Incorrect Authorization

gitlab is vulnerable to Incorrect Authorization. This allows a malicious attacker in possession of a project deploy token to use it from any location even if IP address restrictions were set...

Out Of Bounds Read

htmodoc is vulnerable to Out of Bounds flaw. The vulnerability is due poor memory management in the parsetree function of toc.cxx, which results in memory address leakage and an application crash, resulting in Denial of Service...

Denial Of Service (DoS)

htmldoc is vulnerable to Denial Of Service DoS. The vulnerability exists in the parseparagraph function of ps-pdf.cxx, which leads remote code execution and Denial Of Service conditions through the maliciously crafted file...

Incorrect Authorization

gitlab is vulnerable to Incorrect Authorization. The vulnerability is within the interactive web terminal allowing a malicious user with the developer role to open terminals on different developers...

Denial Of Service (DoS)

gitlab is vulnerable to Denial Of Service DoS. The vulnerability allows a malicious attacker to make a gitlab instance inaccessible using crafted web server response headers with inefficient regular expression complexities, resulting in a regular expression DoS...

Information Disclosure

gitlab is vulnerable to Information Disclosure. The vulnerability results in revealing a users two-factor authentication status to unauthenticated users...

Improper Access Control

gitlab is vulnerable to Improper Access Control. This vulnerability allows unprivileged users using the REST API to change labels descriptions...

Out-of-bounds Write

milkytracker is vulnerable to Out-of-bounds Write. The vulnerability is due to the 'LoaderXM::load' method which occurs when the program is supplied with a crafted XM module resulting in a out-of-bounds-write...

Information Disclosure

nagvis is vulnerable to Information Disclosure. This vulnerability occurs when Nagvis parses a specially crafted URL that points to a file on the Nagvis server. If the file exists, Nagvis will read the contents of the file and display it in the web interface which can be exploited by an attacker ...

Improper Access Control

mediawiki is vulnerable to Improper Access Control. This vulnerability occurs when a user tries to access MediaWiki from a server that is not trusted. If the server sends an X-Forwarded-For header with the IP address of a malicious user, MediaWiki will automatically block the user which can be...

Information Disclosure

mosquitto is vulnerable to Information Disclosure. This vulnerability occurs when the dynamic security plugin is used and a client is revoked the ability to make subscriptions on a topic while it is offline. In this case, the existing subscriptions for that client are not revoked, which allows th...

Buffer Overflow

php81 is vulnerable to Buffer Overflow. The vulnerability allows a malicious attacker to cause buffer overflows within the system...

XML External Entity (XXE)

php81 is vulnerable to XML External Entities XXE. The program handles XML documents that include URIs that resolve to external resources, resulting in inaccurate output and posing problems for the end product...

Arbitrary Code Execution

firefox is vulnerable to Arbitrary Code Execution. An attacker could exploit the vulnerability by creating a specially crafted web page that would cause Firefox to crash. When Firefox crashes, it would leave behind some residual memory that could be exploited by the attacker to execute arbitrary...

Arbitrary Code Execution

firefox and thunderbird are vulnerable to Arbitrary Code Execution. An attacker could exploit the vulnerability by creating a specially crafted web page that would cause Firefox to crash. When Firefox crashes, it would leave behind some residual memory that could be exploited by the attacker to...

Arbitrary Code Execution

firefox and thunderbird are vulnerable to Arbitrary Code Execution. An attacker could exploit the vulnerability by creating a specially crafted web page that would cause Firefox to crash. When Firefox crashes, it would leave behind some residual memory that could be exploited by the attacker to...

Spoofing Attacks

firefox is vulnerable to Spoofing Attacks. The vulnerability occurs when a website uses the window.open function to open a new window. If the new window is opened in full-screen mode, the malicious website can use the document.querySelector function to find the full-screen notification and then...

Denial Of Service (DoS)

firefox and thunderbird are vulnerable to Denial of Service DoS attacks. This vulnerability occurs when Firefox parses a specially crafted WebGL program. If the program is invalid, Firefox could read data from outside of the allocated memory space which could lead to a crash...

Authorization Bypass

firefox and thunderbird are vulnerable to Authorization Bypasses. The vulnerability occurs when the number of cookies per domain is exceeded in document.cookie. The actual cookie jar sent to the host is no longer consistent with expected cookie jar state. This could have caused requests to be sen...

Authorization Bypass

firefox is vulnerable to Authorization Bypasses. An attacker could exploit this vulnerability by creating a malicious website that uses a mailto URL in a full-screen notification. When the user clicks on the notification, the mailto URL will be opened in an external program, such as their email...

Type Confusion

chromium is vulnerable to Type Confusion. The vulnerability exists in the V8, which allows an attacker cause heap corruption via a maliciously crafted HTML page...

Type Confusion

chromium is vulnerable to Type Confusion. The vulnerability exists in the V8, which allows an attacker to perform arbitrary read/write via a maliciously crafted HTML page...

Denial Of Service (DoS)

firefox and thunderbird are vulnerable to Denial of Service DoS attacks. The vulnerability occurs when Firefox parses HTML with DOMParser in low memory situations which could lead to an application crash due to out-of-bounds reads...

Privilege Escalation

firefox and thunderbird are vulnerable to Privilege Escalation. An attacker could exploit this vulnerability by creating a malicious website that would show a popup notification asking for permission to access the user's files. If the user clicked on the notification, the permission would be...

Denial Of Service (DoS)

firefox and thunderbird are vulnerable to Information Disclosure. An attacker could exploit this vulnerability by creating a malicious website that would contain a specially crafted WASM module when Firefox tried to compile the module, it would crash...

Information Disclosure

firefox and thunderbird are vulnerable to Information Disclosure. An attacker could exploit this vulnerability by creating a malicious website that would contain a specially crafted off-screen canvas element. When the victim visited the website, the off-screen canvas element would be able to acce...

Denial Of Service (DoS)

firefox and thunderbird are vulnerable to Denial of Service DoS attacks. An attacker could exploit this vulnerability by creating a malicious website that would contain a specially crafted web page. When the victim visited the website, the race condition would be triggered and Firefox could crash...

Cross-site Scripting (XSS)

chromium is vulnerable to inappropriate implementation in Extensions, which allows an attacker to convince a user to install a malicious extension to inject scripts or HTML into a privileged page via a maliciously crafted Chrome Extension...

Denial Of Service (DoS)

chromium is vulnerable to Denial Of Service DoS. The vulnerability exists due to the out of bount memory access in ANGLE in the library, which allows an attacker to exploit heap corruption via a crafted HTML page...

Denial Of Service (DoS)

chromium is vulnerable to Denial Of Service DoS. The vulnerability exists due to the out of bounds read and write in the WebGL, allowing an attacker to exploit heap corruption via a crafted HTML page...

Denial Of Service (DoS)

chromium is vulnerable to Denial Of Service DoS. The vulnerability exists due to the heap buffer overflow in the Visuals in the library, which allows an attacker to exploit heap corruption via a crafted HTML page...

Type Confusion

chromium is vulnerable to Type Confusion. The vulnerability exists in the V8 of the library, which allows an attacker to perform arbitrary read/write via a crafted HTML page...

Insufficient Data Validation

chromium is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the insufficient data validation in Extensions, allowing an attacker to convince user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension...

Use After Free

chromium is vulnerable to Use After Free. The vulnerability exists in the WebRTC, allowing an attacker to cause heap corruption via a crafted WebRTC session...

Use After Free

chromium is vulnerable to Use After Free. The vulnerability exists in the Cast, allowing an attacker to cause heap corruption via a maliciously crafted HTML page...

Use After Free

chromium is vulnerable to Use After Free. The vulnerability exists in the Blink Task Scheduling, allowing an attacker to cause heap corruption via a maliciously crafted HTML page...

Denial Of Service (DoS)

dav1d is vulnerable to Denial Of Service DoS. The vulnerability exists due to the race condition in the threadtask.c, allowing an attacker to cause an application crash...

Denial Of Service (DoS)

NPTD is vulnerable to Denial Of Service DoS. The vulnerability is due when the server is not NTS-enabled no certificate, an attacker can submit a NTS-enabled client request, resulting in a server crash...

Insecure TLS Configuration

wolfssl uses Insecure TLS Configuration. When generating the session master secret, the IKM value is utilized as a default predictable buffer, which may compromise the key and make it possible for listeners to reconstruct it. This could provide access to alteration of the contents of session...

Regular Expression Denial Of Service (ReDoS)

gitlab is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists due to the insecure Regex pattern used in the DollarMathPostFilter, which allows an attacker to crash the application by sending maliciously crafted payloads to the previewmarkdown endpoint...

Regular Expression Denial Of Service (ReDoS)

gitlab is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists due to the insecure Regex pattern used in the library, which allows an attacker to crash the application by sending maliciously crafted payloads to the previewmarkdown endpoint...

Regular Expression Denial Of Service (ReDoS)

gitlab is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists due to the insecure Regex pattern used in the library, which allows an attacker to crash the application by sending maliciously crafted payloads to the previewmarkdown endpoint...

Information Disclosure

gitlab is vulnerable to Information Disclosure. This vulnerability occurs when GitLab parses a specially crafted URL that contains a directory traversal sequence. If the URL is valid, GitLab will allow the user to access files outside of the intended directory. This can be exploited by an attacke...

Authorization Bypass

gitlab is vulnerable to Authorization Bypasses. This vulnerability occurs when Windows Graphics Component WinGrphics.dll fails to properly handle specially crafted image files. An attacker can exploit this vulnerability by tricking the victim into opening a malicious image file...

Denial Of Service (DoS)

samba is vulnerable to Denial of Service DoS attacks. This vulnerability occurs when Samba parses a specially crafted RPC request. If the request is valid, Samba will enter an infinite loop. This could cause Samba to consume excessive CPU resources and eventually crash...

Type Confusion

samba is vulnerable to Type Confusion. This vulnerability occurs when samba parses a specially crafted RPC request. If the request is valid, samba could misinterpret the data in the request and cause a type confusion error, resulting in denial of service conditions...

Information Disclosure

samba is vulnerable to Information Disclosure. This vulnerability occurs when samba parses a specially crafted RPC request. If the request is valid, samba could enter an infinite loop, allowing a malicious client or an attacker to view the information that is part of the disclosed path...

Denial Of Service (DoS)

dbus is vulnerable to Denial of Service DoS attacks. This vulnerability occurs when Samba parses a specially crafted RPC request. If the request is valid, Samba could overflow a buffer and crash...

Authorization Bypass

firefox and thunderbird are vulnerable to Authorization Bypasses. This vulnerability occurs when Firefox parses a specially crafted WebDriver command. If the command is valid, Firefox could execute arbitrary JavaScript code in the context of the current web page. This could be used to steal the...

Use-After-Free

firefox and thunderbird are vulnerable to Use-After-Free. This vulnerability occurs when Firefox parses a specially crafted WebGL program. If the program is invalid, Firefox could free memory that is still in use. This could lead to a crash or arbitrary code execution...