Privilege Escalation

WWBN AVideo is vulnerable to Privilege Escalation. The vulnerability is due to improper salt generation functionality within the application. An attacker can exploit this issue via crafting malicious HTTP requests leading to the recovery of the admin password...

Use After Free

sqlite3 is vulnerable to a Heap Based Use After Free. The vulnerability is caused due to a flaw in function jsonParseAddNodeArray within sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and...

Heap Buffer Overflow

UPX is vulnerable to a heap-based buffer overflow. The vulnerability is due to the variable 'bucket' pointing to an inaccessible address in the function PackLinuxElf32::invertptdynamic at plxelf.cpp which can be exploited by attackers to execute arbitrary code or cause a denial of service...

Heap Buffer Overflow

UPX is vulnerable to a heap-based buffer overflow. The vulnerability is due to the variable 'bucket' pointing to an inaccessible address in the function PackLinuxElf64::invertptdynamic at plxelf.cpp, allowing attackers to potentially execute arbitrary code or cause a denial of service by exploiti...

Heap-Based Buffer Overflow

upx-ucl:sid is vulnerable to Heap-based buffer overflow. The vulnerability due to by more checking of DTGNUHASH and DTHASH tables in upx commit src/plxelf.cpp. It allow an attacker to change the file sizes finally will leads to memory out of bounds...

Heap-Based Buffer Overflows

upx-ucl:sid is vulnerable to Heap-Based Buffer Overflows. The vulnerability due to the generic pointer 'p' points to an inaccessible address in func getle32. It could leads to allows an attacker exploits in multi heap buffer overflow...

Heap-Based Buffer Overflow

upx-ucl:sid is vulnerable to Heap-based buffer overflow. The vulnerability due to the generic pointer 'p' points to an inaccessible address in func getle32. It allow an attacker exploit with improper operations leads to memory out of bounds...

Cross Site Scripting(XSS)

spip:sid is vulnerable to Cross Site ScriptingXSS. This vulnerability due to input fromrequest is not restricted to safe characters. It allow an attacker to change files in ecrire/public/assembler.php...

Buffer Overflow

librecad:sid is vulnerable to buffer overflow. The vulnerability due to get the Unauthorized access for DBF file. It allow an attacker get access could extract the sensitive information and changes the record length...

Buffer Overflow

Asterisk is vulnerable to Buffer Overflow. The vulnerability is caused due a missing validation for the available buffer space while storing a new value of a PJSIPHEADER dialplan function in the update functionality. This can lead to overwriting memory or causing a crash resulting in Denial Of...

Denial Of Service

squid:buster is vulnerable to Denial Of Service. The vulnerability due to an Uncontrolled Recursion bug configured by sending a large X-Forwarded-For header when the followxforwardedfor feature. It allows a remote attacker to perform Denial of Service attack...

Buffer Overflow

gemmi:sid is vulnerable to Buffer overflow. The vulnerability due to long path exist in the tinydirfileopen function. It leads to memory corruption denial of service to potential arbitrary code execution...

Incorrect Authorization

openstack-keystone is vulnerable to Incorrect Authorization. The vulnerability is caused due to a flaw where only the first 72 characters of an application secret are verified. This allows attackers to bypass some password complexity which administrators may be counting on leading to compromising...

Denial Of Service

upx-ucl:sid is vulnerable to Denial Of Service. The vulnerability due to a failed crafted file passed to the the readx function unsignedlen getSize. It leads to allows attackers to cause a denial of service...

Out-of-bounds Write

qemu is vulnerable to Out-of-bounds Write. The vulnerability is due to there is no proper bounds checking in the virtionetflushtx function of QEMU's virtio-net device when certain guest features are enabled. This oversight allows for a stack-based buffer overflow, enabling a malicious user to...

Cross Site Scripting(XSS)

sympa:sid is vulnerable to cross-site scripting. The vulnerability due to Inappropriate use of the cookie parameter is both a salt for stored passwords. It leads to XSS due to parameter may also not provide sufficient security...

Out-of-bounds Write

Google Chrome is vulnerable to Out-of-bounds Write. The vulnerability exists in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Out-of-bounds Write

Google Chrome is vulnerable to Out-of-bounds Write. The vulnerability exists in Angle in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Out-of-bounds Write

Google Chrome is vulnerable to Out-of-bounds Write. The vulnerability exists in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Out-of-bounds Write

Google Chrome is vulnerable to Out-of-bounds Write. The vulnerability exists in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Uncontrolled Recursion (Denial Of Service)

Zigbee TLV in Wireshark 4.2.0 is vulnerable to Uncontrolled Recursion. The vulnerability is due to packet injection or crafted capture file resulting in denial of service...

Uncontrolled Recursion (Denial Of Service)

DOCSIS in Wireshark 4.2.0 is vulnerable to Uncontrolled Recursion. The vulnerability is due to packet injection or crafted capture file resulting in denial of service...

Uncontrolled Recursion (Denial Of Service)

GVCP in Wireshark 4.2.0 is vulnerable to Uncontrolled Recursion. The vulnerability is due to packet injection or crafted capture file resulting in denial of service...

Uncontrolled Recursion (Denial Of Service)

GVCP in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 is vulnerable to Uncontrolled Recursion. The vulnerability is due to packet injection or crafted capture file resulting in denial of service...

Uncontrolled Resource Consumption

libspreadsheet-parsexlsx-perl is vulnerable to out-of-memory. The vulnerability is due to there is no constraints on merged cells in its memoize implementation, leading to excessive memory consumption when parsing crafted XLSX documents. This potentially leads to Denial of service...

Improper Input Validation

chromium is vulnerable to Improper Input Validation. The vulnerability is due to Insufficient data validation in Extensions. This flaw allowed attackers in a privileged network position to install malicious extensions through a specially crafted HTML page...

Information Exposure

389-ds-base is vulnerable to Information Exposure. The vulnerability is due to LDAP mistakenly decoding the userPassword attribute instead of the userCertificate attribute, potentially leading to the leakage of sensitive information. An attacker with local access to a system running cockpit-389-d...

Integer Overflow

redis:sid is vulnerable to Integer Overflow. The vulnerability due to changing the default proto-max-bulk-len configuration parameter to a very large value and constructing specially crafted commands bit commands. It leads to heap overflow and potential remote code execution...

Cross Site Scripting(XSS)

mediawiki:sid is vulnerable to cross site scripting. The vulnerability due to Load Special:log/rights script by using an administrator account. it allows an attacker can change URL ends with =x-xss which leads to XSS...

Path Traversal

apktool is vulnerable to Path Traversal. The vulnerability is due to Apktool determines the output paths of resource files based on their names. Malicious actors can exploit this by manipulating these names to place files in specific locations on the system where Apktool is executed...

Path Traversal

cpio is vulnerable to Path Traversal. The vulnerability is due to a lack of validation for filenames. This potentially leads to Path Traversal...

Arbitrary Code Execution

Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution. The vulnerability due to passing unvalidated input from a file into a string-type “eval”. It allows an attacker spreads malicious code which leads to arbitrary code execution...

Command Injection

Nginx-ui is vulnerable to Remote Command Injection. The vulnerability is caused due a lack of proper authorization checks in the SaveSettings function. This issue may lead to authenticated Remote Code Execution, Privilege Escalation, and Information Disclosure...

Cross Site Scripting (XSS)

jinja2 is vulnerable to Cross Site Scripting XSS. The vulnerability is due the xmlattr filter accepting keys containing spaces. The attacker can inject arbitrary HTML attribute keys and values, which would potentially lead to XSS...

Brute Force Attack

devise-two-factor is vulnerable to Brute Force Attack. The vulnerability is due to a lack of attempt restriction of login attempts in Devise-Two-Factor. This issue, when combined with the inherent entropy limitations of the Time-based One-Time Password TOTP algorithm, This allows an attacker to...

Information Leakage

case-utils is vulnerable to Information Leakage. The vulnerability is caused due to improper handling of UUIDs generation within the localuuid function. This could allow an attacker to guess the UUID, resulting in sensitive data exposure...

SQL Injection

Nginx-UI is vulnerable to SQL Injection . The vulnerability is due to improper validation and sanitization of sortby parameter within the OrderAndPaginate function. An attacker can exploit this issue by injecting malicious sql queries via sortby resulting in sensitive information disclosure...

Arbitrary Code Execution

gitpython is vulnerable to Arbitrary Code Execution. The vulnerability is due to an untrusted shell search path used to run the git executable, as well as when it runs bash.exe to interpret hooks. If either of these is used, a malicious .exe file may be executed from an untrusted repository...

Arbitrary Command Execution

Nginx-UI is vulnerable to Arbitrary Command Execution. The vulnerability is due to improper handling of startcmd setting. This issue can be exploited by an attacker by modifying startcmd setting to execute arbitrary commands...

Cross Site Scripting (XSS)

github.com/gofiber/template is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper validation and sanitization of user input via the template engine. This issue can be exploited by attacker via injecting malicious JavaScript via the template engine resulting in XSS...

Denial Of Service (DoS)

libgpac is vulnerable to Denial Of Service. The vulnerability is due to an infinite loop within the av1uvlc at mediatools/avparsers.c function which allows an attacker to cause denial of service via a malicious MP4 file...

Denial Of Service (DoS)

quic-go is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of a large number of PATHCHALLENGE frames. This issue can be exploited by an attacker by sending a large number of PATHCHALLENGE frames, resulting in its peer to run out of memory to cause Denial Of...

Improper Authorization

pimcore/customer-data-framework is vulnerable to Improper Authorization. The vulnerability is due to insufficient permission enforcement for with the /admin/customermanagementframework/gdpr-data/search-data-objects endpoint. An authenticated user without permission to access this endpoint can que...

Path Traversal

go-git is vulnerable to Path Traversal. The vulnerability is caused due to insufficient file path validation in the Alternates function within dotgit.go. This allows an attacker to create and modify files across the filesystem, possibly resulting in Remote Code Execution RCE...

Race Condition

github.com/apache/incubator-answer is vulnerable to Race Condition. The vulnerability is due to inappropriate handling of collection count while a user bookmarks a question. Repeated submissions of bookmark through a script increases the number of collection of questions...

Improper Access Control

CRI-O is vulnerable to Improper Access Control. The vulnerability is due to improper restrictions of the experimental io.kubernetes.cri-o.UnifiedCgroup annotation, which results in container resources being unconfined. This issue can be exploited by an attacker to specify any amount of memory/cpu...

Improper Authorization

pimcore/ecommerce-framework-bundle is vulnerable to Improper Authorization. The vulnerability is due to a lack of permission enforcement within the admin/ecommerceframework/admin-order/list endpoint. An unauthorized user can access this endpoint without authorization, resulting in the ability to...

Improper Authorization

pimcore/customer-management-framework-bundle is vulnerable to Improper Authorization. The vulnerability is caused due to improper authorization checks within DuplicatesController.php. This allows authenticated and unauthorized user to access the list of potential duplicate users and see their dat...

Improper Authorization

aries-cloudagent is vulnerable to Improper Authorization. The vulnerability is due to improper verification of credentials when a user presents incorrectly constructed proofs. This allows malicious verifiers to save and replay unauthorized presentations...

Denial Of Service (DoS)

Microsoft.IdentityModel.JsonWebTokens and System.IdentityModel.Tokens.Jwt are vulnerable to Denial Of Service DoS. The vulnerability is cause by improper JWT compression checks, which results in resource exhaustion due processing of malicious JSON Web EncryptionJWE token. Successful exploitation...