Cross-Site Scripting (XSS)

spipu/html2pdf is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to lack of sanitization in forms.php which allows an attacker to inject and execute arbitrary JavaScript...

Regular Expression Denial Of Service (ReDoS)

@adobe/css-tools is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability exists in index.ts due to improper input validations which allows an attacker to cause an application slowdown when parsing CSS...

Denial Of Service (DoS)

wireshark is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the packet-cp2179.c file. The file is responsible for decoding CP2179 packets. The vulnerability occurs when the file fails to properly check the length of a packet. This can cause Wireshark to divide by zero,...

Path Traversal

Zip Swift is vulnerable to Zip Path Traversal vulnerability Zip Slip. The vulnerability is due to not sanitizing zip entry while extracting zip files in a destination directory inside a unzipFile function. An attacker can a create a maliciously crafted zip entry which can be extracted to arbitrar...

Denial Of Service (DoS)

github.com/libp2p/go-libp2p is vulnerable to Denial of Service. The vulnerability exists because it does not garbage collect signed peer records, which can lead to out-of-memory conditions resulting in an application crash...

Archive Spoofing

BorgBackup is vulnerable to Archive Spoofing. The vulnerability is due a flaw in the cryptographic authentication scheme, which could potentially allow an attacker to create fake archives and indirectly cause data loss in the backup repository...

Path Traversal

gitpython is vulnerable to Path Traversal. The vulnerability exists in getrefinfohelper function of symbolic.py because it does not properly validate the local file path, which allows an attacker to access files outside the expected directory...

Denial Of Service (DoS)

radare2 is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the rsleb128 function in the radare2 codebase. The function is responsible for decoding SLEB128 encoded values. The vulnerability occurs when the function fails to properly check the size of a buffer. This can all...

Denial Of Service (DoS)

radare2 is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the vaxopfunction function in the radare2 codebase. The function is responsible for parsing and decoding VAX instructions. The vulnerability occurs when the function fails to properly check the size of a buffer...

Denial Of Service (DoS)

radare2 is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the rregsetvalue function in the radare2 codebase. The function is responsible for setting the value of a register. The vulnerability occurs when the function fails to properly free a memory buffer. This can allow...

Denial Of Service (DoS)

radare2 is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the rreggetnameidx function in the radare2 codebase. The function is responsible for getting the name index of a register. The vulnerability occurs when the function fails to properly free a memory buffer. This ca...

Denial Of Service (DoS)

radare2 is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the rreadle32 function in the radare2 codebase. The function is responsible for reading a 32-bit integer from a memory buffer. The vulnerability occurs when the function fails to properly check the size of the...

Arbitrary Code Execution

gitpython is vulnerable to Arbitrary Code Execution. The vulnerability exists because it does not properly validate the git executable. If a malicious repository packages a git executable, the library will default to using that executable when importing gitpython on Window. If an attacker tricks ...

Denial Of Service (DoS)

radare2 is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the coreanalfcn function in the radare2 codebase. The function is responsible for analyzing a binary file. The vulnerability occurs when the function tries to access a memory address that is null. This can cause t...

Information Leak

The MongoDB Driver is vulnerable to Information Leak. The vulnerability is due to the MongoDB Drivers erroneously publishing events containing authentication-related data to a command listener configured by an application. An attacker can get hold of this sensitive information when he accesses it...

Buffer Overflow

libfrr.so, is vulnerable to Buffer Overflows. The vulnerability exists in the bgpcapabilitysoftwareversion function at bgpopen.c due to not properly handling the buffer size, which allows an attacker to cause an application crash...

OS Command Injection

find-exec is vulnerable to Command Injection. The vulnerability is due to inadequate user input shell sanitization. An attacker could exploit this vulnerability by manipulating input parameters, thereby executing harmful shell commands within the context of the running process...

Out-of-bounds Read

libfrr.so is vulnerable to Out-of-bounds Reads. The vulnerability exists in the bgpattraigpvalid function at bgpattr.c because it does not properly validate the availability of two bytes during AIGP validation, which allows an attacker to cause an application crash...

Authorization Bypass

chromium is vulnerable to Authorization Bypasses. The vulnerability exists in the DevTools module of Google Chrome. The module is responsible for providing developers with tools to debug and inspect web pages. The vulnerability occurs when the module fails to properly check the permissions of a...

Denial Of Service (DoS)

imagemagick is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the ReadEnhMetaFile function in the coders/emf.c file. The function is responsible for decoding Enhanced Metafile EMF images. The vulnerability occurs when the function attempts to divide by zero, which causes...

Denial Of Service (DoS)

binutils is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the bfddwarf2findnearestlinewithalt function in the dwarf2.c file. The function is responsible for finding the nearest line number for a given address in an ELF file. The vulnerability occurs when the function...

Denial Of Service (DoS)

binutils is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the findabstractinstance function in the dwarf2.c file. The function is responsible for finding the nearest line number for a given address in an ELF file. The vulnerability occurs when the function fails to...

Denial Of Service (DoS)

binutils is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the loadseparatedebugfiles function in the dwarf2.c file. The function is responsible for loading debug information from separate ELF files. The vulnerability occurs when the function fails to properly check the...

Arbitrary Code Execution

7zip is vulnerable to Arbitrary Code Execution. This vulnerability exists due to a flaw in the way 7-Zip parses 7Z files. A remote attacker can exploit this vulnerability by tricking the victim to open a specially crafted archive, which could lead to arbitrary code execution on the victim's syste...

Arbitrary Code Execution

Pagekit/pagekit is vulnerable to Arbitrary Code Execution. The vulnerability exists because the updateAction function in UpdateController.php blindly executes code in the uploaded requirements.php file which allow an admin authenticated attacker to execute malicious code into the system...

Heap Buffer Overflow

libyara.so is vulnerable to heap-based buffer overflow. The vulnerability exists because it does not properly manage memory in exec.c, which allows an attacker to parse a crafted compiled rule file, causing an application crash...

Deserialization Of Untrusted Data

Apache Airflow Spark Provider is vulnerable to deserialization of untrusted data. The vulnerability occurs when an authorized Airflow user configures Spark hooks on an Airflow node pointing it to a malicious Spark server in an Airflow deployment causing arbitrary code to be run on that Airflow...

Use After Free

libgpac.so is vulnerable to Use After Free. The vulnerability exists due to the heap-use-after-free in the gfisomboxparseex function of boxfuncs.c, which allows an attacker to cause an application crash...

URL Redirection To Untrusted Site ('Open Redirect')

jupyter-server is vulnerable to open redirect vulnerability. The vulnerability occurs due to not validating the redirect urls generated as part of the login flow. An attacker can trick a user into clicking a login link to jupyter server which includes malicious url redirect...

PGP Signature Spoofing

openpgp is vulnerable to PGP Signature Spoofing. The vulnerability exists due to ignoring text before the hash: ... section. An attacker can append text to the start of of the line, which will appear as signed but the library ignores verifying it...

Remote Code Execution (RCE)

rar is vulnerable to Remote Code Execution RCE. This vulnerability exists due to a flaw in the way WinRAR parses recovery volume names in the old RAR 3.0 format. A remote attacker can exploit this vulnerability by tricking the victim to open a specially crafted archive, which could lead to...

Regular Expression Denial Of Service (ReDoS)

mathjax is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability exists due to inefficient regular expression complexity in the components and markdown patterns, which allows an attacker to slow down the application if they can control the input to the MathJax.Message.Set or...

Remote Code Execution

Apache Airflow Scoop Provider is vulnerable to Remote Code Execution RCE. The vulnerability is caused by not validating/sanitizing the connection url used to import data from RDBMS e.g MySQL or Oracle into the Hadoop Distributed File System HDFS. The attacker can execute malicious commands by...

Improper Access Control

jupyter-server is vulnerable to Improper Access Control. The vulnerability occurs due to not implementing authorization check when opening untrusted files via "Open image in new tab" feature of the browser. The attacker can access unauthorized files compromising users confidentiality...

Path Traversal

PF4J is vulnerable to Path Traversal. The vulnerability exists in the extract function in Unzip.java due to a lack of path validation which allows an attacker to obtain sensitive information and execute arbitrary code via the expandIfZip parameter...

Path Traversal

PF4J is vulnerable to Path Traversal. The vulnerability exists in the extract function in Unzip.java due to a lack of path validation which allows an attacker to obtain sensitive information and execute arbitrary code via the loadpluginPath parameter...

Path Traversal

PF4J is vulnerable to Path Traversal. The vulnerability exists in the extract function in Unzip.java due to a lack of path validation which allows an attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

Out-of-bounds Reads

libfrr.so is vulnerable to Out-of-bounds Reads. The vulnerability exists in bgprouterefreshreceive function at bgppacket.c due to improper buffer stream handling which allows an attacker to read the initial byte of the ORF header in an ahead-of-stream situation...

Denial Of Service (DoS)

libfrr.so is vulnerable to Denial Of Service DoS. The vulnerability exists in NLRIATTRARG function at bgppacket.c due to a NULL pointer dereference when the attribute length is zero, which allows an attacker to cause an application crash...

Arbitrary Code Execution

apparmor is vulnerable to Arbitrary Code Execution. This vulnerability exists due to a flaw in the way AppArmor compiles mount rules. A local attacker can exploit this vulnerability by mounting a specially crafted filesystem, which could lead to arbitrary code execution...

Denial Of Service (DoS)

opensc is vulnerable to Denial of Service. The vulnerability exists in card-tcos.c due to a stack overflow error in APDU, which allows an attacker to cause an application crash or potentially execute arbitrary code...

Denial Of Service (DoS)

binutils is vulnerable to Denial of Service DoS attacks. This vulnerability exists due to a flaw in the way objdump parses certain ELF files. A remote attacker can exploit this vulnerability by sending a specially crafted ELF file, which could lead to an application crash...

Denial Of Service (DoS)

python3.9 is vulnerable to Denial of Service DoS attacks. This vulnerability exists due to a flaw in the way the plistlib module parses certain Apple Property List plist files in binary format. A remote attacker can exploit this vulnerability by sending a specially crafted plist file, which could...

XML External Entity (XXE)

python3.9 is vulnerable to XML External Entity XXE. This vulnerability exists due to a flaw in the way the plistlib module parses certain XML plist files. An attacker can exploit this vulnerability by sending a specially crafted plist file that references an external entity, which could allow the...

Timing Attack

python3.9 is vulnerable to Improper Access Control. The vulnerability exists due to a flaw in the way the hmac.comparedigest function in the Lib/hmac.py module compares two message digests. An attacker can exploit this vulnerability to distinguish between different message digests, which could be...

Denial Of Service (DoS)

file is vulnerable to Denial of Service DoS attacks. This vulnerability exists due to a flaw in the way the filecopystr function in the funcs.c file copies a string from one buffer to another. An attacker can exploit this vulnerability to corrupt the stack, which could lead to a crash...

Denial Of Service (DoS)

imagemagick is vulnerable to Denial of Service DoS attacks. The vulnerability exists due to a flaw in the way the identify command handles certain image files. A remote attacker can exploit this vulnerability to cause the ImageMagick process to leak memory, which could eventually lead to a denial...

Authorization Bypass

cacti is vulnerable to Authorization Bypass. This vulnerability exists due to improper validation in the PHP code of the cactildapauth function. A remote attacker can exploit this vulnerability to bypass authentication and gain unauthorized access to the Cacti web interface...

Privilege Escalation

perl is vulnerable to Privilege Escalation. This vulnerability exists due to a flaw in the way the Sfinduninitvar function in the sv.c file handles certain variables. A remote attacker can exploit this vulnerability to crash the Perl interpreter or execute arbitrary code...

Use After Free

Firefox is vulnerable to Use After Free. The vulnerability exists if the Refresh Driver is destroyed at an inopportune time, which allows an attacker to cause an application crash through the memory corruption via malicious SVG image...