Remote Code Execution

Microsoft.IdentityModel.Protocols.SignedHttpRequest is vulnerable to Remote Code Execution. The vulnerability is caused due to Microsoft.IdentityModel trusting the jku claim by default for the SignedHttpRequest protocol. An attacker can make any remote or local HTTP GET request as a result of thi...

XML External Entity Injection

fonttools is vulnerable to XML External Entity Injection. The vulnerability is due to a misconfigured xml parser which allows external entities to be included in OT-SVG font. This issue can be exploited by an attacker by building a OT-SVG font which includes xml external entities, resulting in...

Integer Overflow

Azure uAMQP is vulnerable to Integer Overflow. The vulnerability is caused due to a missing check for the binary value length in the internaldecoderdecodebytes function within amqpvalue.c. An attacker can possibly trigger Remote Code Execution as a result of this flaw...

Denial Of Service (DoS)

jwx is vulnerable to Denial Of Service DoS. The vulnerability is due to improper parsing of JSON payloads when the signature field is present while protected is absent, leading to null pointer dereference...

Denial Of Service (DoS)

juzaweb/cms is vulnerable to Denial Of Service DoS. The vulnerability is caused due to an improper validation of the timezone field, which allows an attacker to send a crafted request resulting in the server becoming unavailable...

Sensitive Information Disclosure

react-native-mmkv is vulnerable to Sensitive Information Disclosure. The vulnerability is due to logging the encryption key for the MMKV database into the Android system log. This issue can be exploited by an attacker via accessing to the Android Debugging Bridge resulting in sensitive informatio...

Server Side Request Forgery (SSRF)

org.apache.axis: axis is vulnerable to Server Side Request Forgery SSRF. The vulnerability is due to the getService function within ServiceFactory.java because there is no validation for the jndiName. This allows users with access to the admin service to perform possible SSRF...

Log Injection

pyload-ng is vulnerable to Log Injection. The vulnerability is caused due to a lack of validation while logging an error in apiblueprint.py and appblueprint.py. An attacker can corrupt log files exploiting this vulnerability...

Stack Based Buffer Overflow

gpac/gpac is vulnerable to SBuffer Overflow. The vulnerability is caused due to missing checks for the lineSize within the gftextgetutf8line function. This can potentially lead to a Denial of Service DoS attack...

Out Of Bounds Read

gpac/gpac is vulnerable to Out of bounds Read. The vulnerability is due to the ac3dmxupdatects function reading data past the intended buffer within reframeac3.c. This potentially leads to Denial of Service Attack DoS...

HTTP Request Smuggling

puma is vulnerable to HTTP Request Smuggling. The vulnerability is caused due to a missing validation while parsing chunked transfer encoding bodies, resulting in the smuggling of requests and unbounded resource consumption DoS...

Request Smuggling

fastify-reply-from is vulnerable to Request Smuggling. The vulnerability is due to the absence of a unified Content-Type parsing, unlike the majority of Fastify that uses fast-content-type-parse with trimming after split. This issue can be exploited by an attacker to bypass security checks,...

Timing Attack

github.com/cloudflare/circl is vulnerable to Timing Attack. The vulnerability is caused due to arithmetic operations during ciphertext compression which leaks sensitive timing information. An attacker can learn parts of secret key by exploiting this vulnerability brute force...

Information Disclosure

pyload-ng is vulnerable to Unauthenticated Information Disclosure. The vulnerability is due to improper authorization and authentication checks. This issue can be exploited by an attacker to disclose sensitive information such as Flask configurations, which includes the SECRETKEY variable...

HTML Injection

grumpydictator/firefly-iii is vulnerable to HTML Injection. The vulnerability is caused due to improper sanitization in webhooks features. This allows an attacker to inject malicious HTML content by submitting specially crafted input...

Path Traversal

iodine is vulnerable to Path Traversal . The vulnerability is due to improper validation or URL's allowrf to manipulate the static file server. This issue can be exploited by an attacker to read files outside the public folder via a malicious URL...

Information Leak

pycryptodome and pycryptodomex are vulnerable to Information Leakage. The vulnerability is caused due to a side-channel leakage for OAEP decryption Optimal Asymmetric Encryption Padding used during RSA encryption. This can be exploited to mount a Manger attack leading to Information Leakage throu...

Server Side Request Forgery (SSRF)

dtale is vulnerable to Server Side Request Forgery. The vulnerability is due to the Load From the Web configuration being enabled by default. This issue can be exploited by an attacker to access files on the local network resulting in Server Side Request Forgery...

Open Redirect

Flarum is vulnerable to Open Redirect. The vulnerability is caused due to a lack of proper sanitization in the handling of the redirect parameters within the /logout route. This allows an attacker to craft a URL with a malicious redirect parameter...

Insufficient Randomness

github.com/cubefs/cubefs is vulnerable to use of insufficient random strings. The vulnerability due to creation of the accessKey which is insufficiently random. This allow an attacker to predict and/or guess the generated string and impersonate a user thereby obtaining higher privileges...

Information Disclosure

github.com/cubefs/cubefs is vulnerable to Information Exposure. The vulnerability is due to CubeFS leaking configuration keys in plaintext logs. This allow the attacker to read sensitive data from the logs and allow anyone to carry out operations on blobs...

Information Disclosure

github.com/cubefs/cubefs is vulnerable to Information Exposure. The vulnerability is due to the leakage of users secret keys and access keys in the logs in multiple components. This allow an attackers with access to the logs to retrieve sensitive information and impersonate other users...

Race Condition

Audited is vulnerable to Race Condition. The vulnerability is caused due lack of proper synchronization mechanisms during the use of Thread.current. This potentially leads to logging of wrong username in an audit log...

Denial Of Service (DoS)

paddlepaddle is vulnerable to Denial Of Service DoS.The vulnerability is caused due to a floating point exception in paddle.linalg.eig when the tensor dimensions contain 0. This can cause a runtime crash and a Denial Of Service DS...

Cross Site Scripting (XSS)

govuktechdocs is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to lack of proper input validation in the search results of pages. This allows an attacker to inject arbitrary HTML or scripts into the search results, resulting in Cross Site Scripting XSS...

Command Injection

PaddlePaddle is vulnerable to Command Injection. The vulnerability is caused due to improper command validation within the wgetdownload' method. The attacker can execute arbitrary commands on the operating system...

Denial Of Service (DoS)

PaddlePaddle is vulnerable to Denial Of Service DoS. The vulnerability is caused due to out of bounds access within paddle.mode. The attacker can trigger a runtime crash resulting in DoS...

Stored Cross Site Scripting (XSS)

class.upload.php is vulnerable to Stored Cross Site Scripting. The vulnerability is due to improper validation on uploaded files. This issue can be exploited by an attacker via uploading malicious files leading to the execution of arbitrary JavaScript...

Stack Based Buffer Overflow

paddlepaddle is vulnerable to Stack Based Buffer Overflow. The vulnerability is caused due to impropper shape validation within the paddle.linalg.luunpack function. This can lead to crashing of the application resulting in Denial of Service DOS...

Cross Site Scripting (XSS)

viewcomponent is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper rendering of a component directly from the controller with the viewcomponent gem. This issue can be exploited by an attacker to inject malicious Javascript into the webpage...

Information Disclosure

Kruise-daemon is vulnerable to Information Disclosure. The vulnerability is due to improper access to root privileges on the node where the kruise-daemon runs. This issue can be exploited by an attacker with root privileges to where the kruise-daemon runs to list all the secrets in the entire...

Integer Overflow

commonmarker is vulnerable to Integer Overflow . This vulnerability is due to unauthenticated remote access when parsing tables who's marker rows contain more than UINT16MAX columns. This allows the remote attackers to cause heap memory corruption which ranges from Information Leak to Arbitrary...

Denial Of Service

paddlepaddle is vulnerable to Denial Of Service DoS. The vulnerability is caused due to a nullptr exception in paddle.putalongaxis. The attacker can trigger a runtime crash which would result to DoS...

Denial Of Service (DoS)

encodedid-rails is vulnerable to Uncontrolled Resource Consumption. The vulnerability is caused due to improper length validation within the id parameter. This allows an attacker to send a request with an exceptionally long id parameter resulting in a Denial of Service DoS...

Denial Of Service (DoS)

paddlepaddle is vulnerable to Denial Of Service DOS. The vulnerability is caused due to a Null pointer dereference within the paddle.crop function when tensor dims are invalid. This leads to an application crash resulting in Denial Of Service DoS...

Improper Web Parameter Validation

httparty is the vulnerability of External Control of Assumed-Immutable Web Parameter. The vulnerability is caused due to The lack of escaping of the " Double-Quote character in Content-Disposition filename. This allows the attacker to modify the application data...

NULL Pointer Dereference

libgpac.so is vulnerable to NULL Pointer Dereference. The vulnerability is due to the gfavcchangevui function within avparsers.c because there is no validation on the avcc pointer utilizing it. This can lead to a null pointer dereference, resulting in Denial of Service...

Improper Input Validation

froxlor/froxlor is vulnerable to Improper Input Validation. The vulnerability is due to validation.js which does not effectively handle whitespace inputs in the form fields, which allowed users to escape the mandatory field checks...

Denial Of Service (DoS)

paddlepaddle is vulnerable to Floating Point Exception. The vulnerability is due to lack of validation for the num parameter in unstack function within manipulation.py. This allows attackers to potential misuse the num value, leading to issues like Floating Point Exceptions FPE in scenarios where...

SQL Injection

net.mingsoft: ms-mcms is vulnerable to SQL Injection. The vulnerability exists via the category Type parameter within /content/list.do, which allows an attacker to manipulate the backend database by injecting malicious SQL commands...

Denial Of Service

PaddlePaddle is vulnerable to Denial Of Service. The vulnerability is due to a nullptr exception in paddle.dot. This can cause a runtime crash resulting in Denial of Service...

Arbitrary File Read

org.apache.inlong: manager-pojo is vulnerable to Arbitrary File Read. The vulnerability is caused due to lack of validation performed while deserializing untrusted data. An attacker can perform an arbitrary file read using mysql driver...

Insecure Cryptographic Algorithms

github.com/karmada-io/karmada is vulnerable to Insecure Cryptographic Algorithms. The vulnerability is due to the default cipher suits as part of the TLS protocol, which includes the 3DES cypher that is deemed insecure. Attackers could exploit this weaknesses to break TLS security...

Remote Code Execution

org.apache.inlong:manager-pojo is vulnerable to Remote Code Execution. The vulnerability is caused due to a lack of validation within the updateAuditSource class. An attacker can inject code which would lead to RCE...

Cross-site Scripting (XSS)

tinymce is vulnerable to Cross-Site Scripting. The vulnerability is due to a lack of proper sanitization for iframe, object and embed URL attributes within the TinyMCE's core parser. This allows an attacker to insert a specially crafted piece of content into the editor using the clipboard or APIs...

Privilege Escalation

github.com/gravitational/teleport is vulnerable to Privilege Escalation. The vulnerability is due to a flaw in the implementation of access list feature, which allows an attacker to escalate their privileges...

Prototype Pollution

plotly.js is vulnerable to Prototype pollution. The vulnerability is caused due to missing validation against the proto attribute and other internal getters and setters. An attacker can pollute the prototype with properties containing harmful values, which is subsequently used by application...

Timing Attack

github.com/cubefs/cubefs is vulnerability to Timing Attack. The vulnerability is due to raw string comparisons within the CubeFS master component. This allow an attacker to steal user passwords by observing the timing between password attempts...

Heap Buffer Overflow

PaddlePaddle is vulnerable to Heap Buffer Overflow. The vulnerability is due to the paddle.repeatinterleave function when using invalid params, which can result in Denial of Service or information disclosure...

Unauthorized SFTP Access

teleport is vulnerable to unauthorized SFTP access. The vulnerability allows an attacker with access to teleport nodes within the cluster to initiate SFTP connections to the Proxy Service, resulting in unauthorized access to the service...