Cross-Site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the user input via the Check function, which allows an attacker to inject and execute malicious javascript on a victim's browser...

Heap-based Buffer Overflow

libopenbabel.so is vulnerable to Heap-based Buffer Overflow. The vulnerability exists in the ReadMolecule function at orcaformat.cpp when parsing an input file due to improper handling of the buffer size, which allows an attacker to provide a specially-crafted malformed file resulting in arbitrar...

Cross-Site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the comment section of index.tsx, allowing an attacker to inject and execute malicious javascript...

Cross-Site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the installreq.go does not properly sanitize the SiteName parameter, allowing an attacker to inject and execute malicious javascript...

Cross-site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the library's lack of user input sanitization, which allows an attacker to inject and execute malicious javascript...

Race Condition

github.com/answerdev/answer is vulnerable to a Race Condition. Ordinary users are able to make use of this flaw to attack the question collections of other users, perhaps causing the collection's limit to be exceeded or even causing it to be canceled. This may lead to an excess of undesirable...

Path Traversal

@simonsmith/cypress-image-snapshot is vulnerable to Path Traversal. The vulnerability exists because the library does not properly sanitize snapshot filenames, allowing an attacker to create directories or images outside the restricted directory...

Improper Access Control

github.com/answerdev/answer is vulnerable to Improper Access Control. The vulnerability exists due to the reset code leakage in RetrievePassWord function, which allows an attacker to takeover the account via the password recovery mechanism...

Cross-Site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the user inputs passed though Image upload function, which allows an authenticated attacker to inject and execute malicious javascript on a victim's browser, causing the account to ...

Improper Certificate Validation

mindsdb is vulnerable to Improper Certificate Validation. The vulnerability is due to the of verify=False when requesting post data, which disables SSL certificate verification. Security of the Requests methods depends on ensuring SSL certificates are validated. TLS greatly improve security by...

Command Injection

billz/raspap-webgui is vulnerable to Command Injection. The vulnerability exists because the activateovpncfg.php and delovpncfg.php does not properly sanitize the cfgid parameter, allowing an attacker to inject and execute malicious commands as root...

Dependency On Vulnerable Third-Party Component

cryptography contains a Dependency On a Vulnerable Third-Party Component. The use of the bundled OpenSSL component which contains several security issues which allows an attacker to disrupt secure operations in the library. Only users installing from wheels built by the cryptography pip library a...

Force Expiration Of Ethereum Name Service (ENS)

@ensdomains/ens-contracts is vulnerable to Force Expiration Of Ethereum Name Service ENS. The vulnerability exists due to the integer overflow in the renew function of BaseRegistrarImplementation.sol, which allows an attacker to reduce the expiration time of existing domains...

Improper Certificate Validation

matrixsydent is vulnerable to Improper Certificate Validation. The vulnerability exists due to the misconfiguration of TLS in emailutils.py, which potentially allows an attacker to preform Man-in-the-Middle MITM attacks resulting in sensitive email disclosure...

Cross-site Scripting (XSS)

silverstripe/admin is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the TinyMCE dependency which does not properly validate user inputs, which allows an attacker to inject and execute malicious Javascript into the browser...

Improper Package Validation

pnpm is vulnerable to Improper Package Validation. The library has the ability to produce tarballs that are harmful when installed using pnpm but safe when installed using npm or the registry. As a result, when a package is installed via pnpm, a malicious version may replace the one that was...

Predictable RADIUS ID's

pyrad is vulnerable to Predictable RADIUS ID's. The vulnerability exists in CreateID function at packet.py due to creating serialized RADIUS packet IDs which allows an attacker to predict the ID of the next packet and perform unauthorized actions...

Code Injection

net.bramp.ffmpeg:ffmpeg is vulnerable to Code Injection. An FFmpeg object can be created using the constructor in FFmpeg.java, but it does not validate the ffmpeg executable path, which allow an attacker to execute malicious code on the system...

Prototype Pollution

underscore-keypath is vulnerable to Prototype Pollution. The vulnerability exists via the name argument in the setProperty function at underscore-keypath.js which allows an attacker to inject and modify properties such as proto in the obj parameter resulting in prototype pollution...

Remote Code Execution (RCE)

tech.powerjob:powerjob-common is vulnerable to Remote Code Execution RCE. Lack of proper validation of user inputs through the instanceId parameter of InstanceDetail.java allows an attacker to upload and execute malicious code on the system...

Information Disclosure

lavalite/cms is vulnerable to Information Disclosure. The vulnerability exists due to lack of access restrictions which allows an attacker to gain access to sensitive information...

Improper Authentication

silverstripe/framework is vulnerable to Improper Authentication. The vulnerability exists due to the user creation process in Member.php, which inserts an empty password when a new user is created. While the default member authenticator and login form require a non-empty password, other...

Information Disclosure

lavalite/cms is vulnerable to Information Disclosure. The vulnerability exists due to lack of access restrictions which allows an attacker to gain access to sensitive information...

OS Command Injection

mlflow is vulnerable to OS Command Injection. The vulnerability exists in the cli due to lack of parameter checks which allows an attacker to inject and execute arbitrary commands...

Arbitrary Code Injection

org.apache.nifi: is vulnerable to Arbitrary Code Injection. The vulnerability exists in several functions which allows an authenticated attacker to submit a malicious request to configure a location that enables custom code execution...

Stored Cross-site Scripting (XSS)

phpmyfaq is vulnerable to Cross-site Scripting. The vulnerability exists due to a lack of validation in the user input of Link.php, which allows an attacker to inject and execute malicious Javascript into the browser...

CSV Injection

phpmyfaq is vulnerable to CSV injection attacks. The vulnerability exists due to lack of sanitization in formula elements in a csv file which allows attackers to inject a csv payload and execute it when administer opens the CSV file...

Code Injection

wix-embedded-mysql is vulnerable to Code Injection. The vulnerability exists because the apply function of Setup.java as does not properly check if the argument is a Mysql executable, allowing an attacker to inject and execute malicious code...

Code Injection

boofcv-io is vulnerable to Code Injection. The vulnerability exists because the createYmlObject function of CalibrationIO.java does not properly set the code point limit for the yaml parser, which allows an attacker to inject and execute malicious code by loading a maliciously crafted camera...

Code Injection

duke is vulnerable to Code Injection. The vulnerability exists because the init function of CommonJTimer.java does not restrict LDAP lookups, allowing an attacker to inject and execute malicious code...

Code Injection

webmagic-extension is vulnerable to Code Injection. The vulnerability exists because the download function of PhantomJSDownloader.java does not properly check if the phantomJsCommand is a phantomjs executable, allowing an attacker to inject and execute malicious code...

Code Injection

oscore is vulnerable to Code Injection. The vulnerability exists because the createStateless function of EJBUtils.java does not properly validate the arguments, allowing an attacker to inject and execute malicious code through an ldap lookup...

Arbitrary Code Execution

libopenbabel.so is vulnerable to Arbitrary Code Execution. The vulnerability exists due to the lack of validation in the ReadMolecule function of mopacformat.cpp, which allows an attacker to inject and execute malicious code into the system...

Information Disclosure

@saltcorn/cli is vulnerable to Information Disclosure. The vulnerability exists because it does not properly restrict unsafe plugins in subdomain tenants, which allows an admin authenticated attacker to install an unsafe plugin gain access to sensitive information from other tenants...

Denial Of Service (DoS)

getkirby/cms is vulnerable to Denial of Service. The vulnerability exists in the validatePassword function in User.php because it does not limit the password length, which can cause CPU and memory resource exhaustion when hashing if the attacker submits a password thats the the max size of a...

Out-of-Bounds Write

libopenbabel.so is vulnerable to Out-of-Bounds Writes. The vulnerability exists in the ReadMolecule function at msiformat.cpp due to the lack of input checks on the memory buffers which allows an attacker to execute arbitrary code...

Insufficient Session Expiration

getkirby/cms is vulnerable to Insufficient Session Expiration. The vulnerability exists because web sessions are not properly expired which permits an attacker to reuse old session credentials or session IDs for authorization...

Improper Neutralization

getkirby/cms is vulnerable to Improper Neutralization. The vulnerability exists in the decode function at Txt.php due to a field injection bug in the content storage implementation which allows an attacker to inject malicious data or code...

XML External Entity (XXE)

getkirby/cms is vulnerable to XML External Entity XXE. The vulnerability exists due to a lack of data handler validation in the parse function in Xml.php, which allows an attacker to submit a malicious XML file, resulting in an arbitrary file being read on the target system...

Cross-site Scripting (XSS)

getkirby/cms is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the file function at Response.php due to the MIME auto-detection of uploaded files which allows an attacker to upload a file with an arbitrary MIME type and inject arbitrary scripts...

Out-of-Bounds Write

libopenbabel.so is vulnerable to Out-of-Bounds Write. The vulnerability exists due to the MOPAC file format unit cell translation in the ReadMolecule function of mopacformat.cpp, which allows an attacker to inject and execute malicious code, causing an application to crash by providing a...

Out-of-Bounds Write

libopenbabel.so is vulnerable to Out-of-Bounds Write. The vulnerability exists in the Gaussian file format in the ReadMolecule function of mopacformat.cpp, which allows an attacker to inject and execute malicious code, causing an application to crash by providing a maliciously crafted file...

Denial Of Service (DoS)

sails is vulnerable to Denial Of Service DoS. The vulnerability exists because the buildRequest function of req.js does not properly ensure all remaining headers are strings, allowing an attacker to cause an application crash by sending a malicious virtual request when sockets are enabled...

Cross-Site Request Forgery (CSRF)

bazaar is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability exists because the library does not require POST requests for an HTTP endpoint, which allows an attacker to delete previously created Bazaar SCM tags...

Information Disclosure

chef-identity is vulnerable to Information Disclosure. The vulnerability exists because ChefIdentityBuildWrapper.xml does not properly mask the user.pem key on the form field, allowing an attacker to gain sensitive information if they have access to the global configuration file, or are able to...

Stored Cross-Site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Stored Cross-Site Scripting XSS attacks. This vulnerability allows an attackers to target other users or administrators and gain control of their accounts via executing malicious JavaScript on victim's session due to insufficient user input validations...

Cross-Site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the user input before it output to the front end, allowing an attacker to inject and execute malicious javascript on victim's browser, which leads to potential account takeover...

Cross-Site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-Site Scripting XSS. This flaw enables a malicious user to upload malicious HTML code to the profile page, stealing the identity token as soon as another user or administrator sees the profile page, which allows a different person to assume contro...

Missing Image Validation

github.com/crossplane/crossplane is vulnerable to Missing Image Validation. The vulnerability exists in imageback.go due to a lack of image validation inside the packages, which allows an attacker bypass the detection mechanism for tampered packages...

Denial Of Service (DoS)

github.com/crossplane/crossplane is vulnerable to Denial of Service DoS attacks. An arbitrary huge image could be referenced by a package created by a high-privileged user, which the library would then parse, potentially using up all the memory and causing the container to be OOMKilled, resulting...