HTTP Request Smuggling

squid is vulnerable to HTTP Request Smuggling. The vulnerability is caused by lenient handling of chunked decoding, which could enable a remote attacker to conduct Request/Response smuggling beyond firewall and frontend security systems...

Denial Of Service (DoS)

squid is vulnerable to Denial Of Service DoS. In this context, a remote attacker could potentially perform a Denial of Service DoS attack by sending FTP URLs in HTTP Request messages or by constructing FTP URLs from FTP Native input. This type of attack might lead to service disruption or...

Denial Of Service (DoS)

squid is vulnerable to a Denial Of Service DoS. In this scenario, a remote attacker has the potential to execute a buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory. This occurs specifically when Squid is configured to accept HTTP Digest Authentication. Buffer overflow...

Information Disclosure

wordpress is vulnerable to Information Disclosure. An attacker could exploit this vulnerability by tricking a user into installing a malicious Popup Builder plugin or by uploading a malicious plugin to a vulnerable WordPress installation. The malicious plugin would then inject malicious code into...

Denial Of Service (DoS)

squid gitlab is vulnerable to Denial of Service DoS. An attacker could exploit this vulnerability by sending a specially crafted HTTP request to a vulnerable Squid instance. The request would cause Squid to consume excessive resources and crash, which would prevent legitimate users from being abl...

Weak Cryptography

esptool is vulnerable to weak cryptography. The vulnerability is due to the libraries usage of the AES ECB algorithm, which could allow an attacker to access sensitive information in system...

Buffer Overflow

gpac is vulnerable to Buffer Overflow. The vulnerability is due to lack of validation of the size of the packet. This can potentially lead to Buffer Overflow...

Rogue Extension Negotiation

asyncssh is vulnerable to Rogue Extension Negotiation. The vulnerability is caused by an implementation flaw in the AsyncSSH server implementation which leads to an injection of an extension info message chosen by the attacker via a man-in-the-middle attack. This is achieved by downgrading the...

Buffer Overflow

libgpac.so is vulnerable to Buffer Overflow. The vulnerability is due a defect in function gfisomgetuserdata within gpac/src/isomedia/isomread.c . This allows remote attacker to crash the application resulting in Denial Of Service DOS...

Denial Of Service (DoS)

github.com/mattermost/mattermost-plugin-playbooks is vulnerable to Denial of Service. The vulnerability is caused due to a lack of request size validation. An attacker can crash the server by sending multiple large size requests resulting in Denial of Service...

Remote Code Execution

Moodle is vulnerable to Remote Code Execution. The vulnerability is due to improper sanitization of objects in the lesson activity. The issue can be exploited by the attacker to gain remote code execution...

Rogue Session

asyncssh is vulnerable to a Rogue Session. The vulnerability is caused by a state machine flaw in the the AsyncSSH server while authenticating a client in which results in the client being forced to to log into the attacker's account without the client being able to detect this. An attacker can...

Command Injection

chromedriver is vulnerable to Command Injection. This vulnerability allows an attacker to execute arbitrary commands on the host system by setting the chromedriver.path to an arbitrary system binary. The attacker could exploit this vulnerability by tricking a user into running a specially crafted...

Server Side Request Forgery

Next.js is vulnerable to Server Side Request Forgery. The vulnerability is due to an absence of input sanitization in the Next.js SDK tunnel endpoint. This issue can be exploited by an attacker to send malicious HTTP requests to arbitrary URLs, thus resulting in server side request forgery...

Improper Access Control

Prestashop/blockreassurance is vulnerable to Improper Access Control. This vulnerability exists due to the lack of configuration key checks in the ajax function of the blockreassurance module , allowing an attacker to modify sensitive information in the system...

Improper Signature Validation

aws-database-encryption-sdk-dynamodb is vulnerable to Improper Signature Validation. The vulnerability occurs when a Set type is assigned a SIGNONLY attribute action. In such cases, there is a chance that the signature validation of the record containing a Set may fail during read, even if the Se...

Use Of Hard-coded Credentials

labelstudio is vulnerable to Hard-coded Credentials. An attacker is able to forge session tokens using the hardcoded secret key, which could allow them to impersonate any user on a vulnerable Label Studio instance. The attacker could exploit this vulnerability by sending a specially crafted HTTP...

Denial Of Service (DoS)

libsquid.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a NULL pointer dereference in Squid's Gopher gateway which allows an attacker to cause an application crash...

Deserialization Of Untrusted Data

pyarrow is vulnerable to Deserialization Of Untrusted Data. The vulnerability due to the Arrow IPC, Feather or Parquet data from untrusted sources as the library does not by default disable the PyExtensionType autoloading. This allows an attacker to create PyArrow-specific extension types which...

XML Eexternal Entity (XXE) Injection

tuxguitar is vulnerable to XML Eexternal Entity XXE Injection. An attacker is able to exploit a flaw in the way that TuxGuitar parses XML files to load GP6 and GP7 tablature files. The attacker can then trick a user into opening a specially crafted GP6 or GP7 file, which would cause TuxGuitar to...

Denial Of Service (DoS)

openssl gitlab is vulnerable to Denial of Service DoS. An attacker could exploit this vulnerability by tricking a user into processing a specially crafted DH key or parameter. The vulnerable application would then attempt to generate or check the DH key or parameter, which would consume excessive...

Buffer Overflows

vlc is vulnerable to Buffer Overflows. An integer underflow vulnerability allows an attacker to exploit a flaw in the way that VLC handles packet lengths to cause a buffer overflow. The attacker could then use the vulnerability to execute arbitrary code on a vulnerable system, steal data, or...

Buffer Overflows

vlc is vulnerable to Buffer Overflows. A heap-based buffer overflow vulnerability allows an attacker to exploit a flaw in the way that VLC handles RTP packets to cause a buffer overflow. The attacker could then use the buffer overflow to execute arbitrary code on a vulnerable system, steal data, ...

Improper Certificate Validation

io.undertow:undertow-core is vulnerable to Improper Certificate Validation. The vulnerability is due to missing certificate validation in the Http2ClientProvider class to check if the identity is presented by the server certificate in HTTPS connections. If the ENDPOINTIDENTIFICATIONALGORITHM is n...

Stored Cross-site Scripting (XSS)

microweber/microweber is vulnerable to Cross-Site Scripting. This vulnerability exists because it does not properly validate files in the picture upload feature, allowing an attacker to inject and execute malicious JavaScript into the browser...

Denial Of Service

libnbd is vulnerable to Denial of Service DoS. The vulnerability is due to a flaw in the handling of 64-bit extended headers in the NBD protocol when dealing with large flag values in the server's reply to the NBDCMDBLOCKSTATUS command...

Information Disclosure

org.wildfly.core: wildfly-controller is vulnerable to Information Disclosure. The vulnerability is caused by a missing authorization check in the resolve-expression HAL interface while reading a system property or environment variables. This can lead to a malicious user accessing the Wildfly syst...

Cross-Site Scripting (XSS)

inter-mediator/fmdataapi is vulnerable to Cross-Site Scripting XSS. The vulnerability exists in FMDataAPISample.php due to improper input validations which allows an attacker to inject and execute arbitrary JavaScript...

HTML Injection

ethyca-fides is vulnerable to HTML Injection. The vulnerability arises due lack of of input validation coming from connected systems and data stores which is reflected in the downloaded data. This results in an HTML injection that can be abused to perform phishing attacks or malicious JS executio...

Denial Of Service (DoS)

libjbig2enc.so is vulnerable to Denial Of Service. The vulnerability is due to the jbig2addpage function in jbig2enc.cc that attempts to process certain image data, which may result from improper handling of the Pix structure. This can lead to a segmentation fault and/or Crash/Denial Of Service...

Path Traversal

golang is vulnerable to Path Traversal. The vulnerability is due to a lack of file path validation in pathwindows.go. This can allows an attacker to access arbitrary locations on a Windows system...

Insecure Parsing Of File Path

go is vulnerable to Insecure Parsing Of File Path. The vulnerability is due to the IsLocal function which insufficiently determines if reserved file names such as COM1 are local. An attacker can inject filenames with trailing spaces and superscripts, which will incorrectly deem these paths as loc...

Race Condition

github.com/zitadel/zitadel is vulnerable to Race Condition. The vulnerability is caused by a failure in handling multiple parallel password checks correctly while checking for failed password check attempts. This can lead to an attacker trying more password combinations and exceed the maximum...

Cross-Site Request Forgery

axios is vulnerable to Cross-Site Request Forgery. The vulnerability is due to the xhr.js setting config.withCredentials to true which enables the sending of a confidential XSRF-TOKEN cookie within the X-XSRF-TOKEN HTTP header for all requests. This allows attackers to view sensitive information...

Improper Authorization

prestashop/blockreassurance is vulnerable to Improper Authorization. The vulnerability arises due to a lack of validation during an image file check. While adding a block, an attacker can potentially enter the path of any file in the project instead of the image. When deleting the block, the file...

Memory Corruption

libjbig2enc.so is vulnerable to Memory Corruption. The vulnerability is due to the jbig2encautothresholdusinghash function in src/jbig2enc.cc which allows an attacker to cause a Denial of Service via a heap use after free error...

Improper Validation Of Attestations Signature

github.com/slsa-framework/slsa-verifier is vulnerable to Improper Validation Of Attestations Signature. An attacker could exploit this vulnerability by creating a malicious package and publishing it to a public npm registry. When a user installs the package, the slsa-verifier would verify the...

Deserialization Of Untrusted Data

uimaj-tools is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to deserializing Java objects without proper data verification when users or developers utilize the CasIOUtils class in their applications and services to parse serialized CAS data. This weakness can...

Use After Free

chromium is vulnerable to Use After Free. The vulnerability exists in the WebAudio component in the library, which allows an attacker to potentially exploit heap corruption via a crafted HTML page...

Buffer Overflow

libgpac.so is vulnerable to Denial Of Service DOS. The vulnerability is caused due to a Buffer Overflow in the gfisomgetuserdata function in gpac/src/isomedia/isomread.c. This can lead to application crash resulting in Denial Of Service DoS...

Cross-site Scripting (XSS)

github.com/velocidex/velociraptor is vulnerable to Cross-site Scripting. This vulnerability exists because it does not properly validate error paths, allowing an attacker to inject and execute malicious JavaScript in the browser...

Reverse Tabnabbing

DOMPurify is vulnerable to reverse tabnabbing. The vulnerability is due to a missing rel="noopener noreferrer" attribute on links that use the target="blank" attribute. This can potentially lead to Phishing Attacks...

Information Disclosure

github.com/mongodb/mongodb-atlas-kubernetes is vulnerable to Information Disclosure. The vulnerability arises when DEBUG mode logging is enabled as there is no logic to handle the hiding of sensitive information. This can lead to the potential disclosure of confidential data such as GCP service...

Arbitrary Code Injection

quartz-jobs is vulnerable to Arbitrary code injection. The vulnerability is due to lack of message validation in the SendQueueMessageJob.execute method, which can lead to remote code execution...

Cross-Site Scripting(XSS)

bootbox is vulnerable to Cross Site Scripting XSS. The vulnerability is due to lack of sanitization of user input in dialog boxes. This allows an attacker to inject arbitrary Javascript code...

Denial Of Service

github.com/sigstore/cosign is vulnerable to Denial Of Service DoS. The vulnerability arises due to a lack of validation of "l" slice in the FetchAttestations method. An attacker who controls a remote registry can return huge number of attestations to cosign and cause cosign to enter into an endle...

Out-of-bounds Write

libexiv2.so is vulnerable to Out-of-bounds Write. The vulnerability exists because of an integer overflow in the brotliUncompress function within bmffimage.cpp. This flaw enables an attacker to manipulate and potentially read, write, delete, or modify image metadata such as Exif, IPTC, XMP, and I...

Cross-Site Scripting (XSS)

roundcube is vulnerable to Cross-Site Scripting XSS. The vulnerability due to a content-type or content-disposition header. It allow an attacker could modify with malicious content-Type leads to cross site scripting...

Null Dereference

libjasper.so is vulnerable to Null dereferencing. The vulnerability occurs due to a lack of validation performed while processing specially crafted image files. An attacker can trigger a crash via a specially crafted image file which could lead to DoS...

Stack Overflow

libsquashfs.so is vulnerable to Stack Overflow Error. The vulnerability is caused by an integer overflow in function readfragmenttable4 in a file unsquash-4.c while reading a return value from SQUASHFSFRAGMENTBYTES which can be larger than maximum value of a signed int. This can lead to applicati...