Out-Of-Bounds Write

libfreerdp.so is vulnerable to Out-Of-Bounds Write. The vulnerability occurs while calculating nXSrc and nYSrc variables in the progressivedecompress function of progressive.c due to the missing destination checks, which allows an attacker to cause out-of-bound write...

Incorrect Control Flow Implementation

vyper is vulnerable to Incorrect Control Flow Implementation. The vulnerability exists in functions.py due to incorrect implementation of operations causing side effects which allows an attacker to perform unauthorized actions...

Denial Of Service (DoS)

libgpac.so is vulnerable to Divide By Zero. The vulnerability exists due to a divide by zero issue in multiple files of MP4Box which allows an attacker to cause an application crash...

Arbitrary Code Execution

langchain is vulnerable to Arbitrary Code Execution. The vulnerability exists in evaluate function of numexpr library which allows an attacker to inject and execute arbitrary commands...

Authorization Bypass

github.com/usememos/memos is vulnerable to Authorization Bypass. The vulnerability exists in JWTMiddleware function at jwt.go due to improper handling of JWT tokens which allows an attacker to perform unauthorized actions...

Privilege Escalation

github.com/usememos/memos is vulnerable to Privilege Escalation. The vulnerability exists in JWTMiddleware function at jwt.go due to improper admin privileges which allows an attacker to view high privilege user Admin PRIVATE POST...

NULL Pointer Dereference

libgpac.so is vulnerable to NULL Pointer Dereference vulnerability. The vulnerability is due to a defect in function gfxmlsaxparseintern in file utils/xmlparser.c and file filters/dasher.c. The attacker can exploit this vulnerability to mount Denial Of Service DOS attack...

Heap-based Buffer Overflow

libgpac.so is vulnerable to Heap-based Buffer Overflow. The vulnerability is caused by a defect in a aviread function of in avilib.c. An attacker can exploit this vulnerability to mount Denial Of Service DOS attack...

Incorrect Control Flow Implementation

Parse server is vulnerable to Incorrect Control Flow Implementation vulnerability. The vulnerability is caused by not invoking beforeFind trigger when executing the Parse.Query method in certain conditions. This can lead to access control issues when beforeFind is used as a security layer to modi...

Business Logic Errors

vyper is vulnerable to Business Logic Errors. The vulnerability exists because the order of evaluation of the arguments of the builtin functions uint256addmod, uint256mulmod, ecadd and ecmul does not follow source order, which can be exploited by an attacker to create contracts that behave...

Information Disclosure

python3 is vulnerable to Information Disclosure. The vulnerability can be exploited by an attacker to bypass the TLS handshake and send unencrypted data to the server. This data could be used to modify or delete resources that are authenticated only by a TLS certificate, which makes it possible f...

Information Disclosure

github.com/bnb-chain/tss-lib is vulnerable to Information Disclosure. An attacker is able to steal the secret key shares of other participants in the signing protocol. This could happen if the attacker generates a Paillier modulus N containing small factors less than 2^100. The master key can the...

Denial Of Service (DoS)

wabt is vulnerable to Denial Of Service DoS. The vulnerability exists due to the out-of-bounds read in the OnReturnCallIndirectExpr-GetReturnCallDropKeepCount component, allowing an attacker to cause an application crash...

Denial Of Service (DoS)

wabt is vulnerable to Denial Of Service DoS. The vulnerability exists due to the heap overflow in the size function of stlvector.h, allowing an attacker to cause an application crash...

Denial Of Service (DoS)

wabt is vulnerable to Denial Of Service DoS. The vulnerability exists because an attacker can abort in CWriter::Write, resulting in a Denial Of Service DoS condition...

Out Of Bounds Read

wabt is vulnerable to Out Of Bounds Read. The vulnerability exists due to the lack of input validation in the OnReturnCallExpr-GetReturnCallDropKeepCount component, allowing an attacker to gain sensitive information...

Improper Session Handling

xrdp is vulnerable to Improper Session Handling. This vulnerability can be exploited by an attacker to bypass OS-level session restrictions. For example, an attacker could use this vulnerability to establish multiple concurrent sessions to a system, even if the system is configured to only allow ...

Cross Site Scripting (XSS)

@dcl/single-sign-on-client is vulnerable to Cross Site Scripting XSS. An attacker is able to exploit this vulnerability by injecting malicious JavaScript code into the init function of the library. This code will be executed by the browser, allowing the attacker to take control of the victim's...

Path Traversal

hyper-bump-it is vulnerable to Path Traversal. The vulnerability is due to a lack of validating whether matched files are within the project root directory. As a result, this could lead to changes being written to files outside of the project which allows an attacker to cause files to be edited...

NULL Pointer Dereference

libgpac.so is vulnerable to Null Pointer Dereference. The vulnerability is due to referencing a null pointer in the filereadbytes function of the mpeg2ps.c file, as well the avilib.c and dasher.c file. The attacker can mount Denial Of Service DOS attack by exploiting this vulnerability...

Denial Of Service (DoS)

py3-django is vulnerable to Denial of Service DoS attacks. This vulnerability can be exploited by an attacker to cause the Django server to crash by sending a specially crafted URI...

Man-in-the-Middle (MitM)

open-vm-tools is vulnerable to Man-in-the-Middle MitM attacks. This vulnerability can be exploited by an attacker with man-in-the-middle MITM network positioning between vCenter and the ESXi host hosting the virtual machine to bypass SAML token signature verification, to perform VMware Tools Gues...

SQL Injection

dataease-plugin-common is vulnerable to SQL Injection. The vulnerability exists through the PluginGridSql.xml due to the lack of query validation, allowing an attacker to gain sensitive information via a maliciously crafted string outside the blacklist function...

Out-Of-Bound Read

libfreerdp.so is vulnerable to Out-Of-Bound Read. The vulnerability exists due to the integer underflow in the cBitsRemaining calculation in the zgfxdecompresssegment function of zgfx.c, which allows an attacker to read data beyond the transmitted packet range in the context of CopyMemory, leadin...

Out-Of-Bound Write

libfreerdp.so is vulnerable to Out-Of-Bound Write. The vulnerability exists due to an integer overflow in the freerdpimagecopy function of color.c when an image width or height == 0, which allows an attacker to cause out-of-bound write when image decoding is done by a proxy...

Out-Of-Bounds Write

7zip is vulnerable to Out-Of-Bounds Write. The vulnerability exists due to the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer, allowing an attacker to leverage this vulnerability to execute code in the context of the current proces...

Path Traversal

org.graylog, graylog-project-parent is vulnerable to Path Traversal. The vulnerability exists because it does not properly validate user input in the HTTP API resource, which allows an attacker to overwrite or modify sensitive files in the system...

Authorization Bypass

github.com/openfga/openfga is vulnerable to Authorization Bypass. The vulnerability exists because the number of objects returned with the ListObjects API are non-deterministic which allows an attacker to access unauthorized objects if the model contains expressions of type rel1 from type1...

Information Disclosure

RestrictedPython is vulnerable to Information Disclosure. The vulnerability arises due to the format functionality in Python which allows someone controlling the format string to "read" data from objects, including sensitive information. This vulnerability could potentially allow an attacker to...

Use After Free

Google Chrome is vulnerable to Use After Free. The vulnerability exists in the MediaStream of the library, which allows an attacker to cause heap corruption using a maliciously crafted HTML page...

Cross-site Scripting (XSS)

uasoft-indonesia/badaso and badaso/core are vulnerable to Cross-site Scripting XSS. The vulnerability exists due to a lack of sanitization in the value and text parameters in BadasoSelect.vue and BadasoSelectMultiple.vue, which allows an attacker to inject and execute malicious JavaScript...

SQL Injection

blade-core-tool is vulnerable to SQL Injection. The vulnerability exists because the parameters submitted by the user are not properly escaped, which allows an attacker to inject and execute malicious SQL queries...

XML External Entity (XXE) Injection

leshan-core is vulnerable to XML External Entity XXE Injection. The vulnerability exists because the DDFFileParser function of DDFFileParser.java and the validate function of DefaultDDFFileValidator.java does not properly sanitize external DTDs by default, which allows an attacker to inject and...

Use After Free

Firefox is vulnerable to Use After Free. The vulnerability exists when creating a callback over IPC for showing the File Picker window, which leads to memory corruption, allowing an attacker to cause an application crash by creating multiple of the same callbacks...

Use After Free

Firefox is vulnerable to Use After Free. The vulnerability exists when creating a callback over IPC for showing the Color Picker window, which leads to memory corruption, allowing an attacker to cause an application crash by creating multiple of the same callbacks...

Use After Free

Firefox is vulnerable to Use After Free. The vulnerability exists when receiving rendering data over IPC mStream, which leads to memory corruption, allowing an attacker to cause an application crash...

URL Spoofing Via Default Search Engine

Firefox is vulnerable to URL Spoofing via Default Search Engine. The default search engine in the web browser can display search queries as if they were the current URL when the query resembles a well-formed URL. This behavior might allow a malicious site, if set as the default search engine, to...

Denial Of Service (DoS)

firefox is vulnerable to Out of Memory Exception. The vulnerability occurs due to a syntax error which causes a function to attempt allocating memory when none is available causing a out of memory exception...

Memory Corruption

firefox is vulnerable to Memory corruption. The vulnerability occurs due to the JIT component UpdateRegExpStatic' trying to access initialStringHeap leading to a potential crash...

Memory Corruption

firefox is vulnerable to Memory Corruption. The vulnerability occurs due to memory safety bugs which potentially results in arbitrary code execution...

Memory Corruption

firefox is vulnerable to Memory Corruption. The vulnerability occurs due to memory safety bugs which potentially results in arbitrary code execution...

Information Disclosure

firefox is vulnerable to Information Disclosure. The vulnerability occurs within 'HttpBaseChannel' where discarded load groups weren't always unavailable, potentially resulting in browsing context not being cleared when closing a private window...

Improper Access Control

firefox is vulnerable to Improper Access Control. The vulnerability occurs due to Excel .xll add-in files not being blocked by Firefox's executable blocklist due to incorrect access control...

Information Disclosure

firefox-esr is vulnerable to Information Disclosure. The vulnerability occurs due to push notification data stored in private browser mode not being encrypted resulting in a potential leakage of sensitive information...

Information Disclosure

@apollo/server and apollo-server-core are vulnerable to Information Disclosure. The vulnerability is due to a lack sensitive information masking such as Studio API keys which can end up getting logged if they are passed incorrectly with leading/trailing whitespace or if they have any invalid...

Arbitrary Code Injection

github.com/ansible-semaphore/semaphore is vulnerable to Arbitrary Code Injection. The vulnerability exists in makeCmd function at AnsiblePlaybook.go which allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter...

Denial Of Service (DoS)

indent is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the searchbrace function in the indent.c file. The function is responsible for searching for braces in a C code file. The vulnerability occurs when the function fails to properly check the size of the buffer that i...

Denial Of Service (DoS)

nasm is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the ieeesegment function in the outieee.c file. The function is responsible for writing floating-point numbers to an output file. The vulnerability occurs when the function fails to properly check the size of the...

Denial Of Service (DoS)

qemu is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the nvmedirectivereceive function in the hw/nvme/ctrl.c file. The function is responsible for receiving a directive from an NVMe controller. The vulnerability occurs when the function tries to access a NULL pointer...

Cross-Site Scripting (XSS)

cacti is vulnerable to a cross-site scripting XSS. The vulnerability exists in the graphsnew.php file. The file is responsible for processing POST requests that are used to create new graphs. The vulnerability occurs when the file fails to properly sanitize user input. This can allow an attacker ...