Use After Free

mupdf is vulnerable to Use After Free. The vulnerability occurs in the svgdevtextspanaspathsdefs function within source/fitz/svg-device.c which allows a malicious attacker to parse a crafted PDF file which results in denial of service...

Cross-site Scripting (XSS)

github.com/prometheus/alertmanager is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of HTML sanitization in the generatorURL field of Alert.elm, which allows an attacker to inject and execute malicious JavaScript by sending a POST request to the /api/v1/alerts...

Insufficient Session Expiration

github.com/argoproj/argo-cd is vulnerable to Insufficient Session Expiration. The vulnerability exists because web terminal sessions in the library do not expire, which allows an attacker to send a websocket messages even if the token has already expired, leading to sensitive information...

Denial Of Service (DoS)

mosquitto is vulnerable to Denial of Service DoS attacks. This vulnerability exists due to a flaw in the way Envoy handles certain requests. A remote attacker can exploit this vulnerability to cause Envoy to crash, which could lead to a denial of service attack...

Denial Of Service (DoS)

mosquitto is vulnerable to Denial of Service DoS attacks. This vulnerability exists due to a flaw in the way the broker handles certain messages. A remote attacker can exploit this vulnerability to cause the broker to leak memory, which could eventually lead to a denial of service attack...

Authorization Bypass

perl-lwp-protocol-https is vulnerable to Authorization Bypasses. This vulnerability exists due to a flaw in the way the LWP::Protocol::https module handles certain environment variables. A remote attacker can exploit this vulnerability to disable certificate validation, which could allow them to...

Denial Of Service (DoS)

libssh2.so is vulnerable to Denial Of Service DoS. The vulnerability exists in the libssh2transportread function at transport.c due to an out of bound read which allows an attacker to cause an application crash...

Open Redirect

Horizon is vulnerable to Open Redirect. The vulnerability is due to improper URL redirects validation in the getcontextdata function of views.py, which allows an attacker to redirect a user to a malicious URL...

Denial Of Service (DoS)

libexiv2.so is vulnerable to Denial Of Service DoS. The vulnerability exists in the PngImage::printStructure function at pngimage.cpp due to a buffer overflow which allows an attacker to cause an application crash...

Arbitrary Code Execution

langchain is vulnerable to Arbitrary Code Execution. The vulnerability exists due to a lack of validation in the loadprompt parameter, which allows an attacker to execute malicious code into the system...

Denial Of Service (DoS)

libmemcached.so is vulnerable to Denial of Service DoS attacks. An attacker is able to exploit this vulnerability by sending a specially crafted UDP packet to the memcached server, which could cause the server to crash...

Denial Of Service (DoS)

libsass.so is vulnerable to Denial Of Service DoS. The vulnerability exists in CompoundSelector::hasrealparentref at astselectors.cpp due to a stack overflow which allows an attacker to cause an application crash...

Denial Of Service (DoS)

github.com/etcd-io/etcd is vulnerable to Denial of Service DoS attacks.. The vulnerability exists because the PageWriter.write function does not properly handle large requests, which an attacker to exploit this vulnerability by sending a specially crafted request that is larger than the expected...

Information Disclosure

Datasette is vulnerable to Information Disclosure. The vulnerability exists because it does not check permissions when viewing the /-/api endpoint, resulting in databases and tables disclosure to unauthenticated users...

Denial Of Service (DoS)

libsass.so is vulnerable to Denial Of Service DoS. The vulnerability exists in ComplexSelector::hasplaceholder at astselectors.cpp due to a stack overflow which allows an attacker to cause an application crash...

Denial Of Service (DoS)

libsass.so is vulnerable to Denial Of Service DoS. The vulnerability exists in CompoundSelector::hasrealparentref function at astselectors.cpp due to a buffer overflow which leads to an application crash...

Denial Of Service (DoS)

json2xml is vulnerable to Denial of Service DoS attacks. A typecode decoding error allows an attacker to cause a denial of service DoS attack via sending a specially crafted JSON file to the json2xml.Json2xml function, which would cause the application to crash...

Server-Side Request Forgery (SSRF)

org.apache.xmlgraphics:batik-script is vulnerable to Server-Side Request Forgery SSRF. An attacker is able to trick the application into loading a malicious SVG file, which could then be used to probe user data...

Arbitrary Command Injection

shescape is vulnerable to Arbitrary Command Injection. The vulnerability exists in threaded contexts on Windows, which results in improper escaping of shells, which allows an attacker to bypass shell sanitization...

Server-Side Request Forgery (SSRF)

Apache XML Graphics Batik is vulnerable to Server-Side Request Forgery SSRF. An attacker is able to trick the application into loading a malicious SVG file, which could then be used to cause excess resource consumption or make unauthorized requests to other systems...

Denial Of Service (DoS)

libeconf.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to the stack-buffer-overflow in the readfile function of getfilecontents.c, which allows an attacker to cause an application crash or execute arbitrary code...

Privilege Escalation

nodejs is vulnerable to Privilege Escalation. This vulnerability exists due to a flaw in the way the process.binding API can be used to bypass the policy mechanism. An attacker can exploit this vulnerability to gain elevated privileges...

Denial Of Service (DoS)

libdjvulibre.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to the lack of input validation in the IW44EncodeCodec.cpp when preparing the gray level conversion table, which allows an attacker to cause an application crash via divide by zero...

Use After Free

libz3.so is vulnerable to Use After Free. The vulnerability exists in the pddsimplifier.cpp when the solver attempts to simplify the constraints, which causes unexpected memory access, leading to segmentation faults or arbitrary code execution...

Remote Code Execution (RCE)

mosquitto is vulnerable to a remote code execution vulnerability. This vulnerability exists due to a flaw in the way the library handles certain requests. A remote attacker can exploit this vulnerability to execute arbitrary code on the affected system...

Improper Access Control

nodejs is vulnerable to Improper Access Control. This vulnerability exists due to a flaw in the way the module.constructor.createRequire API can be used to bypass the policy mechanism. An attacker can exploit this vulnerability to load modules outside of the policy...

Type Confusion

nodejs is vulnerable to Type Confusion. This vulnerability exists due to a flaw in the way the Module.load API handles certain modules. An attacker is able to exploit this vulnerability to cause a type confusion error, which could lead to arbitrary code execution...

Use-After-Free

chromium is vulnerable to Use-After-Free. This allows a malicious attacker to remotely compromise the render process resulting in heap corruption using a crafted HTML page...

IPv6 Local Scoped Address Disruption

opensmtpd is vulnerable to IPv6 Local Scoped Address Disruption . The vulnerability exists due to the use of inetpton3 function in the envelope.c, which allows an attacker to abort the connection by providing localy scoped IPv6 address...

Sensitive Data Exposure

answerdev/answer is vulnerable to Sensitive Data Exposure. The vulnerability is due to not sanitizing EXIF Exchangeable Image File Format image while uploading the image in profile or comment section.This can lead to attacker extract EXIF metadata containing Geolocation and many other image...

Memory Corruption

xterm is vulnerable to Memory Corruption. The vulnerability is due to ReGIS reporting character-set names even if it contains unexpected characters resulting in a pointer/overflow issue...

Race Condition

tmate-ssh-server is vulnerable to Race Condition. This vulnerability exists due to the insecure creation of temporary directories, allowing a malicious attacker to compromise the integrity of session handling locally...

Insecure Session Management

tmate-ssh-server is vulnerable to Insecure Session Management. This vulnerability exists due to a lack of proper session ID handling, which could lead to the execution of arbitrary code on the user's system...

HTTP Request Smuggling

Haproxy is vulnerable to HTTP Request Smuggling. This vulnerability exists in the HTTP/1 server, which interprets a payload as an extra request due to empty Content-Length headers being forwarded. This allows an attacker to inject malicious payloads into the system...

Remote Code Execution (RCE)

craftcms/cms is vulnerable to Remote Code Execution. The vulnerability is due to a lack of file protocol removal in FileHelper.php which allows an attacker to upload and execute malicious PHP code into the system...

Cross-Site Request Forgery (CSRF)

wallabag/wallabag is vulnerable to Cross-Site Request Forgery CSRF. Through the use of a malicious GET request to the /reset/annotations, /reset/entries, /reset/tags, or /reset/archived endpoints, an attacker is able to arbitrary reset annotations, entries, and tags...

Insufficient Session Expiration

@node-saml/node-saml is vulnerable to Insufficient Session Expiration. The vulnerability exists due to the lack of validation checks of the current timestamp in the processValidlySignedPostRequestAsync function of saml.ts, which allows an attacker to reuse LogoutRequest XML multiple times even wh...

Buffer Overflow

sox is vulnerable to Buffer Overflow. This vulnerability can be exploited by an attacker to execute arbitrary code or cause a denial of service via the lsxreadbuf function at sox/src/formatsi.c...

Use After Free

chromium is vulnerable to Use After Free. The vulnerability exists in the Device Trust Connectors, which allows an attacker to cause heap corruption via a maliciously crafted HTML page...

Use After Free

chromium is vulnerable to Use After Free. The vulnerability exists in the Audio, which allows an attacker to convince a user to engage in specific UI interaction to potentially exploit heap corruption via a maliciously crafted HTML page...

Denial Of Service (DoS)

chromium is vulnerable to Denial Of Service DoS. The vulnerability exists in the V8, which allows an attacker to exploit heap corruption via a maliciously crafted HTML page...

Denial Of Service (DoS)

chromium is vulnerable Denial Of Service DoS. The vulnerability exists due to the heap buffer overflow in Skia , which allows an attacker to exploit heap corruption via maliciously crafted HTML page through the renderer process...

Denial Of Service (DoS)

chromium is vulnerable to Denial Of Service DoS. The vulnerability exists due to the heap buffer overflow in ANGLE, which allows an attacker to exploit heap corruption via maliciously crafted HTML page...

Privilege Escalation

chromium is vulnerable to Privilege Escalation. Due to this flaw, a remote attacker may be able to use a specially created HTML page to pretend to be the security UI...

Use After Free

chromium is vulnerable to Use After Free. The vulnerability exists in the DNS, which allows an attacker exploit heap corruption via a maliciously crafted HTML page...

Improper Input Validation

chromium is vulnerable to Improper Input Validation. Through a specially created HTML page, this flaw might allow a remote attacker to get around file access limitations...

Type Confusion

chromium is vulnerable to Type Confusion. The vulnerability exists in the V8, which allows an attacker to exploit heap corruption via a maliciously crafted HTML page...

Use After Free

chromium is vulnerable to Use After Free. This vulnerability could allow a remote attacker who has elicited a browser shutdown to potentially exploit heap corruption via a crafted HTML page...

Authorization Bypass

chromium is vulnerable to Authorization Bypass. Through using a specially created HTML page, a remote attacker is be able to alter the Omnibox's the URL bar contents...

Authorization Bypass

chromium is vulnerable to Authorization Bypasses. Through the use of a specially created HTML page, an attacker who successfully tricked a user into installing a malicious extension might get around an organizational policy...