Out Of Bound Read

github.com/gomarkdown/markdown is vulnerable to Out Of Bound Read Vulnerability. The vulnerability occurs in citation.go due to parsing an element beyond its length, leading to an out-of-bounds read. The attacker can exploit this issue by utilizing the parser.Mmark extension which can lead in a...

Heap Buffer Overflow

CUPS is vulnerable to Heap Buffer Overflow. The vulnerability is due to a failure in validating the length provided by an attacker-crafted document leading to buffer overflow and possible code execution...

Use After Free

libassimp.so is vulnerable to Use After Free. The vulnerability is caused by a defect in a function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp which can lead to application crash resulting in Denial Of Service DOS...

Denial Of Service

nocodb is vulnerable to Denial Of Service. The vulnerability is due to Improper Input Validation via the Add new table field which can cause a Denial of Service by sending a specially crafted HTTP request...

Denial Of Service

faktory package is vulnerable to Denial of Service. The vulnerability is related to how the backend reads the days URL query parameter in the Faktory web dashboard which is used without any validation. If a huge value is provided, the backend service could consume significant amount of memory and...

Missing Authorization

com.sonyericsson.jenkins.plugins.bfa: build-failure-analyzer is vulnerable to Missing Authorization. The vulnerability is caused by a missing permission check in test HTTP endpoint doTestConnection as well as the doTestConnection HTTP POST endpoint. This can allow attackers with Overall/Read...

Insecure Temporary File Creation

Jenkins is vulnerable to Insecure Temporary File Creation. The vulnerability is due to creating a temporary file when a plugin is deployed directly from a URL. An attacker can exploit this vulnerability by deploying a plugin from URL resulting in access to the Jenkins controller file system with...

Insecure Temporary Files

org.jenkins-ci.main: jenkins-core is vulnerable to Insecure Temporary Files. The vulnerability is caused by not restricting permissions to the temporary file in the system temporary directory and leaving the newly created files with default permissions which are created by the Jenkins API...

Information Disclosure

org.springframework.graphql:spring-graphql is vulnerable to Information Disclosure. The vulnerability is due to an issue where an application provides a DataLoaderOptions instance when registering batch loader functions through the DefaultBatchLoaderRegistry method leading to information disclosu...

Sensitive Information Exposure

jenkins-core is vulnerable to Sensitive Information Exposure. The vulnerability is due to the fitsSearchBuildVariables method in HistoryPageFilter.java. This method handles all build variables the same way without considering it's sensitivity which can lead attackers with Item/Read permission to...

Cross-Site Request Forgery

com.sonyericsson.jenkins.plugins.bfa: build-failure-analyzer is vulnerable to Cross-Site Request Forgery. The vulnerability is due to the doRemoveConfirm method in CauseManagement.java which handles requests via GET, allowing an attacker to delete Failure Causes...

Cross-site Scripting

Jenkins is vulnerable to Cross Site Scripting. The vulnerability occurs due to improper sanitization of the caption constructor parameter in the ExpandableDetailsNote. The attacker can exploit this vulnerability by injecting malicious payload in the caption parameter resulting in the execution of...

Arbitrary Code Execution

Apache airflow hdfs provider package is found to be vulnerable to code execution. Incorrect documentation points users to install an incorrect pip package. Since this package is unverified, an attacker can claim this package and provide code that would be executed when this package was installed...

Path Traversal

NATS nats-server is vulnerable to Path Traversal. The vulnerability is caused by a missing validation check while constructing filenames for account synchronization, which happens in the system account, allowing arbitrary file write as the user running NATS by anyone who can publish arbitrary...

Cross Site Scripting

xdsoft.net is vulnerable to Cross Site Scripting vulnerability. The vulnerability is due to improper sanitization of user input in the rich text editor component. This can be exploited by the attacker by injecting malicious input to execute Javascript on client side...

Cross Site Scripting

zope is vulnerable to Cross Site Scripting . The vulnerability is due to Image.py as there is no prevention for the inline display of potentially risky SVG file types in the browser...

Server Side Request Forgery

GeoNode is vulnerable to Server Side Request Forgery. The vulnerability is due to bypassing the existing application whitelist using the @ or %40 character as a credential to the host geoserver on port 8080. This can be exploited by the attacker to fetch internal sensitive resources...

Denial Of Service

plonerest is vulnerable to Denial of Service. The vulnerability is due to a lack of normalization or checking for repeated occurrences of /++api++ with the traverse function in traverse.py file. An attacker could repeatedly append /++api++ to a URL, causing the URL to grow indefinitely and consum...

Cross Site Scripting (XSS)

librenms/librenms is vulnerable to DOM based Cross Site Scripting XSS. The vulnerability is caused by not sanitizing/escaping HTML special characters in a IPV6/IPV4 search field in includes/html/pages/search/ipv6.inc.php while searching for IPV4/IPv6 addresses. This can result in disclosure of th...

Cross Site Scripting (XSS)

librenms/librenms is vulnerable to Cross Site Scripting XSS. The vulnerability is caused by not sanitizing/escaping HTML special characters in includes/html/pages/search/fdb.inc.php file. This can lead to stealing user's cookies, gain unauthorized access to that user's account through stolen...

Authentication Bypass

Sustainsys.Saml2 is vulnerable to Authentication Bypass. The vulnerability is caused by a missing validation check for the issuer of the Saml2 assertion in a Saml2 response and issuer identified in the stored request state. This can lead to a malicious identity provider to craft a Saml2 response...

Arbitrary File Overwrite

org.eclipse.jgit is vulnerable to Arbitrary File Overwrite. The vulnerability is due to a symbolic link present in a specially crafted git repository which can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem...

Denial Of Service

graphql is vulnerable to Denial Of Service. The vulnerability is due to an insufficient check/comparison between node1 and node2 in the OverlappingFieldsCanBeMergedRule.ts file. This can result in a degradation of system performance when processing large queries...

Improper Reentrancy Checks

Vyper vulnerable to Improper Reentrancy Checks. The vulnerability is due to improperly handling the reentrancy at runtime. This can be exploited by the attacker where a malicious contract can repeatedly call a vulnerable contract leading to unexpected behavior or loss of funds...

Code Injection

librenms/librenms is vulnerable to Code Injection. The vulnerability is due to the search.inc.php as there is no proper sanitization for the searchtype which can result in HTML Injection...

Cross Site Scripting

memos is vulnerable to Cross Site Scripting. The vulnerability is due to insufficient checks in the following /o/get/image?url= endpoint which is used to fetch external images. This can be exploited by the attacker to fetch malicious external image such as svg file and execute malicious javascrip...

Remote Code Execution

FUXA is vulnerable to Remote Command Execution. The vulnerability is due to the lack of sanitization on user supplied input which allows use of dangerous methods at the following affected API route /api/runscript. This can be exploited by an attacker by passing malicious user input to the followi...

Cross-site Scripting

librenms/librenms is vulnerable to Cross-site Scripting. The vulnerability is due to the hostname variable in the ports.inc.php file not being properly sanitized, which can result in cross cite scripting...

Arbitrary Argument Injection

blamer is vulnerable to Arbitrary Argument Injection. The vulnerability is due to blameByFile API not properly sanitizing the user input and validating the give file path. This can be exploited by the attacker by using he double-dash POSIX character -- to pass malicious command line arguments to...

Denial Of Service

grpc is vulnerable to Denial Of Service. The vulnerability is due to improper error handling in TCP server which allows an attacker to initiate number of concurrent connections with the server leading to denial of service...

Arbitrary Code Execution

Jetty-servlets is vulnerable to Arbitrary Code Execution. The vulnerability is due to insecure escaping of user input which can result in the execution of arbitrary commands. This vulnerability occurs in the CGI servlet handler through the getRuntime.exec method...

HTTP Request Smuggling

Jetty is vulnerable to HTTP Request Smuggling. The vulnerability is due to accepting + character proceeding the content-length in the request. This vulnerability can be exploited by the attacker to possibly conduct request smuggling attacks...

Weak Authentication

org.eclipse.jetty, jetty-openid is vulnerable to Weak Authentication. The vulnerability is caused by a logical programming defect in the validateRequest function in the OpenIdAuthenticator.java class which allows current requests to still proceed even when LoginService does return that the...

Denial Of Service

sidekiq is vulnerable to Denial Of Service. The vulnerability is due to insufficient localStorage checks in the dashboard-charts.js file. The attacker can exploit this issue by manipulating the localeStorage.sidekiqTimeInterval which leads to Denial of Service...

Cross Site Scripting

froala-editor & froala/wysiwyg-editor is vulnerable to Cross Site Scripting. The vulnerability is due to the Insert Link functionality which does not properly sanitize or validate the link that user provides, resulting in Cross Site Scripting...

Improper Input Validation

github.com/hashicorp/vault is vulnerable to Improper Input Validation. The vulnerability is due to the transit secrets engine which allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. This could allow an attacker to potentially decrypt arbitrary...

Heap Buffer Overflow

various libraries that include webp are vulnerable to Heap Buffer Overflow. The vulnerability is caused by an out of bounds heap memory write in a function BuildHuffmanTable in file src/dec/vp8ldec.c in library libwebp. This can potentially overwrite adjacent memory and corrupt data and can be...

Path Traversal

Jeecg-boot is vulnerable to Arbitrary File Read. The vulnerability is due to the testConnection interface, which allows an attacker to read arbitrary files from the system...

Observable Discrepancy (Information Exposure)

piccolo is vulnerable to Observable Discrepancy Information Exposure. The vulnerability is caused by a defect in the BaseUser.login function which fails to return responses in a constant time but based on internal state of the application. e.g: a response is generated immediately when user is not...

WAF Bypass

Modsecurity is vulnerable to WAF bypass attack. This issue is due to HTTP multipart requests being incorrectly parsed. The attacker could obtain unauthorized resource by exploiting this vulnerability...

Cross-site Scripting

terrylinooo/githuber-md is vulnerable to Cross Site Scripting. The vulnerability is due to improper sanitization, allows attacker to execute arbitrary code via a crafted payload to the new article function...

Cross Site Scripting (XSS)

cecilapp/cecil is vulnerable to Reflected Cross-site Scripting XSS. The vulnerability is caused by not sanitizing and escaping special characters in the request URI path for the Cecil site generated by cecil serve when 404.html is not configured. This can lead to unauthenticated remote attackers...

Remote Code Execution

Craft CMS is vulnerable to Remote Code Execution. The vulnerability is due to the beforeAction not properly validating the parameter leading to malicious code execution...

Memory Leak

libgpac.so is vulnerable to a Memory Leak. The vulnerability is caused by a defect in the gflistnew function at utils/list.c . This can lead to unexpected behavior resulting from a low memory condition or Denial Of Service DOS by crashing or hanging the program...

Path Traversal

cecil/cecil vulnerable to Relative Path Traversal. The vulnerability is caused by a lack of additional checks when verifying a file is within an expected location, which can lead to the access of files outside of the document root...

Buffer Overflow

GPAC is vulnerable to Buffer Overflow. The vulnerability is due to the gfhevcreadspsbsinternal function of mediatools/avparsers.c, which can result in Denial of Service...

Buffer Overflow

GPAC is vulnerable to Buffer Overflow. The vulnerability is due to the gfhevcreadspsbsinternal function of mediatools/avparsers.c which allows an attacker to cause an application crash...

Denial Of Service (DoS)

hwloc is vulnerable to Denial of Service. The vulnerability is due to improper handling of glibc cpuset allocation topology-linux.c, which can result in an application crash...

Buffer Overflow

GPAC is vulnerable to Buffer Overflow. The vulnerability is due to the gfvvcreadspsbsinternal function of mediatools/avparsers.c, which allows an attacker to crash the application...

Buffer Overflow

GPAC vulnerable to Buffer Overflow. The vulnerability is due to the gfvvcreadppsbsinternal function of mediatools/avparsers.c which allows an attacker to crash the application...