Denial Of Service (DoS)

gitlab is vulnerable to Denial of Service DoS attacks. Bypass of healthcheck endpoints an unauthorized attacker to prevent access to GitLab resulting in denial of service conditions...

Authorization Bypass

gitlab is vulnerable to Authorization Bypasses. A branch/tag name confusion allows an attacker to manipulate pages where the content of the default branch would be expected...

Race Condition

tang is vulnerable to Race Conditions. A race condition exists in the Tang server functionality for key generation and key rotation, resulting in a small time window where Tang private keys become readable by other processes on the same host, which leads to disclosure of sensitive information...

Denial Of Service (DoS)

gpac is vulnerable to Denial of Service DoS attacks. A malicious user is able to cause an application crash due to uncontrolled recursion...

Server-Side Request Forgery (SSRF)

consul is vulnerable to Server-Side Request ForgerySSRF. When the consul client agent follows redirects returned by HTTP health check endpoints an attacker is able to cause SSRF...

Cross-Site Scripting (XSS)

gitlab is vulnerable to Cross-Site Scripting XSS attacks. It is possible to exploit the vulnerability via setting the labels colour feature which leads to a stored XSS that allows an authenticated attacker to perform arbitrary actions on behalf of victims at client side...

Denial Of Service (DoS)

qemu is vulnerable to Denial of Service DoS attacks. The flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and an application crash...

Command Injection

snapd is vulnerable to Command Injection. The vulnerability exists in the IOCTL system call handler due to lack of parameter checks which allows an attacker to inject and execute arbitrary commands...

Authorization Bypass

maradns is vulnerable to Authorization Bypasses. When the application allows variant V1 of unintended domain name resolution, a revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains...

Improper Access Control

gitlab is vulnerable to Improper Access Control. An improper access control issue allows disclosure of pipeline status to unauthorized authenticated users...

Information Disclosure

gitlab is vulnerable to Information Disclosure. It is possible for an attacker to guess a user's password by brute forcing via sending crafted requests to a specific endpoint, even if the victim user has 2FA enabled on their account...

Improper Access Control

gitlab is vulnerable to Improper Access Control. Improper control of a resource identifier in Error Tracking allows an authenticated attacker to generate content which could cause a victim to make unintended arbitrary requests...

Information Disclosure

gitlab is vulnerable to Information Disclosure. It was possible for an authenticated user to read arbitrary project content given the project's ID resulting in disclosure of sensitive information...

Improper Access Control

gitlab is vulnerable to Improper Access Control. It is possible for an unauthorized authenticated user to create issues in a project due to the improper access control mechanisms...

Authorization Bypass

gitlab is vulnerable to Authorization Bypasses. It is possible for an unauthorized authenticated user to add child epics linked to victim's epic in an unrelated group...

Information Disclosure

gitlab is vulnerable to Information Disclosure. The vulnerability allows a project maintainer to access the DataDog integration API key from webhook logs resulting in disclosure of sensitive information...

Type Confusion

modsecurity-crs is vulnerable to Type Confusion. coreruleset does not block multiple Content-Type headers, which allows an attacker to bypass a WAF with a crafted payload, which occurs when the web application relies on only the last Content-Type headers...

Cross-Site Scripting (XSS)

pimcore/customer-management-framework-bundle is vulnerable to Cross-Site Scripting XSS attacks. The vulnerability is due a lack of HTML sanitization in email templates, which allows an attacker to send an email which when a link is clicked, redirects the user to a malicious site enabling attacker...

Path Traversal

pimcore/pimcore is vulnerable to Path Traversal. A path traversal flaw exists in AssetController::importServerFilesAction, which allows an attacker to alter the pimcorelog argument, possibly overwriting or modifying sensitive files. This might also lead to illegal access, privilege escalation, or...

Denial Of Service (DoS)

qemu is vulnerable to Denial of Service DoS attacks. Because hot-unplug is async, a race condition can occur in which the net device backend is cleared before the virtio-net pci frontend is removed. This time window might be used by a malicious attacker to trigger an assertion and cause a denial ...

Arbitrary Code Execution

com.aerospike:aerospike-client is vulnerable to Arbitrary Code Execution. The vulnerability is due untrusted deserialization during client side message validation, which allows for an attacker to trick a client into connecting to a malicious server, which will then execute arbitrary code when the...

Information Exposure

github.com/answerdev/answer is vulnerable to Information Exposure. The vulnerability exists due to observable response differences when a valid user tries to reset a password, which allows an attacker to access sensitive information in the system...

Heap-based Buffer Overflow

libjpeg.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a heap-based buffer overflow via LineBitmapRequester::EncodeRegion at linebitmaprequester.cpp which allows an attacker to cause an application crash...

Captcha Bypass

github.com/answerdev/answer is vulnerable to Captcha Bypass. The vulnerability exists due to an improper captcha mechanism in captcha.go, which allows an attacker to bypass the captcha technique and create multiple user accounts...

Cross-site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of validation in the user-controllable input in markdown.go, which allows an attacker to inject and execute malicious Javascript into the browser...

Timing Attack

github.com/answerdev/answer is vulnerable to Timing Attacks. The vulnerability exists because the application does not have a constant login attempt response time. which allows an attacker to brute force valid account email addresses...

Cross-site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to lack of sanitization of SiteName parameter in installreq.go which allows an attacker to inject and execute malicious Javascript into the browser...

Authentication Bypass

github.com/answerdev/answer is vulnerable to Authentication Bypass. The vulnerability exists due to missing authorization checks for user roles which allows an attacker to gain access to perform unauthorized actions...

Cross-site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the Markdown2HTML function at markdown.go due to a lack of input sanitization, which allows an attacker to inject and execute arbitrary HTML or javascript...

Reachable Assertion

libjpeg.so is vulnerable to Denial Of Service DOS. The vulnerability is due to a reachable assertion via BitMapHook::BitMapHook at bitmaphook.cpp...

Improper Session Management

github.com/answerdev/answer is vulnerable to Improper Session Management. The vulnerability exists in UserLogout function at usercontroller.go due to improper cache handling during the admin logout which allows an attacker to use the token to gain unauthorized access to the application even after...

Business Logic Errors

github.com/answerdev/answer is vulnerable to Business Logic Errors. The vulnerability exists in UpdateUserPassword function at userbackyard.go because the password restrictions are not properly set which allows an attacker to lock victims out of their account...

Weak Password Requirements

github.com/answerdev/answer is vulnerable due to Weak Password Requirements. The vulnerability exists because the password policy mechanism in the account registration allows users to create weak passwords, even with spaces, which could result in account takeovers...

Improper Access Control

github.com/answerdev/answer is vulnerable to Improper Access Control. The vulnerability exists due to the usage of guessable CAPTCHA which allows an attacker to solve a captcha and brute force login attempts...

Cross-Site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape user input while adding a new comment, allowing an attacker to inject and execute malicious javascript on victim's browser...

Cross-Site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the special characters before it output to the front end via the Question Tag, which allows an attacker to inject and execute malicious javascript on victim's browser...

Cross-Site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the user input inserted through sitename parameter before it output to the front end, allowing an attacker to inject and execute malicious javascript on a victim's browser...

Race Condition

github.com/answerdev/answer is vulnerable to Race Condition. The vulnerability exists in the library's upVote and downVote functions, which allow an attacker to increase and decrease votes through a race condition...

Cross-Site Scripting (XSS)

github.com/golang/net is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape user input in text nodes outside the HTML namespace, allowing an attacker to inject and execute malicious JavaScript on a victim's browser...

Heap-based Buffer Overflow

libmp4v2.so is vulnerable to Heap-based Buffer Overflow. The vulnerability is due to not validating the input parameter newSize of function Resize in the file mp4array.h . This can lead to buffer overflow while allocating memory to MP4Array array...

Improper Session Management

github.com/answerdev/answer is vulnerable to Improper Session Management. The vulnerability exists because the session does not expire after a password change, allowing an attacker to reuse the old session credentials or session IDs for authorization...

Denial Of Service (DoS)

github.com/golang/go is vulnerable to Denial Of Service DoS. The vulnerability exists because handshakeclient.go does not set a max RSA key size, which can lead to extremely large RSA keys in certificate chains causing a client to expend significant CPU time to verify signatures. The fix sets the...

Denial Of Service (DoS)

golang.org/x/image is vulnerable to Denial Of Service DoS. The vulnerability exists because reader.go does not properly limit the size of compressed tiff data while decoding, which allows an attacker to cause an application slowdown by providing a maliciously crafted image...

Denial Of Service (DoS)

golang.org/x/image is vulnerable to Denial of Service DoS. The vulnerability exists when reader.go parses a tiled tiff image with a height of 0, and has a very large width which results in excessive CPU consumption while decoding, possibly allowing an attacker to cause an application crash or...

Denial Of Service (DOS)

libbzip3.so is vulerable to Denial Of Service. The vulnerability is due to not setting zeroed temporary array while interacting with libsais in the function bz3new in file libbz3.c resulting in Denial Of Service attack...

Out-of-Bounds Write

libopenbabel.so is vulnerable to Out-of-Bounds Write. The vulnerability exists in the orca file format in the ReadMolecule function of orcaformat.cpp, which allows an attacker to inject and execute malicious code, by providing a maliciously crafted file...

Out-of-bounds Read

libbzip3.so is vulnerable to Out-of-bounds Read. The vulnerability is due to not validating input parameters correctly in the function process inside main.c file. This leads to out-of-bounds-read...

Out-of-Bounds Write

libopenbabel.so is vulnerable to Out-of-Bounds Write. The vulnerability exists in the CSR format in the WriteMolecule function of CSRformat.cpp, which allows an attacker to inject and execute malicious code, by providing a maliciously crafted file...

Out-of-Bounds Write

libopenbabel.so is vulnerable to Out-of-Bounds Write. The vulnerability exists in the Gaussian file format in the ReadMolecule function of gaussformat.cpp, which allows an attacker to inject and execute malicious code, causing an application to crash by providing a maliciously crafted file...

Code Injection

libopenbabel.so is vulnerable to Code Injection. The vulnerability exists in ReadMolecule function at PQSformat.cpp when parsing an input file which allows an attacker to parse a specially crafted malformed file resulting in an arbitrary code execution...