Denial Of Service (DoS)

gRPC is vulnerable to Denial Of Service DoS. The vulnerability exists because the file descriptor is not properly handled, which leads to the termination of the connection between a proxy and a backend when a hpack table accounting errors occur, allowing an attacker to cause an application crash ...

Denial Of Service (DoS)

libpodofo.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to the heap buffer overflow in the readXRefStreamEntry functionality used in the parseStream function of PdfXRefStreamParserObject.cpp, allowing an attacker to cause an application crash...

Denial Of Service (DoS)

qemu is vulnerable to Denial Of Service DoS. This occurs when a previous connection in the handshake phase fails, resulting in qemu cleaning up the connection again leading to DoS...

Out-of-bounds Write

qemu is vulnerable to Out-of-bounds Write. This vulnerability occurs since there is no check for the value of 'srclen' and 'dstlen' in 'virtiocryptosymophelper' resulting in a heap-based buffer overflow...

Denial Of Service (DoS)

qemu is vulnerable to Denial of Service DoS. A wrong exit condition within qemu may lead to an infinite loop in the 'inflatebuffer' function resulting in a denial of service...

Information Disclosure

xen is vulnerable to Information Disclosure. This vulnerability occurs when an attacker can influence the return address prediction of a victim's process which could allow the attacker to gain access to sensitive information in the victim's system...

Obfusticated Email Address Exfiltration

moq is vulnerable to Email Address Exfiltration. The vulnerability is due to including the SponsorLink.dll in version 4.20.0, which secretly exfiltrates the email address set in the user.email config parameter of git. This email address is hashed and sent to devlooped.com over TLS. The hidden...

Illegal Memory Access

libcaca.so is vulnerable to Illegal Memory Access. The vulnerability exists in common-image.h because the size of the w and h parameters are not properly handled which allows an attacker to access memory and cause an application crash...

Divide By Zero

libcaca.so is vulnerable to Denial Of Service DoS Through Divide By Zero. The vulnerability exists due to a floating point exception in cacaditherbitmap function at dither.c which allows an attacker to cause an application crash...

Integer Overflow

libcaca.so is vulnerable to Integer Overflow. The vulnerability exists because the function cacadither in dither.c does not allocate a proper size of memory for the w and h parameters in the BMP loader, causing an integer overflow for 24bpp data...

Information Disclosure

ASP.NET Core SignalR and Visual Studio is vulnerable to Information Disclosure. This vulnerability occurs when a user sends a specially crafted message to a SignalR hub. If the message is valid, the user can obtain sensitive information, such as the names of other users in the hub...

SQL Injection

trytond is vulnerable to SQL Injection. The vulnerability is due to improper SQL sanitization in modelsql.py, allowing an authenticated attacker to inject and execute malicious SQL queries into the system when reading fields without an SQL type...

Denial Of Service (DoS)

libkrb5.so is vulnerable to Denial Of Service DoS. The vulnerability exists in the xdrkadm5principalentrec function of kadmrpcxdr.c because it does not validate the relationship between nkeydata and keydata array count when decoding, leading to the leakage of some memory or freeing uninitialized...

Information Disclosure

matrix-appservice-irc is vulnerable to Information Disclosure. Using an event ID as a target, an attacker is able to leak a portion of a specified messaging event from another bridged room, resulting in disclosure of sensitive information...

Information Disclosure

IntelR Processors are vulnerable to Information Disclosure. This vulnerability occurs when an attacker uses a specially crafted instruction to access stale data from previously used vector registers on the same physical core. This could allow the attacker to infer sensitive information, such as...

Cross-site Scripting (XSS)

critters is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to parsing documents from decoded entities within the HTML document, which can result in HTML escapes being undone, resulting in XSS...

Weak Cryptography

github.com/supranational/blst is vulnerable to Weak Cryptography. The vulnerability exists due to logic errors in SigValidate function which results in group-check omission...

Denial Of Service (DoS)

go-libp2p is vulnerable to Denial Of Service DoS. The vulnerability exists during the Noise handshake and the libp2p x509 extension verification step which allows an attacker to use large RSA keys causing resource exhaustion...

Error Injection

Intel-ucode is vulnerable to Unauthorized Error Injection. The vulnerability enables a privileged user to potentially escalate the privileges via local access...

Authentication Bypass

sentry is vulnerable to Authentication Bypass. The vulnerability exists due to the lack of a OIDC signing token inside the authentication mechanism which allows an attacker with sufficient client-side exploits to get a valid OAuth token for another user...

Denial Of Service (DoS)

com.fasterxml.jackson.dataformat: jackson-dataformat-toml is vulnerable to Denial of Service DoS attacks. The vulnerability is due a lack of a max nesting depth; If the TOML parser is run on user supplied input an attacker is able to cause a stackoverflow, resulting in an application crash...

Remote Code Execution (RCE)

Microsoft.NET.Build.Containers is vulnerable to Remote Code Execution RCE. The vulnerability exists when some dotnet commands are used in directories with weaker permissions, which allows an attacker to inject and execute malicious code...

Denial Of Service (DoS)

.NET and ASP.NET are vulnerable to Denial Of Service DoS. The vulnerability exists in the Kestrel web server, which allows an attacker to bypass the QUIC stream limit in HTTP/3, resulting in an application crash...

Information Disclosure

intel-ucode is vulnerable to Information Disclosure. This vulnerability occurs due to a flaw in the way that the processors handle the management engine interface. An attacker with physical access to the system can exploit this vulnerability to gain unauthorized access to the management engine...

Denial Of Service (DoS)

ASP.NET and .NET are vulnerable to Denial of Service. The vulnerability is due to the Kestrel web server detecting a malicious client but failing to disconnect, resulting in Denial of Service...

Buffer Overflow

libqb.so is vulnerable to Buffer Overflows. The vulnerability is due to poor memory management in the blackboxvlogger function of logblackbox.c, because the header is not considered part of the buffer size, which allows an attacker to cause a buffer overflow resulting in an application crash...

Improper Input Validation

prestashop/prestashop is vulnerable to Improper Input Validation. The vulnerability exists in the delete function at CustomerMessage.php because the file input is not properly handled which allows an attacker delete an arbitrary file...

Cross-site Scripting (XSS)

prestashop/prestashop is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to missing restricted html tags in the isCleanHTML method of Validate.php which allows an attacker to inject and execute malicious Javascript...

SQL Injection

prestashop/prestashop is vulnerable to SQL Injection. The vulnerability is due to improper SQL sanitization in Db.php, allowing an authenticated attacker to inject and execute malicious SQL queries into the system...

Improper Input Validation

prestashop/prestashop is vulnerable to Improper Input Validation. The vulnerability exists in the delete function of Attachment.php because the file parameter is not properly handled which allows an attacker to delete arbitrary files...

Path Traversal

prestashop/prestashop is vulnerable to Path Traversal. The vulnerability exists in FileRemoval.php because it does not properly validate imported file for deletion, which allows an attacker to write to a directory outside the restricted path...

Path Traversal

prestashop/prestashop is vulnerable to Path Traversal. The vulnerability exists in the getEmailHTML function at AdminTranslationsController.php due to improper access control in the displayAjaxEmailHTML function which allows an attacker to read any file on the server...

SQL Injection

prestashop/prestashop is vulnerable to SQL Injection. The vulnerability is due to improper SQL sanitization in ProductRepository.php, allowing an authenticated attacker to inject and execute malicious SQL queries into the system...

Privilege Escalation

sentry is vulnerable to Privilege Escalation. An authenticated attacker is able to take advantage of an access token with a restricted scope by requesting a list of all user-created tokens, including those with wider scopes from the /api/0/api-tokens/ endpoint, resulting in privilege escalation...

Command Injection

scancodeio is vulnerable to Command Injection. The vulnerability exists due to the lack of validation in the dockerreference parameter of the fetchdockerimage function of fetch.py, which allows an attacker to append malicious commands through the docker fetch process...

Arbitrary Code Execution

ses is vulnerable to Arbitrary Code Execution. Without a Content-Security-Policy, a guest application in a compartment is able to import arbitrary code on the host using the spread operator. This permits HTTP requests that result in code execution from the origin...

Arbitrary Code Execution

import-in-the-middle is vulnerable to Arbitrary Code Execution. The vulnerability exists due to the lack of sanitization in the getSource function of hook.js, which allows an attacker to inject and execute malicious code in the import function...

Improper Validation

code.gitea.io/gitea is vulnerable to Improper Validation. The vulnerability exists because Migration Downloaders can change the CloneURL which is improperly validated, allowing an attacker to redirect users to a malicious clone URL...

Incorrect Re-Entrancy Lock Allocation

vyper is vulnerable to Incorrect Re-Entrancy Lock Allocation. The allocation of named re-entrancy locks is flawed, which makes cross-function re-entrancy possible in contracts, because each function employing a named re-entrancy lock receives a distinct lock independent of the key under a specifi...

Denial Of Service (DoS)

mariadb is vulnerable to Denial of Service DoS attacks. The vulnerability occurs when MariaDB attempts to print a warning message for a query that fails. If the query contains a NULL value, MariaDB could dereference a NULL pointer and crash...

Insufficient Session Expiration

admidio/admidio is vulnerable to Insufficient Session Expiration. The vulnerability exists due to the user cache in Session.php which allows a user to use an access token to login even when its invalid...

Cross-site Scripting (XSS)

cockpit-hq/cockpit is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to bootstrap.php accepting html files as an upload, which allows an attacker to inject and execute malicious Javascript into the browser...

Remote Code Execution

cockpit-hq/cockpit is vulnerable to Remote Code Execution RCE. The vulnerability exists due to a lack of file upload sanitization in bootstrap.php which allows an attacker to inject and execute malicious PHP code by uploading a php file with an extension such as phps...

Arbitrary Command Injection

matrix-appservice-irc is vulnerable to Arbitrary Command Injection. The vulnerability exists due to improper handling of commands with newlines \n which allows an attacker to inject and execute arbitrary commands on the IRC bridge bot...

Improper Authentication

matrix-appservice-bridge is vulnerable to Improper Authentication. The vulnerability exists in postExchangeOpenId function at api.ts because it does not reject foreign users in OpenID responses which allows an attacker to perform unauthorized actions as the spoofed user...

Path Traversal

github.com/projectdiscovery/nuclei is vulnerable to Path Traversal. The vulnerability exists when to the sandbox feature is turned on, which results in path traversal due to lack of sanitization when loading payloads, resulting in attacker to reading arbitrary files in the file system...

Information Disclosure

librsvg is vulnerable to Information Disclosure. This vulnerability occurs when Libsvg parses a specially crafted SVG file that contains a directory traversal sequence. If the file is valid, Libsvg could allow the user to access files outside of the intended directory. This could be exploited by ...

Command Injection

billz/raspap-webgui is vulnerable to Command Injection. The vulnerability exists due to the lack of sanitization of the entity parameter in the /ajax/networking/getwgkey.php POST endpoint, which allows an attacker to inject and execute malicious OS commands as root...

Server-Side Template Injection (SSTI)

pyrocms/pyrocms is vulnerable to Server-Side Template Injection SSTI. The vulnerability exists due to dynamic templates used to generate web pages, which allows an admin authenticated attacker to inject a command which will execute arbitrary code on the server...

Arbitrary Code Execution

langchain is vulnerable to Arbitrary Code Execution. The vulnerability exists in the frommathprompt function at langchain.chains.PALChain which allows an attacker to execute arbitrary codes through prompt injection...