Use After Free

Chromium is vulnerable to Use After Free. The vulnerability is due to improper memory management in Side Panel Search in Google Chrome. This allows an attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction...

Information Disclosure

microweber/microweber is vulnerable to Information Disclosure. The vulnerability exists due the file upload functionality, which allows an attacker to upload a ZIP file, which will result in an error containing sensitive system information...

Denial Of Service

libheif.so is vulnerable to Denial Of Service. The vulnerability arises due to a segmentation fault in the UncompressedImageCodec::getlumabitsperpixelfromconfigurationunci function in uncompressedimage.cc. The attacker can cause the application to crash and deny service to users...

Denial Of Service

libhelf.so is vulnerable to Denial Of Service. The vulnerability arises due to a segmentation fault in the findexiftag function in /libheif/exif.cc which can result in Denial of Service...

Cross Site Scripting (XSS)

mlflow is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of proper sanitization and escaping of user inputs in the Content-Type header of POST requests. An attacker can exploit this vulnerability to injecting malicious code into the header, which will then be...

Denial Of Service (DoS)

libgpac.so is vulnerable to Denial of Service DoS. The vulnerability occurs due to a memory leak in the gfsgvrmlfieldpointerdel function of scenegraph/vrmltools.c, allowing remote attackers to cause denial of service conditions...

Buffer Overflow

libde265.so is vulnerable to Buffer Overflow. The vulnerability is caused by the readcodingunit function in slice.cc due to a lack of sanitization of the value obtained from intraPredMode.getx, y. It directly casts the result to an enum IntraPredMode without checking its validity. This potentiall...

Denial Of Service (DoS)

libgpac.so is vulnerable to Denial of Service DoS. The vulnerability occurs due to a memory leak, which exists in gfmpdresolveurl function of mediatools/mpd.c, allowing remote attackers to cause denial of service conditions...

Denial Of Services (DoS)

libheif.so is vulnerable to Denial Of Services DoS. The vulnerability exists due to the segmentation fault in the decodeuncompressedimage function of uncompressedimage.cc, allowing an attacker to cause an application crash...

Integer Overflow

libheif.so is vulnerable to 44603 . The vulnerability exists in the int32t read32 function of exif.cc due to the lack of position checks, leading to an integer overflow. This could allow an attacker to crash the application...

Heap Buffer Overflow

Libde265 is vulnerable to heap-buffer-overflow. The vulnerability is due to the derivecombinedbipredictivemergingcandidates function in motion.cc, which results in heap-buffer-overflow...

Heap Buffer Overflow

Libde265 is vulnerable to heap-buffer-overflow. The vulnerability is due to the derivespatiallumavectorprediction function in motion.cc which results in heap-buffer-overflow...

Insufficient Entropy

pubnub is vulnerable to Insufficient Entropy. The vulnerability is caused by the getKey function in web.js which uses an inefficient key derivation method for AES-256-CBC encryption, resulting in a reduced key space due to hex encoding and trimming. This leaves half of the bits in the encryption...

Cookie Mixed Case PSL Bypass

Curl is vulnerable to Cookie Mixed Case PSL Bypass. The vulnerability is caused due to a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List PSL. This allows a malicious HTTP server to set "super cookies" in curl that are passed back to more origi...

Missing Encryption Of Sensitive Data

curl is vulnerable to Missing Encryption of Sensitive Data. The vulnerability is due to When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use...

Use After Free

ghostscript is vulnerable to Use After Free. The vulnerability is due to there is no proper memory management and validation mechanisms in the gdevprnopenprinterseekable function. This results in a dangling pointer, that allows attackers to crash the application and cause a denial of service...

Denial Of Service (DoS)

github.com/knative-extensions/eventing-github/ is vulnerable to Denial Of Service DoS. The vulnerability is caused due to missing ReadHeaderTimeout‬‭ setting in the server. This could lead to a DDoS attack, where a large number of users send requests causing it to hang...

Path Traversal

Mattermost is vulnerable to Path Traversal. The vulnerability is caused due to lack of route parameters validation. This could allow an attacker to access files or directories outside the intended scope...

Business Logic Errors

microweber is vulnerable for Business Logic Errors. The vulnerability is due to the get function in CartManager.php lacking a check for whether the content items are unpublished or deleted before they are processed for checkout...

Information Disclosure

Mattermost is vulnerable to Information Disclosure. The vulnerability is due to the exposure of channel IDs in the metrics endpoint response. This could allow an attacker to expose sensitive information that they are not explicitly authorized to have access to...

Timing Attack

github.com/golang/go is vulnerable to a Timing Attack. A timing-based side-channel vulnerability allows an attacker to potentially recover session key bits from RSA-based TLS key exchanges by observing the timing discrepancy between processing different inputs. While successful exploitation...

Sensitive Information Disclosure

quarkus-cache is vulnerable to Sensitive Information Disclosure. The vulnerability arises due to improper processing of a request which utilizes a uni cache using @CacheResult. The cached uni can contain sensitive information from other POST requests, resulting in Sensitive Information Disclosure...

Denial Of Services

org.apache.struts, struts2-core is vulnerable to Denial Of Services. The vulnerability exists due to the lack of a validated a max string length limit in JakartaMultiPartRequest.java which allows an attacker to cause an application crash by submitting large multipart requests...

Improper Access Control

github.com/canonical/lxd is vulnerable to Improper Access Control. The vulnerability allows a user with limited privileges to potentially gain root access on the system. The exploit requires specific configuration settings which enables the attacker to create a disk device with shift=true within...

Deserialization Of Untrusted Data

pydrive2 is vulnerable to Deserialization Of Untrusted Data. The vulnerability exists in LoadSettingsFile function at settings.py which can result in the loading of arbitrary YAML files, resulting in arbitrary code execution...

Server-Side Request Forgery (SSRF)

Microcks is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the /jobs and /artifact/download components, which allow an attacker to access network resources and sensitive information via a crafted GET request, resulting in SSRF...

Use-After-Free

squid is vulnerable to Use-After-Free. The vulnerability occurs due to a HTTP Collapsed Forwarding configuration allowing malicious attackers to crash the Squid process, leading to a denial-of-service DoS...

Denial Of Service (DoS)

lestrrat-go/jwx is vulnerable to Denial Of Service DoS. The vulnerability is due to a lack of size limitation for the p2c parameter used in PBKDF2 based encryptions, which allows an attacker to cause DoS if the p2c is set too high...

Information Disclosure

microsoft/microsoft-graph is vulnerable to Information Disclosure. The vulnerability exists in the phpinfo function of GetPhpInfo.php, allowing an attacker to access unauthorized system information such as configuration details, modules, and environment variables. This vulnerability is only...

Buffer Overflow

arm-trusted-firmware:sid is vulnerable to Buffer Overflow. The vulnerability due to downstream use of getext and authnvctr. It allows an attacker can trigger dangerous read side effects or obtain sensitive information about micro architectural state...

Buffer Over-Read

libsquid.so is vulnerable to Buffer Over-Read. The vulnerability exists in skipGarbageLines function in RequestParser.cc because the empty lines received prior to request-line are not properly handled causing a buffer over-read which can result in an application crash...

Template Injection

Ansible is vulnerable to Template Injection. The vulnerability is caused due to a user's controller internal templating operations may remove the unsafe designation from template data. This could allow an attacker to use a specially crafted file to introduce code injection when supplying templati...

Man-in-the-Middle (MitM)

github.com/edgelesssys/marblerun is vulnerable to Man-in-the-Middle attack. The vulnerability is due to a lack of explicit verification of the coordinator's certificate. This allows an attacker to intercept the communication between the CLI and the Coordinator, providing false information or...

Cross-site Scripting (XSS)

vite is vulnerable to Cross-Site Scripting. This vulnerability exists because it does not properly sanitize inline scripts in the server.transformIndexHtml function, allowing an attacker to inject and execute malicious JavaScript into the browser. This vulnerability is only exploitable if the...

Denial Of Service (DoS)

github.com/traefik/traefik is vulnerable to is vulnerable to Denial Of Service DoS. The vulnerability exists due to improper default route configuration when traefik is ran using docker, allowing an attacker to crash the application if they know the name of the running container...

Sensitive Information Disclosure

@google-cloud/firestore is vulnerable to Sensitive Information Disclosure. The vulnerability is caused by logging the this.settings object when logging firestore objects like WriteBatch and Transaction etc. This leads to the leakage of the firestore key resulting in sensitive information disclosu...

Remote Code Execution

org.noear, solon.serialization.fury is vulnerable to Remote Code Execution. The vulnerability exists in FuryActionExecutor class in the changeBody method because it blindly deserializes data without validation which allows an attacker to inject and execute arbitrary code...

Authorization Bypass

github.com/traefik/traefik is vulnerable to Authorization Bypass. This vulnerability arises because Traefik automatically encodes and forwards URL fragments to backend servers, violating protocol standards and potentially bypassing security controls implemented by frontend proxies like NGINX. An...

Cross-Site Scripting(XSS)

Ajax.NET Professional is vulnerable to Cross Site Scripting XSS. The vulnerability is due to the missing data validation in the parse function of core.js. This could allow an attacker to execute arbitrary Javascript...

Arbitrary Code Execution

HtmlUnit is vulnerable to Arbitrary Code Execution. The vulnerability exists in the transform function in XSLProcessor.java due to lack of enabling the FEATURESECUREPROCESSING configuration in the MSXML XSLProcessor which allows an attacker to inject and execute arbitrary code when visiting an...

Denial Of Service (DoS)

github.com/traefik/traefik is vulnerable to Denial of Service DoS. The vulnerability occurs when using the HTTPChallenge method for Lets Encrypt certificate renewals. The vulnerability exploits a 50-second window during the challenge validation process, allowing attackers to bombard the system wi...

Information Disclosure

jupyterserver is vulnerable to Information Disclosure. An information disclosure flaw exists due to unhandled errors in API requests. While not directly allowing unauthorized access, these errors may leak sensitive path information in responses, potentially revealing sensitive server details to...

Denial Of Service (DoS)

libsquid.so is vulnerable to Denial Of Service DoS. The vulnerability exists in the ipcCreate function of ipc.cc due to an incorrect check for a return value. This allows an attacker to cause an application crash through the Helper process management...

Denial Of Service (DoS)

libsquid.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a buffer overread bug in the library. This allows an attacker to cause an application crash during HTTP message processing...

Private Key Restoration

github.com/ecies/go is vulnerable to Private Key Restoration. The vulnerability arises due to the Encapsulate and Decapsulate functions, which allows an attacker to possibly recover the private key due to an Invalid Curve Point...

Information Disclosure

fastapiproxylib is vulnerable to Information Disclosure. This vulnerability is due to httpx.AsyncClient persisting cookies based on the set-cookie response header, which results in cookie's being leaked to other requests...

Cross-site Scripting (XSS)

dpaste is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to improper lexer validation in views.py, which allows an attacker to inject and execute malicious JavaScript into the browser, resulting in XSS...

Information Disclosure

code.gitea.io/gitea, codeberg.org/forgejo/forgejo is vulnerable to Information Disclosure. The vulnerability is due to the UsernameSubRoute function in home.go because there are no view permissions checks. The server's response can reveal information about the existence of a private user account,...

Insufficient Verification Of Data Authenticity

electron is vulnerable to Insufficient Verification of Data Authenticity. The vulnerability is due to the embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses on MacOS systems. An attacker is able to inject malicious code or modify app behavior if they have write access to the .app bundl...

Authentication Bypass

gitea is vulnerable to Authentication Bypass. The vulnerability is caused when docker login uses basic authentication, which allows an attacker to bypass 2FA authentication...