38193 matches found
Privilege Escalation
craftcms/cms is vulnerable to Privilege Escalation. The vulnerability is due to the actionSave function within ElementsController.php, because there are no checks for save permissions before and after applying POST params to the element, as well as the actionSaveUser function within...
Server Side Request Forgery
github.com/gravitational/teleport is vulnerable to Server Side Request Forgery SSRF. The vulnerability is caused due to lack of proper validation or restrictions of the destinations for SSH connections initiated through the proxy or agents. This allows an authenticated user with valid credentials...
Stack Overflow
Ion Java is vulnerable to Stack Overflow. The vulnerability is due to improper validation while deserializing Ion text encoded data, or deserializing Ion text or binary encoded data into an IonValue model. This issue can be exploited by an attacker via crafted malicious Ion data, resulting in...
Denial Of Service (DoS)
github.com/cubefs/cubefs is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of incoming HTTP requests in a CubeFS HandlerNode that could allow an authenticated users to send maliciously-crafted requests that would crash the ObjectNode. An attacker can send a...
Denial Of Service (DoS)
PaddlePaddle is vulnerable to Denial Of Service DoS. The vulnerability is caused due to floating point exception within the paddle.lerp function, which may cause a runtime crash and Denial Of Service DoS...
Buffer Overflow
PaddlePaddle is vulnerable to Buffer Overflow. The vulnerability is caused due to missing input size checks within the paddle.searchsorted function, which may lead to Denial of Service DoS...
Denial Of Service (DoS)
PaddlePaddle is vulnerable to Denial Of Service DoS. The vulnerability is due to improper checks in the paddle.nextafter function, which may cause a runtime crash resulting in Denial of Service DoS...
Code Execution
teleport is vulnerable to Code Execution. The vulnerability is due to improper validation on user supplied environment variables. This issue can be exploited by an attacker to execute arbitrary code on the MacOS systems...
Denial Of Service (DOS)
PeterO.Cbor is vulnerable to Denial Of Service. The vulnerability is due to use of less efficient data structures like regular a Dictionary that are not optimized for performance. An attacker can exploit this inefficiency by decoding specially crafted CBOR data which can potentially lead to Denia...
Denial Of Service (DOS)
paddlepaddle is vulnerable to Denial Of Service DoS. The vulnerability is caused due to an uncaught floating point exception which is thrown from the paddle.nanmedian function while evaluating a numel / stride expression when the stride variable has a value of zero. This leads to a run time crash...
SQL Injection
gilacms/gila is vulnerable to SQL Injection. The vulnerability is due to the improper santization of the Area parameter within the AdministrationWidget tab, which allows an attacker to execute arbitrary web scripts which results in SQL injection...
SQL Injection
gilacms/gila is vulnerable to SQL Injection. The vulnerability is due to improper userid parameter sanitization within the login portal, which allows an attacker to execute arbitrary web scripts which results in SQL injection...
SQL Injection
gilacms/gila is vulnerable to SQL Injection. The vulnerability is due to improper ID parameter sanitization within login portal endpoint, which allows an attacker to execute arbitrary web scripts resulting in SQL injection...
Mutation Cross Site Scripting (mXSS)
OWASP AntiSamy is vulnerable to Mutation Cross Site Scripting mXSS. The vulnerability is due to improper parsing of HTML when the preserveComments directive is enabled in the policy. This issue can be exploited by an attacker by injecting malicious input to execute arbitrary JavaScript...
Code Injection
ShifuM is vulnerable to Code Injection. The vulnerability is due to improper handling of the FilterExpression argument within the Java Expression Language Handler in the src/main/java/ml/shifu/shifu/core/DataPurifier.java file. This issue can be exploited by an attacker by manipulating the...
Open Redirect
follow-redirects is vulnerable to Open Redirect. The vulnerability is due to improper input validation of URL's in the url.parse function. This issue can be exploited by an attacker to redirect users to malicious page leading to information disclosure or phishing attacks...
Insufficient Authorization
github.com/mattermost/mattermost/ is vulnerable to Insufficient Authorization. The vulnerability is caused due to insufficient scoping of WebSocket responses to authorised users, resulting in Websocket responses being broadcasted to everyone in the channel...
Improper Authentication
omniauth-microsoftgraph is vulnerable to Improper Authentication. The vulnerability is due to missing validation of the email attribute received from Microsoft's OAuth service. This allows an attacker to bypass the email verification in the OAuth process and takeover an account...
Improper Authorization
github.com/mattermost/mattermost/ is vulnerable to Improper Authorization. The vulnerability is caused when user receives updated permissions during active session. This freshly demoted guest can change group names...
Improper Authorization
github.com/mattermost/mattermost is vulnerable to Improper Authorization. The vulnerability is caused due to improper permission validation while a user views archived public channels. One member of a team can view a channel of another team member via GET call to the /api/v4/teams//channels/delet...
Cross-site Scripting (XSS)
prestashop/prestashop is vulnerable to Cross-site Scripting XSS. The vulnerability is caused by a lack of proper sanitization for HTML content in the message property of the CustomerMessageCore class. This allows an attacker to inject HTML into the message field resulting in the unsanitized HTML...
Cross-site Scripting (XSS)
prestashop/prestashop is vulnerable to Cross-Site Scripting. The vulnerability is due to the isCleanHtml function within Validate.php because it does not adequately identify and filter out HTML attributes and Unicode characters, which allows an attacker to inject malicious scripts, leading to...
Server Side Request Forgery
miniflare is vulnerable to Server Side Request Forgery. The vulnerability is caused due to a configuration which listens to requests from external network interfaces . As a result of this configuration, an attacker can access local servers by sending specially crafted Websocket requests to the...
Remote Code Execution
wrangler is vulnerable to Remote Code Execution. The vulnerability is caused due to V8 inspector intentionally allowing arbitrary code execution within Workers sandbox for debugging purpose. The wrangler dev server starts an inspector listening on all network interfaces. This allows an attacker t...
Arbitrary File Read
wrangler is vulnerable to Arbitrary File Read. The vulnerability is due improper network configuration which allows an attacker to access files over the local network via specially crafted HTTP requests. An attacker is able to read arbitrary files over the local network or can trick a user to cli...
Remote Code Execution
org.jeasy, easy-rules-mvel is vulnerable to Remote Code Execution RCE. The vulnerability is due to the execution of class files with the same name as the Zer file from methods then and when while loading Zer files into an application. An attacker can write a class file with same name as a Zer fil...
Cross-site Scripting (XSS)
github.com/mattermost/mattermost is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper channel mention sanitization fo data in posts. This allows an attacker to inject markup into the web client which leads to cross-site scripting...
Remote Code Execution
jeecg-boot is vulnerable to SSTI Injection. The vulnerability is caused due to improper request verification within the jmreport/loadTableData component. This could allows remote attackers to execute arbitrary code via crafted HTTP requests...
Denial Of Service (DoS)
org.jline, jline-groovy is vulnerable to Denial Of Service DoS. The vulnerability is due to a lack of row size limits when printing output, resulting in an out of memory error when the groovyEngine.execute method is passed with a crafted input...
SQL Injection
jeecg-boot is vulnerable to SQL Injection. The vulnerability is due to improper input validation within the /sys/replicate/check component. This could allow an attacker to inject malicious input leading to SQL Injection...
Authentication Bypass
hail is is vulnerable to Authentication Bypass. The vulnerability is due to improper validation while handling OpenID Connect OIDC email addresses. This lack of verification of the user's email domain allows an attacker to manipulate their email address to match an organization's domain with...
SQL Injection
jeecg-boot is vulnerable to SQL Injection. The vulnerability is caused due to improper input validation in the jmreport/qurestSql component. This could allow an attacker to inject malicious input leading to SQL Injection...
Server Side Request Forgery
automad is vulnerable to Server Side Request Forgery. The vulnerability is due to improper validation of the importUrl argument within FileController.php. This issue can be exploited by an attacker to internal perform a port scan against the local environment or abuse local services...
Cross Site Request Forgery
automad is vulnerable to Cross Site Request Forgery. The vulnerability is due to improper implementation of CSRF tokens in the User Creation Handler component within the /dashboard?controller=UserCollection::createUser endpoint. This issue can be exploited by an attacker by sending a malicious li...
Unrestricted File Upload
automad is vulnerable to Unrestricted File Upload. The vulnerability is due to insufficient content type checks on file upload within FileCollectionController.php. This issue can be exploited by an attacker via uploading malicious files to the server...
Improper Input Validation
Apache DolphinScheduler is vulnerable to Improper Input Validation. The vulnerability is due improper JavaScript sanitization, which allows an authenticated user to execute arbitrary unsandboxed JavaScript on the server...
Denial Of Service (DoS)
com.github.seancfoley: ipaddress is vulnerable to Denial Of Service DoS. The vulnerability is due to missing checks for a radix value of 2 or greater when the radix value is passed as an argument to the IPAddressBitsDivision constructor. The IPAddressBitsDivision constructor internally calls the...
Denial Of Service (DoS)
json-path is vulnerable to Denial Of Service DoS. The vulnerability is due an infinite recursion caused when a specially crafted input is passed to the Criteria.parse method which results in a stack overflow...
Improper Unicode Encoding
github.com/ewen-lbh/ffcss is vulnerable to Improper Handling Of Unicode Encoding. The vulnerability arises due to the use of late Unicode normalization of type NFKD in the lookupPreprocess method. It is possible to bypass validation on this method by a specially crafted Unicode input...
Denial Of Service
msgpackr is vulnerable to Denial Of Service DoS. The vulnerability is due to faulty validation for user supplied MessagePack messages. An attacker can trigger an infinite loop by specially crafted messages, resulting in Denial of Service...
Local File Inclusion
Winter CMS is vulnerable to Local File Inclusion. The vulnerability is due to improper user input validation within the ColorPicker FormWidget. This issue can be exploited by an attacker with access to the backend forms by including a malicious custom stylesheets via LESS in the ColorPicker...
Stored Cross Site Scripting (XSS)
Winter CMS is vulnerable to Stored Cross Site Scripting XSS. The vulnerability is due to improper sanitization within the rename functionality of files after uploads to the Media Manager. This issue can be exploited by an attacker with the media.managemedia permission to upload a file and later...
Stored Cross Site Scripting (XSS)
Winter CMS is vulnerable to Stored Cross Site Scripting. The vulnerability is due to improper user input validation and sanitization. This issue can be exploited by an attacker with access to backend forms by providing a malicious input via the ColorPicker FormWidget to inject JavaScript in the...
Denial Of Service (DOS)
jwcrypto is vulnerable to Denial Of Service DoS. The vulnerability is due to a missing upper bound check in the p2c header value PBES2 count which contains the PBKDF2 iteration count used in the PBKDF2 cryptographic key derivation function. The unbounded value can be exploited by an attacker to...
Improper Input Validation
CUPS is vulnerable to Improper Input Validation. The vulnerability is due to improper filtering of ANSI escape sequences from shared printer names. This issue can be exploited by an attacker to execute arbitrary code via a crafted printer name...
Buffer Overflow
LibRaw is vulnerable to Buffer Overflow. The vulnerability is due to improper size checks of the len variable in the jpegstart function within dcraw. This issue can be exploited by an attacker via a maliciously crafted raw image resulting in Denial of Service...
Cross Site Request Forgery
Concrete CMS is vulnerable to Cross Site Request Forgery. The vulnerability is due improper implementation of anti csrf tokens within the following endpoint /ccm/system/dialogs/logs/deleteall/submit. This issue can be exploited by an attacker by sending malicious url to the authenticated admin to...
Denial Of Service (DoS)
github.com/go-git/go-git is vulnerable to Denial of Service DoS. The vulnerability is due to improper bound checks. This issue can be exploited by an attacker via a specially crafted response from a Git server resulting in denial of service...
Stack Overflow
cn.hutool: hutool-core is vulnerable to Stack Overflow Error. The vulnerability is due to a defect in the NumberUtil.toBigDecimal function which results in StackOverflowError when a NaN value is passed as an argument to the function. This eventually results in application crash resulting in Denia...
Race Condition
github.com/deis/workflow-manager is vulnerable to Race Condition. The vulnerability is caused when the shared resource parameter clusterid is called concurrently. An attacker can potentially modify a shared resource by exploiting this vulnerability...