38196 matches found
Cross-site Scripting (XSS)
cacti is vulnerable to Cross-site Scripting XSS. This vulnerability allows an authenticated attacker to inject malicious JavaScript code into the Cacti web application, which can then be executed by other authenticated users...
Missing Authorization
Apache Superset is vulnerable to Improper Authorization in the SQLLab component. The vulnerability is due to an incorrect authorization check in Apache Superset which allows an attacker to query tables that they do not have proper access to within Superset...
Deserialization Of Untrusted Data
apachesuperset is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to improper object sanitization; if an unauthorized attacker was to obtain write access to the metadata database of Apache Superset, they could persist a specifically crafted Python object that results in...
Denial Of Service
ArgoCD is vulnerable to Denial of Service. The vulnerability is due to a lack of size validation when extracting user-controlled tar.gz files in the repo-server component. The vulnerability could allow an attacker with low privileges to send a malicious tar.gz file leading to denial of service...
Improper Input Validation
apache-superset is vulnerable to Improper Input Validation. The vulnerability allows an attacker to trick a user into potentially registering a SQLite database connection incorrectly if an attacker employs alternative driver names such as sqlite+pysqlite or utilizes database imports. This...
Sensitive Data Exposure
Argo CD is vulnerable to Sensitive Data Exposure. The vulnerability is due to the management of Argo CD Cluster secrets declaratively using Argo CD / kubectl apply which results in the storage of the full secret body within the kubectl.kubernetes.io/last-applied-configuration annotation which can...
Use After Free
Google Chrome is vulnerable to Use After Free. The vulnerability exists in the Networks in the library, which allows an attacker to cause heap corruption via a crafted HTML page...
Type Confusion
Google Chrome is vulnerable to Type Confusion. The vulnerability exists in the V8, which allows an attacker to inject and execute arbitrary code via a maliciously crafted HTML page...
Denial Of Service (DoS)
Google Chrome is vulnerable to Denial Of Service DoS. The vulnerability exists due to the out of bounds memory access in FedCM, which allows an attacker to perform out of bounds memory read via a maliciously crafted HTML page through the renderer process...
Spoofing Attacks
Google Chrome is vulnerable to Spoofing Attacks. The vulnerability exists due to the incorrect security UI in BFCache, which allows an attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
Information Disclosure
redis is vulnerable to Information Disclosure. The vulnerability allows an attacker to access keys that they are not authorized to access by using the SORTRO command. An attacker could exploit this vulnerability by sending a specially crafted SORTRO command to a vulnerable Redis instance which...
Denial Of Service (DoS)
wabt is vulnerable to Denial Of Service DoS. An attacker can crash the application by running a maliciously crafted binary...
Denial Of Service (DoS)
frr is vulnerable to Denial of Service DoS. This vulnerability allows an attacker to cause a DoS condition by sending a crafted BGP update with a corrupted attribute 23...
Out-of-bounds Read
libfreerdp.so is vulnerable to Out-of-bounds Read. The vulnerability is caused by not validating a variable pbSrcBuffer for sufficient data length. Insufficient data in the pbSrcBuffer variable can cause errors or crashes leading to Denial Of Service DOS...
Out-of-bounds Write
libfreerdp.so is vulnerable to Out-of-bounds Write. The vulnerability is due to a missing offset validation check in the cleardecompressbandsdata function leading to Denial Of Service DoS attacks...
Denial Of Service (DoS)
libfreerdp.so is vulnerable to Denial Of Service DoS. The vulnerability is due to a defect in the nscrledecode and nscrledecompressdata functions in the libfreerdp/codec/nsc.c file. This can lead to application crash resulting in Denial of Service DoS...
Memory Exhaustion
go-ethereum is vulnerable to a memory consumption. The vulnerability is due to a node which can be made to consume unbounded amounts of memory when handling a malicious crafted p2p messages sent from an attacker node. The attacker could use this issue to cause memory exhaustion leading to Denial ...
Buffer Overflow
libhdf5.so is vulnerable to Buffer Overflow. There is no explicit check in H5Oattrdecode to verifying that the multiplication operation didn't exceed the addressable range. The fixed code can check for overflow by dividing attr-shared-datasize by dtsize and comparing the result to dssize...
Sensitive Data Exposure
nilsteampassnet/teampass is vulnerable to Sensitive Data Exposure. The vulnerability is due to not restricting/limiting directory listing for various end points. The leads to disclosing application-specific user data and files...
Denial Of Service
Salt masters is vulnerable to Denial Of Service. The vulnerability is due to the master becoming unresponsive to return requests after receiving several bad packets on the request server, equal to the number of worker threads. This allows an attacker to disrupt the Salt master's normal operation...
Information Disclosure
Salt masters is vulnerable to Information Disclosure. This vulnerability is due to the cache directory having same base name across different environments. This could lead to sensitive data from one environment being exposed to another environment...
Server Side Request Forgery (SSRF)
WireMock is vulnerable to Server Side Request Forgery SSRF. The vulnerability is caused by a failure in filtering target addresses during Webhook proxing even when the allowed address rules and denied address rules are configured, regardless of the limitProxyTargets settings. This can lead to...
Improper Check For Unusual Or Exceptional Conditions
Electron is vulnerable to Improper Check For Unusual Or Exceptional Conditions. The vulnerability is caused by not implementing error handling correctly in case of an API exposed to the main world via contextBridge returning an object or array that contains a JS object which cannot be serialized...
Race Condition
wiremock is vulnerable toa Race Condition. The vulnerability is due to the render function when DNS server's address expire between initial validation and an outbound network request, potentially leading to unintended access to prohibited domains...
Remote Code Execution
ethyca-fides is vulnerable to Arbitrary Code Execution. The vulnerability is due to certain API clients who have a special level of permission called "CONNECTORTEMPLATEREGISTER." In the Fides Admin interface one can upload a zip file with arbitrary python code and can execute it. Exploitation is...
Authorization Bypass
Keylime is vulnerable to an attack which allows an attacker to Bypass the Challenge-Response Protocol during agent registration. The vulnerability occurs due to the registrar disclosing the correct "authtag" in the error message. This could allow an attacker to simply record the correct expected...
Incorrect Control Flow Implementation
Electron is vulnerable to Incorrect Control Flow Implementation. The vulnerability is caused by not respecting a Content-Security-Policy CSP in renderers that have sandbox disabled i.e: sandbox:false. This can result in usage of methods like eval and new Function unexpectedly which can result in ...
Denial Of Service (DoS)
frr is vulnerable to Denial of Service DoS. This vulnerability allows an attacker who can send malformed BGP requests to cause a denial-of-service DoS condition or potentially execute arbitrary code on the vulnerable device...
Denial Of Service (DoS)
mdadm is vulnerable to Denial Of Service DoS. The vulnerability exists due to the uncontrolled resource consumtpion in some IntelR SSD Tools, which allows a priviledged user to potentially enable Denial Of Service DoS via local access...
Buffer Overflows
mdadm is vulnerable to Buffer Overflows. The vulnerability exists in some IntelR SSD Tools, which allows a privileged user to potentially enable escalation of privilege via local access...
Information Disclosure
AccessControl is vulnerable to Information Disclosure. The vulnerability is due to the formatmap function which allows attackers controlling the format string to read objects accessible via getattr and getitem which can result a critical information disclosure...
Incorrect Authorization
Apache Superset is vulnerable to Incorrect Authorization. The vulnerability is caused by a missing user permissions check in the importchart method inside superset/charts/commands/importers/v1/utils.py. A non admin authenticated attacker can create resources incorrectly while using the import...
Improper Input Validation
trafficserver is vulnerable to Improper Input Validation. This vulnerability allows an attacker to cause a denial-of-service DoS attack by sending a specially crafted HTTP request...
Improper Input Validation
trafficserver is vulnerable to Improper Input Validation. This vulnerability allows an attacker to bypass security restrictions by sending a specially crafted HTTP request to gain unauthorized access to a vulnerable Apache Traffic Server instance, which could allow them to steal data, modify...
Improper Handling Of Exceptional Conditions
libxrdp.so is vulnerable to Improper Handling Of Exceptional Conditions. The vulnerability is caused by not handling session establishment exceptions appropriately in the authstartsession function in the sesman/libsesman/verifyuserpam.c file. An attacker can bypass OS-level session restrictions b...
Use After Free
libgpac.so is vulnerable for Use After Free. The vulnerability is due to a lack of memory location validation in ctx-reftkw within the ctx-tracks array in the mp4muxconfigurepid function of src/filters/muxisom.c...
Heap Buffer Overflow
libgpac.so is vulnerable for Heap Buffer Overflow. The vulnerability is due to the lack of validation for the ‘bih.bisize’ variable when copying a block of memory into ‘AVI-bitmapinfoheader’ within the ‘aviparseinputfile’ function located in the ‘src/mediatools/avilib.c’ file...
Stack-based Buffer Overflow
gpac is vulnerable to Stack based Buffer Overflow attack. The vulnerability occurs due to lack of bound checking to ensure that the assigned value does not exceed the allocated size, which leads to Denial of Service...
Heap Buffer Overflow
gpac is vulnerable heap Buffer Overflow. The vulnerability occurs due lack of bound checking to ensure that the assigned value does not exceed the allocated size of the offsettable array, which leads to Denial of Service...
Out-of-bounds Read
libgpac.so is vulnerable to an Out-of-bounds Read. The vulnerability is due to a lack of validating the upper bound for the linepos index which is used to read data from the linebuffer. This flaw is located in the gfbtgetnext method inside the src/scenemanager/loaderbt.c file. An attacker can...
Denial Of Service (DoS)
libfreerdp.so is vulnerable to Denial of Service DoS attacks. This vulnerability could allow an attacker to create a specially crafted Remote Desktop Protocol RDP packet that, when received by a vulnerable FreeRDP client, would crash the client...
Out-of-bounds Read
libgpac.so is vulnerable to Out-of-bounds Read. The vulnerability is caused by not validating a variable named buflen to contain a data of sufficient length in a function MPEG12ParseSeqHdr in a file mediatools/mpeg2ps.c. A attacker can exploit this vulnerability to mount a Denial Of Service DOS...
Heap-based Buffer Overflow
libzbar.so is vulnerable to Heap-based Buffer Overflow. A heap-based buffer overflow in the lookupsequence function allows an attacker to create a specially crafted QR code that, when scanned, could lead to information disclosure or arbitrary code execution...
Denial Of Service (DoS)
libfreerdp.so is vulnerable to Denial Of Service DoS. The vulnerability exists in the rfx.c due to a stack overflow error which allows an attacker to cause an application crash, or potentially execute arbitrary code...
Heap-based Buffer Overflow
libzbar.so is vulnerable to Heap-based Buffer Overflow. A heap-based buffer overflow in the qrreadermatchcenters function allows an attacker to create a specially crafted QR code that, when scanned, could lead to information disclosure or arbitrary code execution...
Floating Point Comparison With Incorrect Operator
gpac is vulnerable to Floating Point Comparison with Incorrect Operator. The vulnerability occurs due to manipulating an input which leads to denial of service issue...
Integer Overflow
libgpac.so is vulnerable to Integer Overflow. The vulnerability is caused by a defect in function mp4muxinitializemovie in a file filters/muxisom.c. A attacker can exploit this vulnerability to mount a Denial Of Service DOS attack...
Path Traversal
ZIPFoundation is vulnerable to Path Traversal. The vulnerability is due to the package not validating if symlinks are pointing to paths outside the extraction directory. This allows an attacker to extract files in any arbitrary location and can also lead to code execution...
Out-Of-Bounds Read
libfreerdp.so is vulnerable to Out-Of-Bound Read. The vulnerability exists because of the lack of boundary checks in the multiopaquerect-numRectangles of orders.c, which leads to out-of-bounds read errors, allowing an attacker to cause an application crash...
Buffer Overflow
libfreerdp.so is vulnerable to Buffer Overflow. The vulnerability exists due to the global buffer overflow in the ncrushdecompress function of ncrush.c because it does not properly verify offsets while decoding data, which allows an attacker to cause an application crash by providing a maliciousl...