Denial Of Service (DoS)

libfrr is vulnerable to Denial of Service DoS. The vulnerability occurs due to an incorrect BGP UPDATE message with an EOR is processed resulting an application crash...

Divide By Zero

libjasper.so is vulnerable to Denial of Service DoS. The vulnerability is due to missing bound checks in the jpcenc.c file, which can result in a divide by zero bug leading to a Denial of Service DoS...

Unauthorized Data Access

Oracle Java SE is vulnerable to Unauthorized Data Access. The vulnerability is due to the lack of proper authentication measures and due to running untrusted code that rely on Java sandbox for security. This results in unauthorized creation, deletion, or modification access to critical data or al...

Denial Of Service (DoS)

github.com/mattermost/mattermost-plugin-calls is vulnerable to Denial Of Service. The vulnerability due to function isMobilePostGA in utils.go there is no check for the length of fields after it splits the User-Agent string. This allows an attacker to send a request without a User-Agent header,...

Denial Of Service (DoS)

Mattermost is vulnerable to Denial Of Service DoS. The vulnerability is due to improper restrictions in the /api/v4/redirectlocation endpoint, which results in a Denial of Service due to the of caching large items...

Denial Of Service (DoS)

libfrr.so is vulnerable to Denial Of Service DoS. This vulnerability allows an to crash the application by exploiting a flaw in the way that FRRouting handles BGP labeled unicast parsing...

Denial Of Service (DoS)

libfrr.so is vulnerable to Denial Of Service DoS. A flowspec overflow vulnerability allows an attacker to exploit a flaw in the way that FRRouting handles flowspec to cause unintended behavior. The attacker could exploit this vulnerability by sending a specially crafted BGP packet to a vulnerable...

Denial Of Service (DoS)

github.com/projectcalico/calico is vulnerable to Denial Of Service DoS. The vulnerability exists because the TLS Handshake call is executed within the main server handle loop without any timeout mechanism. This means that an incomplete or unclean TLS handshake can potentially block the main loop...

Sensitive Data Exposure

Mattermost is vulnerable to Sensitive Information Exposure. The vulnerability is due to the failure to properly sanitize the user object when updating the username, which results in the password hash being disclosed in the response body...

NULL Pointer Dereference

libjasper.so is vulnerable to NULL Pointer Dereference. The vulnerability is due to jp2decode function in jp2dec.c as there is no validation for the index obtained through the chantocmptlut array before it is used to access and set component types. An attacker can exploit this via specially craft...

Stack Overflow

libsquashfs.so is vulnerable to Denial Of service attack. The vulnerability arises due to a lack of validation of buffer sizes in unsquash function. Remote attackers can trigger a denial of service via a specially crafted input...

Information Disclosure

github.com/clastix/capsule-proxy is vulnerable to Information Disclosure. The vulnerability is present in rolebindings.go which grants ServiceAccount tenant owners the privilege to list namespaces of other tenants that share the same owner kind and name. Consequently, this allows owners of...

Use After Free

imagemagick is vulnerable to Use After Free. A heap-use-after-free vulnerability allows an attacker to execute arbitrary code on a vulnerable system by exploiting a flaw in the way that ImageMagick allocates and frees memory...

Denial Of Service (DoS)

org.eclipse.parsson:parsson is vulnerable to Denial of Service DoS. An attacker is able to exploit this vulnerability by sending a specially crafted JSON document with large numbers, which would cause the parser to consume excessive resources leading to a Denial of Service...

Information Disclosure

coldbox-elixir is vulnerable to Information Disclosure. The vulnerability exists because the library does not securely define environment variables in the defaultConfig.js variable handler, allowing an attacker to access sensitive information...

Denial Of Service (DoS)

vim is vulnerable to Denial of Service DoS. An attacker could exploit this vulnerability by tricking a user into opening a specially crafted Vim file. The file would cause Vim to allocate and free memory in a way that triggers the heap-use-after-free via the function gagrowinner vulnerability,...

Information Disclosure

Ezsystems/ezpublish-kernel is vulnerable to Information Disclosure. The vulnerability exists because it does not properly validate downloads in the management mechanisms in DownloadController.php, allowing an attacker to gain access sensitive data...

Information Disclosure

Ezsystems/ezplatform-solr-search-engine is vulnerable to Information Disclosure. The vulnerability exists due to an authentication flaw in Endpoint.php, allowing an attacker to gain sensitive information...

Denial Of Service (DoS)

LibTIFF is vulnerable to Denial of Service. The vulnerability is due to mishandling memory allocation for short files in the TIFFReadDirEntryArray function. This can potentially lead to an allocation failure and application crash...

Denial Of Service (DoS)

libfrr.so is vulnerable to Denial Of service attack. The vulnerability arises due to a lack of validation the bgpattrcheck method. Am attacker can cause a crash by sending a crafted BGP UPDATE message...

Denial Of Service (DoS)

pillow is vulnerable to Denial of Service DoS. The vulnerability is due to a lack of a max string size for an image font in ImageFont.py which can result in unbounded allocation of memory to process a given task, resulting in an out of memory error resulting in Denial of Service...

Privilege Escalation

github.com/kubernetes-csi/csi-proxy is vulnerable to Privilege Escalation. The vulnerability is caused by insufficient input sanitization while constructing different commands from the input string passed to different functions implemented in pkg/os/volume/api.go and pkg/os/volume/api.go. A user...

Use Of Hardcoded Cryptographic Key

lamp-core and lamp-util are vulnerable to hard coded credential vulnerability. The vulnerability is due to usage of a hardcoded cryptographic key while creating and verifying a JWT token.The vulnerability allows an attacker to authenticate to the application via a specially crafted token...

Improper Access Control

ezsystems/ezplatform is vulnerable to Improper Access Control. The vulnerability is caused by missing validations in the file download route used for downloading files by specifying the name of the downloaded file. An attacker can construct download URLs with filenames that have no relation to th...

OS Command Injection

intelliants/subrion is vulnerable to OS Command Injection. The vulnerability is due to a lack of sanitization in the hooks system module. An attacker is able to exploit this vulnerability by sending a specially crafted webshell to a vulnerable Subrion installation. The request would contain a...

Sensitive Information Disclosure

ibexa/solr is vulnerable to Sensitive Information Disclosure. The vulnerability arises due to a flaw in Iexa's Solr search engine authentication, which can reveals sensitive authorization information...

Remote Code Execution (RCE)

org.glassfish.main.orb: orb-connector is vulnerable to Remote Code Execution RCE. An attacker could exploit this vulnerability by sending a specially crafted RMI request to a vulnerable Glassfish server via access to insecure ORB listeners. The server would then execute the code contained in the...

Insecure Direct Object Reference (IDOR)

ibexa/core is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is present because the DownloadController.php does not adequately validate the filenames in download URLs, allowing an attacker to craft malicious download URLs with filenames that bear no relation to the actual...

Improper Access Control

@strapi/strapi and @strapi/plugin-users-permissions are vulnerable to Improper Access Control. The vulnerability is caused by a missing configuration/provision to control which custom fields are allowed to be set during registration while calling the /api/auth/local/register route. This can lead ...

Prototype Pollution

@clickbar/dot-diver is vulnerable to Prototype Pollution. The vulnerability is due to the getByPath and setByPath functions in index.ts not properly validating the type of the object being passed. This allows an attacker to potentially modify attributes like proto, constructor, and prototype by...

XML External Entity Injection

OpenCRX is vulnerable to XML External Entity injection XXE. The vulnerability is due to improper input sanitization in the DocumentBuilderFactory function . This can potentially lead to server side request forgery attacks...

Information Disclosure

wordpress is vulnerable to Information DIsclosure. This vulnerability allows an attacker to exploit a flaw in the way that WordPress handles certain HTTP requests to expose sensitive information, such as user passwords and database credentials...

Cross-Site Scripting (XSS)

wordpress is vulnerable to Cross-Site Scripting XSS. An authenticated attacker could exploit this vulnerability to inject malicious code into the WordPress dashboard, which could then be executed by other users of the WordPress website...

Buffer Overflows

qemu is vulnerable to Buffer Overflows. A guest I/O address overflow vulnerability allows an attacker to overwrite arbitrary memory on the host system by exploiting a flaw in the way that QEMU handles guest I/O operations...

Improper Input Validation

trafficserver is vulnerable to Improper Input Validation. The vulnerability occurs in the Apache traffic server with malformed HTTP/2 frames resulting in a Denial of Service...

Information Disclosure

trafficserver is vulnerable to Information Disclosure. The vulnerability allows an unauthorized malicious actor to access sensitive information within the apache traffic server...

Command Injection

pip is vulnerable to Command Injection. While installing a package from Mercurial VCS URL, a specified mercurial URL could be used to inject arbitrary configuration options to the hg clone call. Controlling the Mercurial configuration can modify how and which repository is installed...

Buffer Overflow

zephyr is vulnerable to Buffer Overflow. The vulnerability arises due to a lack of buffer size validation in the assert function in subsys/bluetooth/host/hcicore.c...

Cross Site Scripting

Reportico is vulnerable to Cross Site Scripting. The vulnerability is due to improper input sanitization in the project report title. The attacker can exploit this issue by injecting malicious JavaScript in the title field...

Heap Buffer Overflow

OpenImageIO is vulnerable to Heap Buffer Overflow. The vulnerability is due to the readsubimagedata function which allows an attacker to cause a denial of service...

Cross-site Scripting (XSS)

phpbb/phpbb is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the main function in acpicons.php does not adequately escape the smilies URL and does not prevent the use of a .pak filename, allowing an attacker to inject and execute malicious JavaScript...

Remote Code Execution (RCE)

transmute-core is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe YAML deserialization which allows a remote attacker to execute arbitrary Python code by deserializing arbitrary YAML...

Server-Side Request Forgery (SSRF)

foodcoopshop/foodcoopshop is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the lack of proper image validation. This flaw permits an attacker to send a request to any host on the local network, which then responds with a 200 status code for a HEAD requests serving a...

Denial Of Service (DoS)

Django is vulnerable to Denial Of Service DoS. The vulnerability exists in the topython functionality within the UsernameField class of forms.py. It fails to implement a maximum length check for the NFKC normalization, which allows an attacker to potentially crash the application on Windows by...

Cross-site Scripting (XSS)

chromium is vulnerable to Remote Code Execution RCE. The vulnerability exists due to the inappropriate implementation in Payments, which allows an attacker to bypass XSS preventions via a malicious file...

Improper Validation

chromium is vulnerable to Improper Validation. The vulnerability occurs due to incorrect USB input validation allowing a remote malicious attacker to perform out of bounds memory access...

Denial Of Service (DoS)

chromium is vulnerable to Denial Of Service DoS. The vulnerability exists due to the integer overflow in the USB component of the library, which allows an attacker to cause heap corruption via a maliciously crafted HTML page...

Inappropriate Implementation In Downloads

chromium is vulnerable to Inappropriate Implementation In Downloads. The vulnerability occurs within downloads in google chrome which allows a remote malicious attacker to obfuscate security UI using a crafted HTML page...

Use After Free

chromium is vulnerable to Use After Free. The vulnerability exists in the Printing component of the library which allows an attacker to convince user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures...

Domain Spoofing

chromium is vulnerable to Domain Spoofing. The vulnerability occurs due to incorrect secuirty UI within downlaods allowing a remote malicious attacker to perform domain spoofing via a crafted domain name...