Information Disclosure

jupyterlab is vulnerable to Information Disclosure. The vulnerability is due to a lack of URL validation or sanitization, which could potentially allow an attacker to craft a malicious URL that exposes sensitive information such as Authorization and XSRF tokens when the link is clicked on...

Sensitive Information Disclosure

org.apache.tomcat: tomcat-coyote is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper handling of IOExceptions in the fill function within Http11InputBuffer.java during socket read operations, particularly when the client abruptly closed the connection. This cou...

Cross-site Request Forgery (CSRF)

github.com/argoproj/argo-cd is vulnerable to Cross-site Request Forgery CSRF. The vulnerability is due to a lack of strict content type validation for API requests. It accepts requests with non-JSON content types like text/plain, which allows an attacker to bypass browser CORS policies and SameSi...

Integer Overflow

libtiff.so is vulnerable to Integer Overflow. The vulnerability is due to missing checks before performing a multiplication in the multiplyms function within ppm2tiff.c. This can potentially lead to Denial of Service DoS...

Out-of-bounds Write

X.Org server is vulnerable to Out-of-bounds Write. The vulnerability is caused due to not allocating sufficient memory space for the devices's particular number of logical buttons. This can lead to a heap overflow if a bigger value is used. DeviceFocusEventand the XIQueryPointer reply of X.Org...

NULL Pointer Dereference

QEMU built-in VNC server is vulnerable to NULL Pointer Dereference. The vulnerability is caused due to qemuclipboardrequest function can be reached before vncservercuttextcaps function is called and had the chance to initialize the clipboard peer. This can lead to NULL pointer dereference allowin...

Improper Neutralization Of Null Byte Or NUL Character

X.Org server is vulnerable to Improper Neutralization Of Null Byte Or NUL Character. The vulnerability is caused due to GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client tries to access the buffer , the XSELINUX code will try to use an...

Out-of-bounds Write

X.Org server is vulnerable to Out-of-bounds Write. The vulnerability is caused due to the cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX conte...

Out-of-bounds Write

V8 in Google Chrome is vulnerable to Out-of-bounds Write. The vulnerability is caused while V8's Maglev compiler attempts to compile a class that has a parent class. This can allow a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Type Confusion

Google Chrome is vulnerable to Type confusion The vulnerability is due to the access of resource using incompatible type which allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Out-of-bounds Memory Access

chromium is vulnerable of Out-of-bounds Memory Access. The vulnerability due to a program accesses memory outside the bounds of what is allocated in V8 of Google Chrome prior to 120.0.6099.224. It allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Out-of-bounds Memory Access

xwayland is vulnerable to an out-of-bounds memory access flaw. The vulnerability is due to improper handling of devices reattachment scenarios, specifically when a device frozen by a sync grab is reattached to a different master device...

Path Traversal

kodi is vulnerable to Path Traversal. The vulnerability is due to there is no sanitization on user-provided input and allowing special character sequences like encoded dot-dot-slash. This allows remote attackers to access and read arbitrary files on the system by exploiting encoded sequences in t...

OS Command Injection

atril is vulnerable to OS Command Injection. The vulnerability is due to improper processing of CBT documents, which are TAR archives. This flaw can lead to command execution when a user unknowingly opens a maliciously crafted document or clicks on a malicious link,...

Cross Site Scripting(XSS)

spip:sid is vulnerable to cross site scripting. The vulnerability due to upload a file with name which related to javascript/bigup.js and javascript/bigup.utils.js. It leads to allows an attacker upload a malicious file...

Path Traversal

jupyterlsp is vulnerable to Path Traversal. The vulnerability due to Installations of jupyter-lsp running in environments without configured file system access control. This flaw allows an attacker to modify the jupyter root directory...

Heap Buffer Overflow

libaom.so is vulnerable to Heap Overflow. The vulnerability is due to improper input validation during resizing of frames, while performing multi-threaded encode. The attacker can perform a heap overflow & crash the application by exploiting this vulnerability...

Denial Of Service

libarchive.so is vulnerable to Denial Of Service. The vulnerability is due to improper input validation in the WARC parser within the warcread function in libarchive/archivereadsupportformatwarc.c. This issue can be exploited by an attacker via crafting a malicious WARC file resulting in Denial O...

Heap Buffer Overflow

libxml2 is vulnerable to Heap Buffer Overflow. The vulnerability is due to improper bound checking. This issue can be exploited by an attacker via parsing a malicious file to execute arbitrary code within the context of an unprivileged process...

Side Channel Vulnerability

Libgcrypt is vulnerable to Side Channel Vulnerability. The vulnerability is due to improper input validation within the Curve25519 algorithm located in cipher/ecc.c and mpi/ec.c. An attacker can possibly exfiltrate the private key as a result of this side channel attack...

Buffer Overflow

Vyper is vunlnerable to Buffer Overflow. The vulnerability is caused by buildIR for concat improperly adhering to the API of copy functions for =0.3.2 the copybytes function which results in Buffer Overflow...

Use After Free

libcurl.so is vulnerable to Use After Free. The vulnerability is due to improper freeing of an easy handle within the Curlclose function. The application frees the struct without assigning it to a null pointer. The usage of previously freed memory could lead to data corruption or lead to a crash ...

Html Injection

libSOGo.so is vulnerable to HTML injection. The vulnerability is due to improper HTML sanitization within the SOGo Web Mail component, allowing an attacker to preform a phishing attack...

Cross Site Scripting (XSS)

avo is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper sanitization of text passed in error or succeed messages within the Avo::BaseAction subclass. An attacker can inject arbitrary JavaScript into the message fields resulting in XSS...

Timing Attack

github.com/kudelskisecurity/crystals-go is vulnerable to Timing Attack. The vulnerability is caused due to variations in the execution time of cryptographic algorithms, which allows an attacker to gain information about the secret key...

Cross-Site Request Forgery (CSRF)

pyLoad is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to a missing SameSite attribute for the session cookie. This allows an attacker to perform a Cross-Site Request Forgery CSRF attack via an API call...

Account Take Over

gitlab is vulnerable to Account Take Over. The vulnerability is caused due to a missing validation of email addresses provided while resetting account passwords. An attacker can exploit this vulnerability to send reset emails to an unverified email address and can effectively reset the...

Use Of Hard-Coded Credentials

@evershop/evershop is vulnerable to the Use Of Hard-Coded Credentials. The vulnerability is due to the exposure of a weak HMAC secret. Attackers can use the predictable secret to create valid JSON Web Tokens JWT, which allows them access to sensitive information...

Arbitrary Code Execution

Jasper-Software is vulnerable to Arbitrary Code Execution. The vulnerability is caused due to a missing range check in the JPC. This allows a local attacker to execute arbitrary code...

SQL Injection

shopware/core and shopware/platform are vulnerable to SQL Injection. The vulnerability is caused due to a missing sanitization in the name field of the aggregations object while performing a search operation in Shopware application API. An attacker can exploit this using time-based SQL queries...

Denial Of Service (DoS)

Drupal is vulnerable to Denial of Service DoS. The vulnerability is caused due to improper handling of structural elements, which can result in Denial of Service...

Improper Authorization

@evershop/evershop is vulnerable to Improper Authorization. The vulnerability is due to lack of authorization checks while accessing GraphQL endpoints, resulting in Remote attackers extracting sensitive information...

Broken Access Control

shopware/core and shopware/platform are vulnerable to Broken Access Control. The vulnerability is due to a insufficiency in verifying user authorizations for actions that modify the payment, delivery, and/or order status resulting in users lacking write permissions for orders being able to change...

Cross Site Scripting (XSS)

avo is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper sanitization of the keyvalue parameters within keyvaluecontroller.js. An attacker can inject arbitrary Javascript into the victim's browser...

Privilege Escalation

templated-dictionary is vulnerable to Privilege Escalation. The vulnerability is caused due to absence of proper sandboxing mechanisms during the expansion and execution of Jinja2 templates. This allows an attacker to define configuration tags that potentially lead to privilege escalation or code...

Cross-site Scripting (XSS)

readthedocssphinxsearch is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of user content in the search results rendering function. This potentially allowing an attacker to include arbitrary HTML content in these results and that can leads to XSS...

Sensitive Information Exposure

org.apache.solr: solr-core is vulnerable to Sensitive Information Exposure. The vulnerability is caused due to publishing all unprotected environment variables available to each Apache Solr instance thorough Solr Metrics API. An attacker can access Sensitive Information by exploiting this...

Integer Overflow

libidn2.so is vulnerable to Integer Overflow. The vulnerability is due to the use of an unsigned integer llen in a loop condition, which could overflow due to the post-increment operation in the loop. This can potentially lead to Denial of Service...

Improper Input Validation

libidn2.so is vulnerable to Improper Input Validation. The vulnerability is due to improper roundtrip checks while converting A-labels to U-labels. This makes it possible for an attacker to impersonate arbitrary domains...

Remote Code Execution

Apache IoTDB is vulnerable to Remote Code Execution. The vulnerability is due to the UDF component, which allows an attacker execute arbitrary code...

Path Traversal

Apache Shiro is vulnerable to Path Traversal Vulnerability. The vulnerability is due to improper validation and sanitization of respective path before processing. This issue can be exploited by an attacker to perform authentication bypass...

Directory Traversal

fastify-swagger-ui is vulnerable to Directory Traversal. The vulnerability is caused due to a default configuration issue in @fastify/swagger-ui .If the baseDir option is not set, the module exposes all files in its directory through the HTTP route it serves. This allows an attacker to gain...

Improper Certificate Validation

CPAN.pm is vulnerable to Improper Certificate Validation. The vulnerability is caused due to not verifying TLS certificates when downloading distributions over HTTPS because verifyssl is missing when using HTTP::Tiny library during the connection. This can allow an attacker to inject into the...

Improper Certificate Validation

HTTP::Tiny is vulnerable to Improper Certificate Validation. The vulnerability is caused due to an Insecure Default Initialization of Resource flaw where TLS certificates were not verified by default. This can lead to loss of confidentiality, integrity, and availability...

Improper Certificate Validation

GitLab::API::v4 is vulnerable to Improper Certificate Validation. The vulnerability is caused due to not verifying TLS certificates when connecting to a GitLab server. This can be exploited to enable machine-in-the-middle attacks...

Improper Authentication Limits

wwbn/avideo is vulnerable to Improper Authentication Limits. The vulnerability is due to a lack of login attempt restrictions. An attacker can send a specially crafted HTTP request which leads to a captcha bypass. This allows the attacker to brute force the user credentials...

Buffer Overflow

libuev.so is vulnerable to Buffer Overflow. The vulnerability is due to insufficient maxevents validation within uev.c. An attacker can perform a buffer overflow by submitting a large maxevents value...

Buffer Overflow

libebml.so is vulnerable to Buffer Overflow. The vulnerability is caused due to insufficient buffer size checks of in MemIOCallback.cpp. An attacker can perform a buffer overflow by providing a crafted input...

Insecure Direct Object Reference

nextjs is vulnerable to Insecure Direct Object Reference Vulnerability. The vulnerability is due to a logical flaw within the auth function in the App Router, and getAuth within the Pages Router. This issue can be exploited by an attacker to gain unauthorized access or conduct privilege escalatio...

Recovery Notification Bypass

WWBN AVideo is vulnerable to Recovery Notification Bypass. The vulnerability is due to a flaw in the captcha validation functionality of the userRecoverPass.php script. This issue can be exploited by an attacker to create a recovery pass code for any user...