Request Smuggling

org.apache.tomcat: tomcat-catalina is vulnerable to Request Smuggling. The vulnerability is due to the realReadBytes function in InputBuffer.java because there is no check or validation for the size of the HTTP request data, specifically the HTTP trailer headers. This allows an attacker to add...

Denial Of Service (DoS)

nodejs is vulnerable to Denial Of Service DoS. The vulnerability exists when an invalid public key is used to create an x509 certificate using the crypto.X509Certificate API. A non-expected termination occurs, making it susceptible to Denial of Service DoS attacks. In this scenario, an attacker...

Inconsistency Between Implementation And Documented Design

nodejs is vulnerable to Inconsistency Between Implementation and Documented Design. The vulnerability is due to generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys.This discrepancy between the documented and actual behavior of the API allows ...

Prototype Pollution

NodeJS is vulnerable to Prototype Pollution. The vulnerability is caused due to bypassing the policy mechanism in the use of proto in process.mainModule.proto.require. This can lead to require and load modules outside of the policy.json definition...

Buffer Overflow

glewlwyd:sid is vulnerable to Buffer overflow. The vulnerability due to improper authentication during FIDO2 credentials validation in webauthn registration through scheme/webauthn.c in Glewlwyd SSO server. It allow an attacker get access would leads to buffer overflow...

Cross-site Scripting (XSS)

hoteldruid is vulnerable to Cross-site Scripting XSS. The attacker can inject and execute malicious JavaScript code into the affected webpage's parameters. This could be used to deceive users on their browsers and/or exfiltrate data from the affected system...

Denial Of Service (DoS)

rabbitmq-server is vulnerable to Denial of Service DoS. The vulnerability occurs due to a lack of HTTP request body size limit in its API allowing a malicious attacker to exploit it by sending large messages, causing the target node to exhaust its memory and be terminated resulting in service...

Denial Of Service (DoS)

Firefox is vulnerable to Denial Of Service DoS. The vulnerability exists due to memory safety bugs present in the library. These bugs lead to memory corruption, potentially resulting in arbitrary code execution...

Denial Of Service (DoS)

Firefox is vulnerable to Denial Of Service DoS. The vulnerability exists due to memory safety bugs present in the library. These bugs lead to memory corruption, potentially resulting in arbitrary code execution...

Open Redirect

firefox is vulnerable to Open Redirect. The vulnerability is due to the improper handling of content in pop-ups created by "javascript:" URL. When a secure HTTPS webpage opens a pop-up using JavaScript, it should not be allowed to load insecure HTTP content.This flow allow attacker to potentially...

Improper Restriction Of Rendered UI Layers Or Frames

firefox is vulnerable to Improper Restriction of Rendered UI Layers or Frames. The vulnerability is due to there is no proper restriction of rendered UI layers or frames in firefox. This flaw allows an attacker to trick a user into mistakenly granting an exception to load an insecure HTTP page...

Denial Of Service (DoS)

wireshark is vulnerable to Denial Of Service DoS. The vulnerability exists in the SSH dissector, which allows an attacker to cause an application crash through the malicious packet injection or crafted capture file...

Heap-based Buffer Overflow

wireshark is vulnerable to Heap-based Buffer Overflow. The vulnerability is caused due to a component NetScreen file parser which could crash. An attacker can crash Wireshark by injecting a malformed packet onto the wire or making a user to read a malformed packet trace file...

Use After Free

chromium is vulnerable to Use After Free. The vulnerability exists in the Navigation component, potentially allowing an attacker to exploit heap corruption via a maliciously crafted HTML page...

Out-of-bounds Read

Firefox is vulnerable to Out-of-bounds Read. The vulnerability exists depending on the graphics settings and drivers. It is possible to force an out-of-bounds read, leaking memory data into the images created on the canvas element...

Use After Free

Firefox is vulnerable to Use After Free. The vulnerability exists due to ownership mismanagement in the ReadableByteStreams...

Clipboard Injection

Firefox is vulnerable to Clipboard Injection. The vulnerability exists when using X11, where text selected by the page using the Selection API is erroneously copied into the primary selection, a temporary storage similar to the clipboard...

Denial Of Service (DOS)

Firefox is vulnerable to Denial Of Service DOS. The vulnerability is caused due to the fact that the MessagePort can be used after it had already been freed. This can be exploited to crash the firefox...

Click Jacking

firefox is vulnerable to Click Jacking. The vulnerability is caused due to black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. This can be exploited to make users click where the permission grant button would be about to appear...

Path Traversal

thunderbird is vulnerable to Path Traversal. This vulnerability arises due to an incorrect parsing of relative URLs starting with three slashes, enabling malicious attackers to inject "../" sequences and navigate outside the intended directory...

Memory Integrity Loss

amd64-microcode AMD CPU microcode patches is vulnerable to Memory Integrity Loss. The vulnerability is caused due to Improper or Unexpected behavior of the INVD instruction in some AMD CPUs. It can allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU...

Remote Code Execution

GIMP GNU Image Manipulation Program is vulnerable to Remote Code Execution RCE. The vulnerability is caused due to a parsing flaw which allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious DDS file. This can lead to the execution of unauthorized code within the...

Remote Code Execution

GIMP GNU Image Manipulation Program is vulnerable to Remote Code Execution RCE. The vulnerability is caused due to a parsing flaw which allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSD file. This can lead to the execution of unauthorized code within the...

Remote Code Execution

GIMP GNU Image Manipulation Program is vulnerable to Remote Code Execution RCE. The vulnerability is caused due to a parsing flaw which allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSP file. This can lead to the execution of unauthorized code within the...

Remote Code Execution

GIMP GNU Image Manipulation Program is vulnerable to Remote Code Execution RCE. The vulnerability is caused due to a parsing flaw which allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSP file. This can lead to the execution of unauthorized code within the...

Remote Code Execution

HotelDruid is vulnerable to Remote Code Execution RCE. The vulnerability is via the backup/restore feature. It can lead to compromising Confidentiality, Integrity and Availability of the system...

Improper Access Control

Mattermost is vulnerable to Improper Access Control. The vulnerability is due to Mattermost failing to check if hardened mode is enabled when overriding the username and/or the icon when posting a post. If settings allowed integrations to override the username and profile picture when posting ,...

Denial Of Service (DoS)

mattermost is vulnerable to Denial Of Service attack. The vulnerability is caused due to a lack of validation while performing zip file extraction. An attacker is able to upload a specially crafted zip zip bomb, which upon extraction leads to consumption of excessive resources...

Improper Access Control

github.com/mattermost/mattermost is vulnerable to Improper Access Control. The vulnerability is caused by an incorrect authorization in the /plugins/focalboard/api/v2/users endpoint. This can lead to an attacker who is a guest user and knows the ID of another user to get their information e.g...

Buffer Overflow

Vim is vulnerable to Buffer Overflow. The vulnerability is due to an improper bound checking while parsing relative ex addresses. This issue can be exploited by an attacker to cause a buffer overflow leading to DoS...

Integer Overflow

vim is vulnerable to Integer Overflow. The vulnerability is due to there is no validation or checks when obtaining the count for a normal mode z command. This allows an attacker to create a overflow especially with large counts...

Integer Overflow

Vim is vulnerable to Integer Overflow Vulnerability. The vulnerability is due to improper bound checking while using z= command. The attacker can trigger a crash by entering a number larger than MAXINT, which leads to DoS...

Denial Of Service (DoS)

Vim is vulnerable to Denial of Service DoS. The vulnerability is due to shifting lines in operator pending mode while using a very large value, which results in overflowing the buffer allocated for the shiftline integer...

Heap-Based Buffer Overflow

capnproto:sid is vulnerable to Heap based buffer overflow. The vulnerability due to misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325 and WebSocket compression enabled, a malicious peer may be able to cause a buffer under run on a heap-allocated buffer.It leads to allow an...

Denial Of Service

Vim is vulnerable to Denial Of Service. The vulnerability is due to a floating point exception caused while calculating the line offset for overlong lines, with smooth scrolling and cpo-settings enabled...

Use-After-Free

vim is vulnerable to Use-After-Free. The vulnerability occurs when closing windows due to a memory access issue resulting in malicious attackers being able to crash the application or potentially even gain control of the system...

Cross Site Scripting

github.com/mattermost/mattermost is vulnerable to Cross Site Scripting. The vulnerability is due to Mattermost fails to use innerText / textContent when setting the channel name in the webapp during autocomplete. This allows an attacker to inject HTML to a victim's page by create a channel name...

Open Redirect

mattermost is vulnerable to Open Redirect. The vulnerability is caused due to a missing validation at redirect URL parameter. The application fails to validate the custom URL scheme /oauth/service/mobilelogin?redirectto=, once a user clicks "Back to mattermost". The attacker can bypass protection...

Cross-site Scripting (XSS)

com.liferay.portal is vulnerable to Cross-Site Scripting. The vulnerability exists due to a lack of user input validated in the plbackurltitle parameter, which allows an attacker to inject and execute malicious JavaScript...

Policy Bypass

nodejs is vulnerable to Policy Bypass. The vulnerability allows a malicious attacker to intercepting the resource integrity check performed by the Node.js policy feature and to get a forged checksum resulting in potential malicious code execution...

Remote Code Execution (RCE)

uptime-kuma is vulnerable to Remote Code Execution RCE. The vulnerability is due to input validation for the hostname field being solely implemented on the client-side front-end JavaScript code which means that an attacker can circumvent the validation by modifying the HTML code of the input fiel...

Denial Of Service Attack

Mattermost is vulnerable to Denial of Service Attack. The vulnerability is due to a lack of input validation of log size in server logs .This could allow an attacker to inject specially crafted requests to different endpoints which causes overflow of log.This ultimately leads to Denial of Service...

Remote Code Execution

OwnCast is vulnerable to Remote Code Execution. The vulnerability is due to improperly validating authHost parameter of the indieauth function. This issue can be exploited by an attacker via injecting malicious code to execute malicious commands on the server side...

Cross Site Scripting (XSS)

org.owasp.esapi:esapi is vulnerable to Cross-site Scripting XSS. The Validator.isValidSafeHTML method, which is responsible for determining whether user-supplied input is safe to include in HTML content, exhibits a flaw that can lead to false negatives. This means that the method may incorrectly...

Information Disclosure

Mattermost is vulnerable to Information Disclosure. The vulnerability is due to a failure to check whether the Allow users to view archived channels setting is enabled during permalink previews display. This flaw allows members to view permalink previews of archived channels, even if the Allow...

Denial Of Service

Mattermost is vulnerable to Denial Of Service. The vulnerability is due to improper sanitisation of allowed characters in different fields of a block in Mattermost Boards. This can be exploited by an attacker resulting in the consumption of excessive resources, leading to Denial Of Service...

Information Disclosure

github.com/mattermost/mattermost library is vulnerable to Information Disclosure. The vulnerability is due to Mattermost fails to properly validate the "Show Full Name" option in a few endpoints in Mattermost Boards, This allowing a member to get the full name of another user even if the Show Ful...

Buffer Overflow

strongswan is vulnerable to Buffer Overflow. The vulnerability is due to charon-tkm version of the charon IKE daemon doesn't properly check the length of received Diffie-Hellman public values before copying them to a fixed-size buffer on the stack. This potentially leads to a buffer overflow and...

Sensitive Information Disclosure

org.apache.dolphinscheduler: dolphinscheduler-api is vulnerable to Sensitive Information Disclosure. The vulnerability is due to not removing the sessionId in the log statement of the authenticate method in the org.apache.dolphinscheduler.api.security.impl.AbstractAuthenticator class. This can le...

Denial Of Service (DoS)

phpseclib/phpseclib is vulnerable to Denial Of Service DoS. The vulnerability exists in the construct function of BinaryField.php. It does not properly limit the binary curves of degrees, allowing an attacker to cause an application crash by submitting binary finite fields with a degree larger th...