Privilege Escalation

intel-microcode is vulnerable to Privilege Escalation. The vulnerability exists due to a sequence of processor instructions that results in unexpected behavior for certain IntelR Processors. An authenticated user may exploit this issue to potentially enable escalation of privilege, information...

Cross-Site Scripting

hoteldruid is vulnerable to Cross-Site Scripting. The vulnerability is due to improper neutralization of input during web page generation. This allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...

Heap-based Buffer Overflow

perl is vulnerable to Heap-based Buffer Overflow. The vulnerability is caused due to a crafted regular expression compiled by Perl which can lead to an attacker controlled byte buffer to overflow...

Server Side Request Forgery (SSRF) / XSS / File Upload

HotelDruid is vulnerable to Server Side Request Forgery SSRF / Cross Site Scripting XSS and File Upload Vulnerability. It can lead to compromising Confidentiality, Integrity and Availability of the system...

SQL Injection

hoteldruid is vulnerable to SQL Injection. The vulnerability is due to there is no sanitization of user inputs in idutentelog POST parameter. This allows an attacker to inject malicious SQL commands, and potentially leads to unauthorized data access...

SQL Injection

hoteldruid is vulnerable to SQL Injection. The vulnerability is due to there is no sanitization of user inputs in annonascita, annoscaddoc, giornonascita, giornoscaddoc, linguacli, mesenascita, and mesescaddoc parameters. This allows an attacker to inject malicious SQL commands, and potentially...

SQL Injection

hoteldruid is vulnerable to SQL injection. The vulnerability is due to there is no sanitization of user inputs in numcaselle POST parameter. This allows an attacker to inject malicious SQL commands, and potentially leads to unauthorized data access...

SQL Injection

hoteldruid is vulnerable to SQL Injection. The vulnerability is due to there is no sanitization of user inputs in nutenteagg POST parameter. This allows an attacker to inject malicious SQL commands, and potentially leads to unauthorized data access...

Cross-Site Scripting (XSS)

hoteldruid is vulnerable to Cross-Site Scripting. The vulnerability due to insufficient validation or sanitization of user inputs, in the destinatarioemail1 POST parameter. This allows attackers to inject and execute malicious scripts within the application...

Cross-Site Scripting (XSS)

hoteldruid is vulnerable to Cross-Site Scripting. The vulnerability is due to insufficient validation or sanitization of user inputs, in the nometipotariffa1 POST parameter. This allows attackers to inject and execute malicious scripts within the application.nometipotariffa1...

SQL Injection

hoteldruid is vulnerable to SQL injection. The vulnerability is due to there is no sanitization of user inputs in various parameters of the creaprezzi.php page in HotelDruid. This allows an attacker to inject malicious SQL commands, and potentially leads to unauthorized data access...

Use After Free

Google Chrome is vulnerable to Use After Free. The vulnerability exists in the Garbage Collection process, potentially allowing an attacker to exploit heap corruption via a maliciously crafted HTML page...

Arbitrary Code Execution

The PostgreSQL is vulnerable to Arbitrary Code Execution. The vulnerability is caused due to missing overflow checks during SQL array value modification. This can lead to an authenticated database user write arbitrary bytes to memory and extensively read the server's memory by exploiting an integ...

Memory Disclosure

PostgreSQL is vulnerable to Memory Disclosure. The vulnerability is caused due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory. This can lead to an attacker access sensitive information by exploiting certain aggregate function call...

Denial Of Service (DOS)

PostgreSQL is vulnerable to Denial Of Service DOS. The vulnerability is caused due to a flaw involving pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. This can lead to a remote high privileged user ...

Denial Of Service (DOS)

ethabi is vulnerable to Denial Of Service DOS. The vulnerability is caused by the Ethereum ABI specification allowing zero-sized-types ZST, which can lead to Denial Of Service upon parsing a malicious payload and schema. If a ZST takes zero bytes when stored on disk, but after parsing occupies...

Denial Of Service (DoS)

libOpenImageIO.so is vulnerable to Heap-based Buffer Overflow. The vulnerability exists due to a heap-based buffer overflow in gifinput.cpp which allows an attacker to cause an application crash...

SQL Injection

github.com/meshery/meshery is vulnerable to SQL Injection. The vulnerability exists due to the order parameter which allows an attacker to inject and execute arbitrary SQL queries and gain access to sensitive data...

Denial Of Service (DoS)

org.bouncycastle: bcprov is vulnerable to Denial of Service DoS. The vulnerability arises due to parsing certificates in the PEMParser class. This class is responsible for parsing X.509 certificates, encoded keys and PKCS7 objects. The parser can throw an OutOfMemoryError while parsing crafted...

Improper Authentication

github.com/projectcapsule/capsule-proxy and github.com/clastix/capsule-proxy are vulnerable to Improper Authentication. The vulnerability is caused by a missing check if the user is authenticated based on the TokenReview result in capsule-proxy capsule operator project. An attacker can bypass the...

Denial Of Service (DoS)

libtiff.so is vulnerable to Denial of Service. The vulnerability is caused by the TIFFReadDirEntryArrayWithLimit and EstimateStripByteCounts functions in tifdirread.c failing to verify if the requested memory size was greater than the actual file size due to allocating memory based on the size of...

Server Side Request Forgery

google-translate-api-browser is vulnerable to Server Side Request Forgery. The vulnerability is due to improper sanitization of the translateOptions.tld field in the Google translate URL. If an application utilizing the package exposes the translateOptions to the end user, an attacker can set a...

Prototype Pollution

sequelize-typescript is vulnerable to Prototype Pollution. The vulnerability is due to the deepAssign function which does not check if the attribute resolves to the object prototype and hence it is possible to create attributes that exist on every object, or replace critical attributes with...

File Overwrite

libzfs.so is vulnerable to File Overwrite. The vulnerability is due to dnodeisdirty function in dnode.c because there are no checks for detailed modification records for the dnode, it's only checking the dn-dndirtylink array to determine if the dnode is dirty. This can leads to file contents bein...

Information Disclosure

Apache DolphinScheduler is vulnerable to Information Disclosure. The vulnerability is due to insecure application exposure configuration, which allows an unauthenticated attacker to steal sensitive information such as database credentials...

Information Disclosure

storm-core is vulnerable to Information Disclosure. The vulnerability exists because the createExtraPropertiesFile function in TopologySpoutLag.java creates a file with a predefined name easily identifiable and, by default, will create this file with insecure permissions -rw-r--r-- on Unix-like...

Command Injection

openssl for NPM is vulnerable to Command Injection. The vulnerability is due to the library accepting an opts argument that includes a field which gets passed to the exec function, resulting in arbitrary command injection. This package can be considered malicious, especially since the wrapper is...

Cross-site Scripting (XSS)

admidio/admidio is vulnerable to Cross-Site Scripting. This vulnerability exists because it does not properly sanitize user input, allowing an attacker to inject and execute malicious JavaScript into the browser...

Denial Of Service (DoS)

libsquid.so is vulnerable to Denial of Service DoS. The vulnerability occurs when an attacker sends a specially crafted HTTP Digest authentication request to a vulnerable Squid server. The request can cause the server to consume excessive CPU resources, leading to a DoS condition...

Sensitive Information Stored In Clear Text

codeigniter4 is vulnerable to Sensitive Information Disclosure. The vulnerability is due to storing the secretKey for HMAC SHA256 authentication in a raw format. An attacker can exploit this flaw if they gain access to the database and then send requests impersonating any person in the system usi...

XML External Entity (XXE)

svgoptimizer is vulnerable to XML external entity XXE . The vulnerability exists due to allowing XXE by default in svgoptimizer.rb which could allow an attacker to escalate privileges...

Information Disclosure

codeigniter4/shield is vulnerable to Information Disclosure. The vulnerability is due to improper masking of sensitive information in to the log table. An attacker can gain access to sensitive tokens if they can access the application logs...

Cross Site Request Forgery

swiftyedit/swiftyedit is vulnerable to Cross Site Request Forgery CSRF. The vulnerability is caused by a missing hidden CSRF token in the different forms used across the application. This can lead to an attacker launching a CSRF attack and delete/steal sensitive data and may include obtaining...

Local Privilege Escalation

apm-agent-parent is vulnerable to local Privilege Escalation. An attacker can inject a malicious plugin to an application running the apm-agent. The attacker can potentially escalate their privileges to higher level as a result of exploiting this vulnerability...

SQL Injection

Submarine Server Database is vulnerable to SQL Injection. The vulnerability exists due to improper SQL sanitization in SysDeptMapper.xml which allows an attacker to execute arbitrary SQL queries during login and gain access to sensitive data...

Cross Site Scripting (XSS)

nautobot is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper usage of Django's marksafe API during the rendering of user-generated content, including personalized links, job buttons, and computed fields. This introduces a vulnerability that allows users with the abilit...

Denial Of Service (DoS)

ASP.NET Core is vulnerable to Denial of Service DoS. The vulnerability occurs when an attacker cancels a HTTP requests made to ASP.NET Core running on an IIS In Process hosting model, which may cause an increase in thread counts, potentially leading to an OutOfMemoryException, which results in...

Buffer Overflow

Libde265 is vulnerable to Buffer Overflows. The vulnerability is due to a lack of header validation in decctx.cc file.This can lead to a Denial Of Service or application crash...

Denial Of Service (DoS)

elasticsearch is vulnerable to Denial Of Service DoS. The vulnerability is caused due to a lack of exception handling while calling the simulate pipeline API. The script processor of an ingest pipeline fails to handle malformed scripts. This can lead to an elastic node crash and ultimately deny...

Cross Site Scripting (XSS)

DOMSanitizer is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to improper sanitization of HTML comments in DOMSanitizer.php. This could allow an attacker to inject malicious code via a HTML comment...

Heap Buffer Overflow

ibminizip-ng.so is vulnerable to Heap Buffer Overflow. The vulnerability is due to the mzpathresolve function in mzos.c because there is no boundary checking during the backward search for slashes in the path resolution function. This allows an attacker to craft a file with a specially structured...

Information Disclosure

PowerShell is vulnerable to Information Disclosure. The vulnerability is due to the PowerShell Web cmdlets, which allows an attacker to exfiltrate sensitive information from a targeted site...

Directory Traversal

org.jeecgframework.boot: jeecg-boot-common is vulnerable to Directory Traversal. The vulnerability allows a privileged remote attacker to obtain sensitive directory structure information...

Heap Buffer Overflow

libaudiofile.so is vulnerable to Heap Buffer Overflow. The vulnerability is due to a missing validation for a variable numCoefficients for the lower and upper bound value within libaudiofile/WAVE.cpp. An attacker can crash the application by exploiting this vulnerability by using a crafted wav fi...

Cross Site Scripting (XSS)

nextcloud/text is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to a lack of HTML sanitization in the clipboardTextParser method. The HTML code will get executed if a user copies and pastes HTML code without markup...

Denial Of Service (DOS)

libzephyr.so is vulnerable to Denial Of Service DOS. The vulnerability is caused by the leadvertisingreport function in /subsys/bluetooth/controller/hci/hci.c because an advertising packet is not processed properly when copying data. The root cause of the issue are integer overflow while storing ...

Cross Site Scripting (XSS)

Statamic CMS is vulnerable to Cross Site ScriptingXSS. The vulnerability is due to improper MIME validation when uploading files. This could allow an attacker to inject JavaScript via upload image file feature...

Path Traversal

pyloadng is vulnerable to Path Traversal. The vulnerability is due to the editpackage function in jsonblueprint.py because it lacks the ability to filter some relative paths. This allows an attacker to upload a payload with ../ or ..\ as part of the packfolder name. This can lead to directory...

Remote Code Execution

fastbots is vulnerable to Remote Code Execution. The vulnerability is due to improper validation in the locator function which allows an attacker to modify the locators.ini file within the page.py module. This issue can be exploited by an attacker to cause remote code execution...

Authentication Bypass

authentik is vulnerable to authentication bypass due to an insufficient PKCE check. The vulnerability is caused by codeverifier step during the OAUTH initialisation flow. Authentik improperly accepts the token request when codeverifier is omitted, even when the flow was started with a...