check while approving previously approved merged request. This flaw can be exploited to bypass CODEOWNERS approval by adding changes to a previously approved merge request...

Insecure Deserialization

temporai is vulnerable to Insecure Deserialization. The vulnerability is caused due to a missing validation/sanitization while deserializing user provided data in function loadfromfile of the component PKL File Handler within utils/serialization.py. An attacker can exploit this remotely to...

Arbitrary File Read

Jenkins Git server Plugin is vulnerable to Information Disclosure. The vulnerability is caused due to a lack of proper input validation in the Git Server Plugin's command parser feature. This allows an attacker with Overall/Read permission to read content from arbitrary files on the Jenkins...

Buffer Overflow

libgpac.so is vulnerable to Buffer overflow. The vulnerability is due to a lack of size validation for the compressorname parameter within the gfisomnewgenericsampledescription function. An attacker can enter an arbitrary size which leads to buffer overflow...

Insecure Deserialization

synthcity is vulnerable to Insecure Deserialization. The vulnerability is caused due to a missing validation/sanitization while deserializing user provided data in the loadfromfile function of the PKL File Handler component within utils/serialization.py...

Inadequate TLS Encryption

github.com/dexidp/dex is vulnerable to Inadequate TLS Encryption. The vulnerability is due to serving HTTS traffic over insecure TLS 1.0 and TLS 1.1, which allows an attacker to eavesdrop on the traffic...

SQL Injection

pimcore/admin-ui-classic-bundle is vulnerable to SQL Injection. The vulnerability is due to missing selectedIds parameter validation. Any backend user with basic permissions can execute arbitrary SQL statements...

Path Traversal

Jenkins Matrix Project Plugin is vulnerable to Path Traversal. The vulnerability is caused due to improper sanitization of user-defined axis names in multi-configuration projects. This could allow an attacker to manipulate or replace the config.xml files with arbitrary content, resulting in Path...

Host Header Injection

pimcore/admin-ui-classic-bundle is vulnerable to Host Header Injection. The vulnerability is due to missing Host header validation. An attacker can a send password change requests to a user, specifying a "Host" header of a website they control, resulting in them receiving the password token,...

Denial Of Service (DoS)

libtiff.so is vulnerable to Heap-based Buffer Overflow. The vulnerability is due to a lack of validation for row parameter in the TIFFReadRGBATileExt function within tifgetimage.c. This flaw allows a remote attacker to pass a crafted TIFF file to which results in improper handling of data, causin...

Denial Of Service (DoS)

libtiff.so is vulnerable to Denial Of Service DoS. The vulnerability is due to the TIFFRasterScanlineSize64 function returning excessively small or large sizes for certain TIFF inputs. This flaw allows a remote attacker to cause a Denial Of Service DoS via a crafted input with a size smaller than...

Denial Of Service (DoS)

github.com/openfga/openfga is vulnerable to Denial Of Service DoS. The vulnerability is due to inefficient memory management in the ListObjects function, particularly in handling the closure of the ReverseExpand channel, resulting in memory being improperly released. This flaw allows an attacker ...

Cross-site Scripting (XSS)

dolibarr/dolibarr is vulnerable to Cross-Site Scripting. The vulnerability is due to a lack of sanitization for the key variable in the topmenu function within main.inc.php. This allows an attacker to insert malicious JavaScript code into the key variable resulting in Cross-Site Scripting...

Arbitrary Code Execution

Processwire is vulnerable to Arbitrary Code Execution. The vulnerability is due to the downloadzipurl parameter when installing new modules. which allows an attacker to execute arbitrary code and install a reverse shell...

Improper Access Control

GitLab is vulnerable to Improper Access Control. The vulnerability is caused due to flaws in the implementation of access controls mechanism.This allows an attacker to create a workspace in one group that is associated with an agent from another group...

Insufficient Verification Of Data Authenticity

GitLab CE/EE is vulnerable to Insufficient Verification of Data Authenticity. The vulnerability is caused due to an attacker could potentially modify the metadata of signed commits. This can lead to compromising Integrity of the system...

Prototype Pollution

Axios is vulnerable to Prototype Pollution. The vulnerability is due to the formDataToJSON method within lib/helpers/formDataToJSON.js improperly filtering the proto attribute from the FormData object, allowing an attacker to overwrite critical JavaScript Object attributes...

Credential Exposure

Microsoft.Data.SqlClient is vulnerable to Credential Exposure. The vulnerability is due to improper handling of TLS connections, allowing an attacker to read or modify traffic between the server and client. The attacker would have to position themself between the client and server, resulting in...

Arbitrary File Read

org.jenkins-ci.plugins: log-command is vulnerable to Arbitrary File Read. The vulnerability is due to the command parser incorrectly sanitizing the @ character followed by a file path in an argument with the file's contents. This allows an unauthenticated attacker to read arbitrary files on the...

Cleartext Storage Of Sensitive Information

apache-airflow & apache-airflow-providers-cncf-kubernetes are vulnerable to Cleartext Storage Of Sensitive Information. The vulnerability is due to the storage of configuration files without encryption, and plaintext logging of configuration details, allowing an attacker to access the kubernetes...

Improper Authorization

apache-airflow is vulnerable to Improper Authorization. The vulnerability is due to missing access control check while accessing DAG code. An authenticated user can access source code of DAG to which they don't have access to...

Denial Of Service (DoS)

mupdf is vulnerable to Divide By Zero. The vulnerability is caused due to missing float validation in the bmpdecompressrle4 function within load-pnm.c, resulting in a divide by zero exception. This can potentially lead to a Denial of Service DoS attacks...

Denial Of Service (DoS)

mupdf is vulnerable to Divide By Zero. The vulnerability is caused due to missing float validation in the pnmbinaryreadimage function within load-pnm.c, resulting in a divide by zero exception. This can potentially lead to a Denial of Service DoS attacks...

Denial Of Service (DoS)

mupdf is vulnerable to Divide By Zero. The vulnerability is caused due to missing float validation in the computecolor function within jquant2.c, resulting in a divide by zero exception. This can potentially lead to a Denial of Service DoS attacks...

Deserialization Of Untrusted Data

apache-airflow is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to the deserialization of pickle stream when enablexcompickling = False. An attacker can poison XCom data by bypassing the protection of enablexcompickling = False. The vulnerability requires a DAG author...

Cross Site Scripting (XSS)

com.jfinal: jfinal is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper handling of the password parameter within the /admin/login route . This allows attackers to execute arbitrary code via crafted malicious URLs, resulting in Cross-Site Scripting...

Denial Of Service (DoS)

sveltejs/kit is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of HTTP GET and TRACE requests that include a empty body. When such requests are received, the application throws an error stating "Request with GET/HEAD method cannot have body" and subsequently...

Divide-By-Zero

libmupdf.so is vulnerable to Divide-By-Zero. The vulnerability is due fznewpixmapfromfloatdata function within pixmap.c trying to attempts to perform a division operation where the divisor is zero, an operation that is mathematically undefined and can potentially lead to Denial of Service...

Divide-By-Zero

libmupdf.so is vulnerable to Divide-By-Zero. The vulnerability is due to pnmbinaryreadimage function within load-pnm.c there is no proper validation of input PNM image data, leading to incorrect calculations of image parameters. This results in scenarios where the function attempts to divide a...