Command Injection

pydash is vulnerable to Command Injection. The vulnerability is due to the basegetobject function in helpers.py which retrieves the value of a given key from an object. If it doesn't find a specified key in an object, it tries to access the object's attributes directly. This allows attackers to...

Improper Access Control

decidim-templates is vulnerable to Improper Access Control. The vulnerability is due to broken access control in the templates module, which results in an attacker being able to manipulate, create, or delete templates of surveys by accessing the administration panel...

Denial Of Service (DoS)

libhdf5.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to the stack-based buffer overflow in H5Eint.c, which allows an attacker to cause an application crash by providing a maliciously crafted input...

Claim Validation Bypass

io.micronaut.security: micronaut-security-oauth2 is vulnerable Claim Validation Bypass. The vulnerability is due to skipping aud claim validation if the token is issued by the same identity issuer/provider, which results in a potential security gap in audience claim verification...

Buffer Over-read

gpac is vulnerable to Buffer Over-read. This vulnerability allows an attacker to execute arbitrary code on a vulnerable system by exploiting a bug in the way gpac handles memory...

Denial Of Service (DoS)

libvips.so is vulnerable to Denial of Service DoS. The vulnerability is due improper UTF-8 character handling in svgload.c because it does not properly validate malformed characters, which allows an attacker to cause an application crash or potentially execute arbitrary code...

Buffer Overflow

libzephyr.so is vulnerable to Buffer Overflow. The vulnerability is due to the imxmuipmsend function in ipmimx.c and the mcuxmailboxipmsend function in ipmmcux.c which is susceptible to buffer overflow if the size parameter is negative, as a result of signed/unsigned conversion mishandling. The f...

Denial Of Service (DoS)

libpoppler.so is vulnerable to Denial Of Service DoS. The vulnerability exists in the readGenericBitmap function of JBIG2Stream.cc, which allows an attacker to cause an application crash through the recursive function call by providing a maliciously crafted pdf file...

Incorrect Results In Exponentiation

gnark-crypto is vulnerable to Incorrect Results in Exponentiation. The vulnerability is due to the use of exponentiation à la GLV ExpGLV when the exponent exceeds the group order of the pairing target group GT. This sometimes results in incorrect outcomes compared to normal exponentiation Exp...

Improper Provisioning

libzephyr.so is vulnerable to Improper Provisioning. The vulnerability arises from an insecure implementation of the provisionee in the provpubkey function of provdevice.c within the Bluetooth component. If the provisionee has a public key sent out-of-band OOB, it can be sent back during...

Arbitrary File Upload

Gradio is vulnerable to an Arbitrary File Upload vulnerability. The vulnerability is due to the /upload interface endpoint via /tmp directory. The attacker can exploit this by uploading arbitrary files, potentially leading to unauthorized access or execution of malicious code...

Buffer Overflow

libzephyr.so is vulnerable to Buffer Overflow. The vulnerability exists due to the lack of user input validation in the eswificore.c and eswifishell.c, which allows an attacker to cause an application crash...

Denial Of Service (DoS)

python2.7 is vulnerable to Denial Of Service DoS. The vulnerability exists due to the use after free in the library, allowing an attacker to cause an application crash through the heappushpop in heapq...

URL Whitespace Padding Attack

python2.7 is vulnerable to . The vulnerability exists in the urllib.parse component of the library, enabling an attacker to bypass blocklisting methods by providing a URL that begins with blank characters...

Arbitrary Code Execution

netatalk is vulnerable to Arbitrary Code Execution. The vulnerability arises from the combination of primitives offered by SMB and AFP in their default configuration, enabling an attacker to inject and execute malicious code, resulting in arbitrary file write...

Heap-based Buffer Overflow

nasm is vulnerable to Heap-based Buffer Overflows. The vulnerability allows a local attacker to cause buffer overflows on the system by crafting a malicious assembly file through the component quoteforpmake of asm/nasm.c...

Server-Side Request Forgery (SSRF)

lemonldap-ng is vulnerable to Server-Side Request Forgery SSRF. The vulnerability allows an authenticated attacker to send GET requests to arbitrary URLs through the requesturi authorization parameter...

Privilage Escalation

gitlab is vulnerable to Privilage Escalation. The vulnerability allows an attacker to take over GitLab Pages with unique domain URLs if they know the added random string...

Cross-site Scripting (XSS)

gitlab is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of input validation in the library, which allows an attacker to inject and execute malicious javascript through the maliciously crafted URL in the WebIDE beta...

Buffer Overflow

vim is vulnerable to Buffer Overflow. The vulnerability exists due to the heap based buffer overflow in the library, which allows an attacker to cause an application crash...

Out-of-bounds Read

grub2 is vulnerable to Out-of-bounds Read. The vulnerability allows an attacker to read arbitrary memory locations, including sensitive data such as cached passwords and EFI variable values, by presenting a specially crafted NTFS filesystem image...

Out-of-Bounds Write

grub2 is vulnerable to Out-of-Bounds Write. The vulnerability allows an attacker to execute arbitrary code or bypass secure boot protection by presenting a specially crafted NTFS filesystem image...

Improper Access Control

gitlab is vulnerable to Improper Access Control. The vulnerability allows developers to create pipeline schedules on protected branches, even without merge access...

Divide By Zero

vim is vulnerable to Divide By Zero. The vulnerability exists in the scrollcursorbot function of the library, which allows an attacker to cause an application crash...

Cross-site Scripting (XSS)

gitlab isvulnerable to Cross-site Scripting XSS. The vulnerability occurs during the creation of specific PlantUML diagrams, enabling an attacker to inject and execute malicious JavaScript...

Heap-based Buffer Overflow

gpac is vulnerable to Heap-based Buffer Overflow. This vulnerability allows an attacker to execute arbitrary code on a vulnerable system by exploiting a bug in the way gpac handles memory...

Cross-site Scripting (XSS)

roundcube is vulnerable to Cross-site Scripting XSS. The vulnerability is found in the text/plain email messages section within rcubestringreplacer.php, enabling an attacker to inject and execute malicious JavaScript through maliciously crafted links...

Regular Expression Denial Of Service (ReDoS)

gitlab is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability arises from insecure regex patterns used in the library, enabling an attacker to crash the application by sending maliciously crafted payloads that use ProjectReferenceFilter to the previewmarkdown endpoint...

Denial Of Service (DoS)

ghostscript is vulnerable to Denial Of Service DoS. The vulnerability exists due to the integer overflow in the plglyphname of plfont.c, which allows an attacker to cause an application by transforming a maliciously crafted PCL file to PDF format...

Privilege Escalation

qemu is vulnerable to Privilege Escalation. The vulnerability is present in the TCG Accelerator component of the library, allowing an attacker to inject and execute malicious code, escalate privileges, and ultimately crash the application...

Denial Of Service (DoS)

galera-4 is vulnerable to Denial of Service DoS. This vulnerability allows an attacker to cause MariaDB to crash by sending a specially crafted OpenVAS port scan to ports 3306 and 4567. The impact of this vulnerability is high, as it could be exploited by attackers to disrupt the availability of...

Use After Free

chromium is vulnerable to Use After Free. The vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML page when they convinces a user to install a malicious extension...

Use After Free

chromium is vulnerable to Use After Free. The vulnerability allows a remote attacker to potentially exploit heap corruption via crafted UI interaction when they convinces a user to engage in specific UI interaction...

Denial Of Service (DoS)

firefox is vulnerable to Denial Of Service DoS. The vulnerability arises from potential mutations in the hashtable within the Ion Engine while a live interior reference exists, potentially leading to a use-after-free condition and an exploitable crash...

Improper Authorization

firefox is vulnerable to Improper Authorization. This vulnerability allows an attacker to execute arbitrary code on a vulnerable system by exploiting a bug in the way Firefox handles network traffic...

Information Disclosure

firefox is vulnerable to Information Disclosure. This vulnerability allows an attacker to cause a memory leak in a privileged process by exploiting a bug in the way Firefox handles canvas rendering...

Use After Free

firefox is vulnerable to Use After Free. A use-after-free vulnerability in the ImageBitmap class allows a remote attacker to potentially execute arbitrary code on the victim's system by crafting a malicious web page...

Denial Of Service (DoS)

wireshark is vulnerable to Denial of Service DoS. A memory leak in the RTPS dissector allows a remote attacker to cause a denial of service DoS attack by sending a specially crafted RTPS packet...

Information Disclosure

gnome is vulnerable to Information Disclosure. The vulnerability allows unauthenticated local users to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool...

Remote Code Execution (RCE)

ghostscript is vulnerable to Remote Code Execution RCE. This vulnerability allows remote attackers to execute arbitrary code on the system by crafting a malicious PostScript document...

Type Confusion

chromium is vulnerable to Type Confusion. This vulnerability could allow an attacker to execute arbitrary code on a victim's computer by exploiting a flaw in the V8 JavaScript engine. The impact of this vulnerability is high, as it can be exploited by attackers to steal sensitive data, take contr...

Remote Code Execution (RCE)

python-reportlab is vulnerable to Remote Code Execution RCE. A remote code execution is possible because startunichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with unichar code=" followed by arbitrary Python code...

Improper Authorization

gitlab is vulnerable to Improper Authorization. An attacker can create repositories with malicious code by exploiting a vulnerability in the main branch of a repository with a specially designed name...

Denial Of Service (DoS)

gitlab is vulnerable to Denial of Service DoS. A regular expression denial of service ReDoS vulnerability in the AutolinkFilter class allows a remote attacker to crash GitLab by sending a specially crafted Markdown payload to the previewmarkdown endpoint...

Information Disclosure

gitlab is vulnerable to Information Disclosure. A path traversal vulnerability in the importproject function allows a remote attacker to access and read unrelated files on the GitLab server by uploading a specially crafted project export file...

Denial Of Service (DoS)

ghostscript is vulnerable to Denial Of Service DoS. A divide-by-zero vulnerability in the epsprintpage function in gdevepsn.c allows a local attacker to cause a denial of service by opening a specially crafted PDF document...

Buffer Overflow

ghostscript is vulnerable to Buffer Overflows. A buffer overflow vulnerability in the cljmediasize function in devices/gdevclj.c allows a remote attacker to cause a denial of service or potentially execute arbitrary code by opening a specially crafted PDF document...

Heap Buffer Overflow

libtiff.so is vulnerable to heap-buffer-overflow. The vulnerability is due to in extractImageSection function in tiffcrop.c allows attackers to cause a Denial of Service via a crafted tiff file...

Authentication Bypass

github.com/charmbracelet/soft-serve is vulnerable to Authentication Bypass. The vulnerability exists when the public key setting allow-keyless is true which allows an attacker to perform unauthorized actions...

Information Disclosure

urllib3 is vulnerable to Information Disclosure. The vulnerability exists because the cookie http header is not properly handed which allows an attacker to gain information via HTTP redirects and perform unauthorized actions...