Improper Authorization

gitlab is vulnerable to Improper Authorization. It is possible for a removed project member to write to protected branches by using deploy keys...

Code Injection

gitlab is vulnerable for Code Injection. The vulnerability is due to there is no validation or sanitization for branch names. this allows an attacker can bypass branch protection rules using specially crafted branch names. This flaw enabled unauthorized manipulation of repository content in the...

Arbitrary Code Execution

gitlab:sid is vulnerable to Remote code execution. The vulnerability due to perform arbitrary pipeline execution under the context of another user. It allow an attacker execute the other user context with malicious code...

Improper Authorization

Gitlab is vulnerable to Improper Authorization. It is possible for developers to override predefined CI variables via REST API in certain situations...

Code Injection

Gitlab is vulnerable to Code Injection. The vulnerability is caused due to lack of validation of file names. An attacker can inject code which can alter the representation of the UI...

Information Exposure

gitlab:sid is vulnerable to Information Exposure. The vulnerability due to read the source code of a project by using attackeraccesstoken and login to Victim account sets the Repository. It allows an attacker execute the malicious command with attacker account...

Improper Access Control

Gitlab is vulnerable to Improper access control. It is possible for a Guest user to add an emoji on confidential work items...

Information Disclosure

GitLab EE is vulnerable to Information Disclosure.The vulnerability is caused due to improper authorization. It was possible for an unauthorised project or group member to read the CI/CD variables using the custom project templates...

Uncontrolled Resource Consumption

gitlab is vulnerable to Uncontrolled Resource Consumption. The vulnerability is due to When GitLab imports a project containing a Tar archive, and this archive includes a FIFO file, it causes the import process to get stuck. An attacker can exploit this by creating a Tar archive containing a FIFO...

Denial Of Service

gitlab:sid is vulnerable to Denial of Service. The vulnerability due to point a CI/CD Component to an incorrect path and cause the server to exhaust all available memory through an infinite loop. it allows an attacker to cause Denial of Service...

Information Exposure

gitlab is vulnerable to Information Exposure. The vulnerability is due to supersidebarloggedout feature flag. When this feature flag is enabled, it may unintentionally disclose GitLab version metadata to unauthorized individuals...

Denial Of Service

gitlab:sid is vulnerable to denial of service. the vulnerability due to importing or cloning malicious content. It allows an attacker influence the amount of resources consumed, eventually leading to the exhaustion of available resources...

Denial Of Service

gitlab:sid is vulnerable to denial of service. The vulnerability due to importing or cloning malicious content while authentication. it allow an attacker to exhaustion of available resources which leads to denial of service...

Denial Of Service

fish:sid is vulnerable to Denial of service. The vulnerability due to allow these markers to be read on command substitution output, rather than transforming them into a safe internal representation. It leads to unexpected behavior with direct input and allow an attacker to execute denial of...

Directory Traversal

Asterisk is vulnerable to Directory Traversal. The vulnerability arises because it allows the reading of any arbitrary file, even when the livedangerously setting is not enabled.This allows arbitrary files to be read...

Out-of-Bounds Write

lrzip:sid is vulnerable to Out-of-Bounds Write. The vulnerability exists in lrzip v0.651 via the libzpaq::PostProcessor::writeint function at /libzpaq/libzpaq.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted file...

Out-of-bounds Write

Firefox is vulnerable to Out-of-bounds Write. The vulnerability is due to improperly accessing memory which can lead to memory corruption. This issue can be exploited by an attacker to result in arbitrary code execution...

Insufficient Information

Firefox is vulnerable to Insufficient Information. Under certain conditions, Firefox does not display a warning when a user attempted to navigate to a new protocol handler...

Heap Buffer Overflow

Firefox is vulnerable to Heap Buffer Overflow. The vulnerability is caused due to the DrawElementsInstanced method.This could allow an attacker to perform remote code execution and sandbox escape...

Race Condition

Firefox is vulnerable to Race Condition. The vulnerability is caused due passing a smaller sized buffer to readlink than actual required size while resolving symlink...

Heap Buffer Overflow

Firefox is vulnerable to Heap Buffer Overflow . The vulnerability is caused due to insufficient OOM handling in the nsTextFragment method .This can cause a program to crash, leading to a Denial of Service DoS attack...

Use After Free

Firefox is vulnerable to Use After Free. The vulnerability is caused while creating TLS socket under memory pressure. This can lead to compromising Confidentiality, Integrity and Availability of the system...

Undefined Behaviour

Firefox is vulnerable to Undefined Behaviour. The vulnerability is caused due to ShutdownObserver component undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This can lead to compromising Confidentiality, Integrity and Availability of the system...

Buffer Overflow

firefox:sid is vulnerable to buffer overflow. The vulnerability due to memory corruption which effects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121. It allows an attacker could exploit to run arbitrary code...

Heap Buffer Overflow

firefox, thunderbird vulnerable to Heap Buffer Overflow. The vulnerability due to running in headless mode by using nsWindow::PickerOpenvoid method.It allows an attacker to execute heap buffer overflow...

Use After Free

Firefox is vulnerable to Use After Free. The vulnerability is caused due to a flaw in function nsDNSService::Init which appears to manifest rarely during start-up. This can lead to compromising Confidentiality, Integrity and Availability of the system...

Click Jacking

Firefox is vulnerable to Click Jacking. The vulnerability is caused due to the fact that the timing of a button click causing a popup to disappear is approximately the same length as the anti-clickjacking delay on permission prompts. An attacker can exploit this to surprise users by luring them t...

Information Exposure

Firefox is vulnerable to Information Exposure. The vulnerability is caused due to EncryptingOutputStream being susceptible to exposing uninitialized data. An attacker can abuse this in order to write data to a local disk which may have implications for private browsing mode...

Improper Exception Handling

Firefox is vulnerable to Improper Exception Handling. The vulnerability is caused because of TypedArrays can be fallible and lacked proper exception handling. An attacker can abuse this in other APIs which expect TypedArrays to always succeed...

Information Exposure

Firefox is vulnerable to Information Exposure. The vulnerability is caused due to a element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content...

Sandbox Escape

Firefox and Thunderbird are vulnerable to Sandbox Escape. The vulnerability is caused because VideoBridge extension allowed any content process to use textures produced by remote decoders. An attacker can abuse this to escape the sandbox...

Out-of-bounds Write

chromium:bullseye, chromium:sid is vulnerable to Out-of-bounds Write. The vulnerability exists in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Email Spoofing

Thunderbird is vulnerable to Email Spoofing. The vulnerability is caused because when processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user as the text was interpreted as a MIME message and the first paragraph was always...

Information Mismatch

Thunderbird is vulnerable to Information Mismatch. The vulnerability is caused due to not comparing the signature creation date with the message date and time of a digitally signed S/MIME email message. This can be exploited to give recipients the impression that a message was sent at a different...

Denial Of Service

asterisk:sid is vulnerable to denial of service. The vulnerability due to a race condition in the hello handshake phase of the DTLS protocol when handling DTLS-SRTP for media setup. It allows an attacker can be done continuously, thus denying new DTLS-SRTP encrypted calls which can leads to denia...

Denial Of Service (DOS)

QEMU virtual machine monitor is vulnerable to Denial Of Service DOS. The vulnerability is caused due to a DMA reentrancy issue leading to a use-after-free error found in the e1000e NIC emulation code. This can lead to a privileged guest user crash the QEMU process on the host, resulting in a Deni...

Improper Authorization

apache-airflow is vulnerable to Improper Authorization. The vulnerability us due to a lack of authorization check while accessing DAG's. An attacker can escalate their privileges to have write access to DAG's of other users...

Path Traversal

Gradio is vulnerable for Path Traversal. The vulnerability is due to improper file path validation within the /file endpoint. An attacker can access arbitrary files on the server by requesting a filepath starting with...

Cross Site Scripting (XSS)

apache-airflow is vulnerable to Cross Site Scripting XSS. The vulnerability is due to a lack of DAG parameter description sanitization. A DAG author can execute arbitrary JavaScript in the client context, modifying what the task displays in the browser...

Open Redirect

Keycloak Services is vulnerable to Open Redirect. The vulnerability is due to the redirecturi validation logic within RedirectUtils.java. This allows an attacker to steal an access token by bypassing the allowed host validation...

Insecure Deserialization

huggingface transformers is vulnerable to Insecure Deserialization. The vulnerability is due to the ability to load arbitrary pickle files from other repos specified by the indexpath while parsing the remote config.json fille. An attacker can exploit this flaw to execute arbitrary code on the...

Path Traversal

AWS SDK for PHP is vulnerable to URI Path Traversal. The vulnerability is due to improper handling of the URI path in the buildEndpoint function within RestSerializer.php. This could allow an attacker to potentially manipulate S3 object keys and prefixes to gain unauthorized access to arbitrary S...

Improper Access Control

apacheairflow is vulnerable to Improper Access Control. The vulnerability is due to the variablesimport function within variablecommand.py and the varimport function within views.py. These functions lack permission checks and have inadequate handling of existing variables during imports, allowing...

Deserialization Of Untrusted Data

Apache IoTDB is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to directly deserializing the key/values from the deviceOwnerFile within the deSerializeDeviceOwnerMap method. Each key/value from the owner file is parsed directly using the ObjectOutputStream class, withou...

Cross-Site Request Forgery (CSRF)

apacheairflow is vulnerable to Cross-Site Request Forgery. The vulnerability is due to the trigger function in views.py which accepts HTTP GET requests for triggering DAGs. An attacker can exploit this by creating a malicious website/URL that sends unauthorized GET requests to trigger DAGs in...

Weak Cryptography

blinksocks is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the usage of weak encryption algorithms and fixed initialization vectors IV within /presets/ssr-auth-chain.js. This issue can be exploited by an attacker to disclose sensitive encrypted information via brute...

Denial Of Service Attack

org.grails:grails-databinding is vulnerable to Denial Of Service Attack. The vulnerability is due to a lack of validation in processing of web requests. An attacker can send specially crafted requests to cause a JVM crash or Denial of Service...

Buffer Overflow

Espeak-ng is vulnerable to Buffer Overflow. The vulnerability is caused due to missing validation for word length in the RemoveEnding function within dictionary.c., which can result in Denial of Service...

Stack Buffer Underflow

libespeak-ng.so is vulnerable to Stack Buffer Underflow. The vulnerability is caused by a lack of validation for the length parameter before its passed to malloc. An attacker can exploit this by providing an excessively small or manipulated value that could potentially lead to a buffer underflow...

Denial Of Service (DOS)

libespeak-ng.so is vulnerable to Denial Of Service through Floating Point Exception. The vulnerability is due to the PeaksToHarmspect function within wavegen.c failing to check the wdata.pitchenv pointer before it is used. The function AdvanceParameters directly uses wdata.pitchenv without...