38196 matches found
Authentication Bypass
github.com/nats-io/nats-server is vulnerable to Authentication Bypass. The vulnerability is due to configureAccounts function in server.go which allows the creation of a no-authenticated user for the global account. This potentially leads an attacker to unauthorized access to the global account...
Cross-site Scripting (XSS)
dolibarr/dolibarr is vulnerable to Cross-site Scripting XSS. An attacker is able to exploit this vulnerability by tricking a user into clicking on a malicious link or opening a malicious file. The malicious link or file would contain a specially crafted XSS payload that would be injected into the...
Denial Of Service (DoS)
github.com/quic-go/quic-go is vulnerable to Denial Of Service DoS. The vulnerability is a result of the mishandling of ACK frames that are serialized after CRYPTO frames in connection.go during the node handshake process. This flaw allows a malicious remote node to trigger a null pointer...
Denial Of Service (DoS)
elasticsearch is vulnerable to Denial of service attack. The vulnerability is due to the search API which allows specially crafted query strings to cause a stack overflow...
Cross Site Scripting
Basercms is vulnerable to Cross Site Scripting. The vulnerability is due to insufficient sanitization of user input, particularly in file upload and management features. This allows an attacker to inject malicious scripts into these variables and that can potentially lead to Cross Site Scripting...
Information Disclosure
libshadow.so is vulnerable to Information Disclosure. The vulnerability exists in changepasswd function at gpasswd.c because the password field is not properly zeroed out if the confirmation fails...
Denial Of Service (DoS)
libmatio.so is vulnerable to Denial Of Service DoS. The vulnerability exists in ReadNextFunctionHandle function at mat5.c which allows an attacker to cause an application crash...
SQL Injection
github.com/flyteorg/flyteadmin is vulnerable to SQL Injection. The vulnerability exists because the custom sql statements are not properly handled which allows an attacker to inject and execute arbitrary sql queries...
Improper Input Validation
k8s.io/ingress-nginx is vulnerable to Improper Input Validation. The vulnerability is caused by a missing validation check on nginx.ingress.kubernetes.io/configuration-snippet annotation on an Ingress object in the networking.k8s.io or extensions API group. The above annotation can be used to...
Directory Traversal
basercms is vulnerable to Directory Traversal. The vulnerability is due to improper sanitization and validation in the Form submission data management feature. An attacker can exploit this vulnerability to gain sensitive information from the server...
Code Injection
basercms is vulnerable to Code Injection. The vulnerability is due to improper sanitization in Mail Form Feature. This can be exploited by the attacker by injecting malicious code via the Mail Form...
Buffer Overflows
libmemcached.so is vulnerable to Buffer Overflows. An attacker could exploit this vulnerability by tricking a user into visiting a malicious website or opening a malicious file. The website or file would contain a specially crafted multiget request that would be forwarded to a vulnerable Memcache...
Regular Expression Denial Of Service (ReDoS)
Django is vulnerable to Regular Expression Denial Of Service. The vulnerability is due to the chars and words functions in text.py as there is no proper limiting or optimization while using regular expressions to parse and truncate input text. This allows an attacker to craft very long or...
Information Disclosure
apacheairflowproviderscelery is vulnerable to Information Disclosure. An attacker is able to exploit this vulnerability by tricking a user into running an Airflow job that contains a malicious Celery task. The malicious task would then insert sensitive information into the Airflow logs as clear...
Privilege Escalation
open-vm-tools is vulnerable to Privilege Escalation. The vulnerability is a file descriptor hijack within the vmware-user-suid-wrapper allowing a malicious attacker to simulate user inputs...
SAML Token Signature Bypass
open-vm-tools is vulnerable to SAML Token Signature Bypass. An attacker could exploit this vulnerability by tricking a user into opening a specially crafted file or visiting a malicious website. The file or website would contain a specially crafted SAML token that would exploit the flaw in VMware...
Off-by-one Error
memcached is vulnerable to Off-by-one Error. An attacker could exploit this vulnerability by sending a specially crafted proxy request to a vulnerable Memcached server when \n is used instead of \r\n. The server would then attempt to process the request, which would cause the server to crash. The...
Buffer Overflows
memcached is vulnerable to Buffer Overflows. An attacker could exploit this vulnerability by sending a specially crafted multiget request to a vulnerable Memcached server when there are many spaces after the "get" substring for multiget requests in proxy mode. The server would then attempt to...
Denial Of Service (DoS)
imagemagick is vulnerable to Denial of Service DoS. A heap-based buffer overflow vulnerability allows an attacker to cause denial of service conditions via ReadTIFFImage in coders/tiff.c, by exploiting a flaw in the way that ImageMagick handles TIFF images...
Denial Of Service (DoS)
imagemagick is vulnerable to Denial of Service DoS. A heap-based buffer overflow vulnerability in ImportMultiSpectralQuantum function in MagickCore/quantum-import.c allows an attacker to pass a specially crafted file to convert, triggering an out-of-bounds read error, which could cause an...
Out-of-Bounds Write
xwayland is vulnerable to Out-of-Bounds Write. An attacker could exploit this vulnerability by crafting a malicious X11 message that would cause the Xorg X11 server to write data outside of the bounds of a buffer which would allow the attacker to crash the server or escalate privileges...
Information Disclosure
openssl is vulnerable to Information Disclosure. An incorrect cipher key & IV length processing vulnerability allows an attacker to exploit a flaw in the way that OpenSSL handles cipher key and IV lengths by tricking a user into opening a specially crafted file or connecting to a malicious server...
Use After Free
chromium is vulnerable to Use After Free. An attacker could exploit this vulnerability by tricking a user into visiting a malicious website or opening a malicious file. The website or file would contain a specially crafted exploit that would cause Google Chrome to corrupt memory. The attacker cou...
Denial Of Service (DoS)
imagemagick is vulnerable to Denial of Service DoS. This vulnerability allows an attacker to trick a user into opening a specially crafted TIFF image file, resulting in an application crash and denial of service DoS due to a heap-based buffer overflow in coders/tiff.c...
Type Confusion
firefox is vulnerable to Type Confusion. An attacker could exploit this vulnerability by tricking a user into visiting a malicious website or opening a malicious file. The website or file would contain a specially crafted exploit that would cause Firefox to confuse types, which could then be used...
Denial Of Service (DoS)
firefox is vulnerable to Denial of Service DoS. A malicious user is able to leverage the vulnerability to cause peformance issues which will result in denial of service conditions because the drivers are not always robust to extremely large draw calls...
Insufficient Activation Delay
firefox is vulnerable to an Insufficient Activation Delay. An attacker could exploit this vulnerability by tricking a user into visiting a malicious website or opening a malicious file. The website or file would contain a specially crafted exploit that would cause the browser to open a prompt or...
Information Disclosure
firefox is vulnerable to Information Disclosure. An attacker could exploit this vulnerability by sending a specially crafted request to a vulnerable Firefox browser. The request would cause the browser to disclose the size of the response and the contents of the Vary header...
Denial Of Service (DoS)
firefox is vulnerable to Denial of Service DoS. A malicious user is able to leverage the vulnerability to cause peformance issues which will result in denial of service conditions during garbage collection...
Open Redirect
firefox is vulnerable to Open Redirect. An attacker could exploit this vulnerability by tricking a user into visiting a malicious website. The malicious website would contain a specially crafted link that would redirect the user to an arbitrary website. The user would not be able to see the actua...
Spoofing Attacks
firefox is vulnerable to Spoofing Attacks. An attacker could exploit this vulnerability by tricking a user into visiting a malicious website. The website would contain a specially crafted exploit that would trigger the WebAuthn prompt while simultaneously obscuring the full-screen notification. T...
Remote Code Execution (RCE)
firefox is vulnerable to Remote Code Execution RCE. An attacker could exploit this vulnerability by tricking a user into visiting a malicious website or opening a malicious file. The website or file would contain a specially crafted exploit that would cause Firefox or Thunderbird to crash,...
Remote Code Execution (RCE)
firefox is vulnerable to Remote Code Execution RCE. An attacker could exploit this vulnerability by tricking a user into visiting a malicious website or opening a malicious file. The website or file would contain a specially crafted exploit that would cause Firefox to crash, triggering the memory...
Spoofing Attacks
Firefox is vulnerable to Spoofing Attacks. An attacker could potentially create a malicious link using bidirectional characters to deceive the user about the displayed location in the address bar when the link is visited...
Denial Of Service (DoS)
Snappy-Java is vulnerable to Denial of Service DoS. The vulnerability is due to the lack of a max chunk length check, allowing an attacker to decompress data with a chunk size which is too large to process resulting in Denial of Service...
Remote Code Execution (RCE)
Azure.Identity is vulnerable to Remote Code Execution. The vulnerability is due to improper property sanitization, which allows an attacker to pass a specially crafted OS-level command to a specific SDK property which can result in Remote Code Execution. The vulnerability exists in the...
Cross-site Request Forgery (CSRF)
baserCMS is vulnerable to Cross-site Request Forgery CSRF. The vulnerability is due to the content preview feature, which allows an attacker to preform CSRF...
Cross-Site Scripting (XSS)
github.com/zitadel/zitadel is vulnerable to Cross-Site Scripting. This vulnerability exists due to a missing security header in asset.go, allowing an attacker to inject and execute malicious JavaScript in the victim's browser via a crafted SVG image...
Buffer Overflow
libzephyr.so is vulnerable to Buffer Overflow. The vulnerability occurs due to a ineffective assert check within the STM32 Crypto Driver component which then leads to an application crash...
Improper Access Control
ECF HttpClient4 Provider is vulnerable to Improper Access Control. The vulnerability is caused due to incompatibility reasons in SPNEGO authentication. An attacker could exploit this vulnerability by sending a specially crafted request to a vulnerable system...
Improper Verification Of Cryptographic Signature
browserify-sign is vulnerable to Improper Verification Of Cryptographic Signature. An upper bound check issue in DSA verification allows an attacker to construct signatures that can be successfully verified by any public key, which leads to a signature forgery attack. The attacker could exploit...
Denial Of Service (DoS)
knot-resolver is vulnerable to Denial of Service DoS. An attacker could exploit this vulnerability by sending specially crafted DNS responses to a vulnerable Knot Resolver server. The server would then attempt to reconnect to the attacker's server many times, causing a DoS condition...
Arbitrary Code Execution
traceroute is vulnerable to Arbitrary Code Execution. A command-line argument parsing vulnerability in the traceroute utility allows an attacker to execute arbitrary code on a vulnerable system by exploiting a flaw in the way that traceroute parses command-line arguments...
Denial Of Service (DoS)
libfrr.so is vulnerable to Denial of Service DoS. An insecure implementation of MPREACHNLRI processing allows an attacker to crash a vulnerable router by sending a specially crafted BGP UPDATE message with a malformed MPREACHNLRI attribute causing the router to crash...
Denial Of Service (DoS)
libfrr.so is vulnerable to Denial of Service DoS. An insecure implementation of BGP message processing allows an attacker to cause a denial-of-service DoS condition by sending a specially crafted BGP UPDATE message to a vulnerable router which could consume a large amount of memory and cause the...
Denial Of Service (DoS)
OpenSearch is vulnerable to Denial of Service DoS. The vulnerability is due to improper input validation for malformed HTTP requests sent by an unauthenticated user in an opensearch node .This can leas to memory exhaustion resulting in to Denial of Service...
Arbitrary Code Execution
github.com/kubernetes/ingress-nginx is vulnerable to Arbitrary Code Execution. The vulnerability arises from the library's default lack of proper annotation validation. This deficiency enables an attacker to inject and execute malicious code through the...
Improper Authorization
calibre is vulnerable to Improper Authorization. An attacker could exploit this vulnerability by tricking a user into opening a specially crafted ebook with calibre. The ebook would contain a malicious link that would exploit the flaw in the linktolocalpath function to escalate the attacker's...
Improper Access Control
github.com/kubernetes/ingress-nginx is vulnerable to Improper Access Control. The vulnerability exists because the library does not adequately validate path types. Consequently, an attacker with the ability to create or update ingress objects can utilize directives to evade the sanitization of th...
Cross-site Scripting (XSS)
baserproject/basercms is vulnerable to Cross-site Scripting XSS. The vulnerability in the favorite feature of form.php because it fails to properly escape malicious characters before rendering. This allows an attacker to inject and execute malicious JavaScript in the web browser when accessing th...