Arbitrary Code Execution

libopenbabel.so is vulnerable to Arbitrary Code Execution. The vulnerability exists when parsing an input file via ReadMolecule at msiformat.cpp, which allows an attacker to inject and execute arbitrary code using a specially crafted malformed file due to an uninitialized pointer in the MSI forma...

Race Condition

libcurl.so is vulnerable to a Race Condition. The library is susceptible to a TOCTOU race condition when it saves cookies, HSTS, and alt-svc data to a file. A victim might use the data for an intended purpose, but an attacker may overwrite the protected file...

Stored Cross-Site Scripting (XSS)

october/october is vulnerable to Stored Cross-Site Scripting. The vulnerability is due to a lack of sanitization in the user authentication module, which allows an attacker to inject and execute arbitrary JavaScript into the browser...

Command Injection

paddlepaddle is vulnerable to command injection. The vulnerability exists due to a lack of user input validation in the system parameter of fs.py which allows an attacker to inject arbitrary commands into the operating system...

Denial Of Service (DoS)

paddlepaddle is vulnerable to Denial Of Service DoS. The vulnerability exists due to the heap buffer overflow in the MatrixPowerInferMeta function of unary.cc, which allows an attacker to crash the application...

Cross-site Scripting (XSS)

github.com/usememos/memos is vulnerable to Cross-site Scripting XSS. The vulnerability exists in registerResourceRoutes function at resource.go due to insufficient checks on external resources which allows an attacker to inject and execute arbitrary javascript...

Cross-site Scripting (XSS)

github.com/usememos/memos is vulnerable to stored Cross-site Scripting XSS. The vulnerability exists in registerResourcePublicRoutes function at resource.go because the resources upload feature does not restrict the type of uploaded file, allowing an attacker to inject and execute arbitrary...

Cross-site Scripting (XSS)

github.com/usememos/memos is vulnerable to stored Cross-site Scripting XSS. The vulnerability exists registerResourcePublicRoutes function at resource.go because the default-src in CSP is not properly configured which allows an attacker to bypass the CSP, inject and execute arbitrary javascript...

Out-of-Bounds Write

libopenbabel.so is vulnerable to Out-of-Bounds Writes. The vulnerability exists when parsing an input file via ReadMolecule function at msiformat.cpp which allows an attacker to inject and execute arbitrary code using a specially crafted malformed file...

Arbitrary Code Execution

libopenbabel.so is vulnerable to Arbitrary Code Execution. The vulnerability exists when parsing an input file via ReadMolecule at groformat.cpp which allows an attacker to inject and execute arbitrary code using a specially crafted malformed file...

Out-of-Bounds Write

libopenbabel.so is vulnerable to Out-of-Bounds Writes. The vulnerability exists in the translationVectors parsing functionality via ReadMolecule at mopacformat.cpp which allows an attacker to provide a malicious file that can lead to arbitrary code execution...

Cross-site Scripting (XSS)

github.com/usememos/memos is vulnerable to Cross-site Scripting XSS. The vulnerability exists because an attacker can bypass the communicating sequential processesCSP by injecting and executing malicious javascript...

Cross-site Scripting (XSS)

github.com/usememos/memos is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the registerResourcePublicRoutes function of resource.go, which allows an attacker to inject and execute malicious javascript by uploading a malicious pdf...

Cross-site Scripting (XSS)

github.com/usememos/memos is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the library does not properly validate the markdown links, which allows an attacker to inject and execute malicious javascript...

Cross-site Scripting (XSS)

github.com/usememos/memos is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the Markdown editor of the library does not properly sanitize user input, which allows an attacker to inject and execute malicious javascript...

Cross-site Scripting (XSS)

jenkins-core is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the addHyperlink function of AbstractMarkupText.java which does not properly escape the URLs before being rendered, allowing an attacker to inject and execute malicious JavaScript...

Denial Of Service (DoS)

elfutils is vulnerable to Denial Of Service DoS. The vulnerability exists due to the infinite loop in the handlesymtab function of readelf.c, allowing an attacker to cause an application crash via a maliciously crafted file...

Improper Filename Validation

Thunderbird is vulnerable to Improper Filename Validation. the vulnerability is due to a lack of preventing text direction override unicode characters in filename attachments. This can allow an attacker to attach an executable file, without the extension displayed as such...

Information Disclosure

xen is vulnerable to Information Disclosure. Under specific micro architectural circumstances, an attacker is able to potentially access sensitive user information...

Information Disclosure

typo3/cms-core is vulnerable to Information Disclosure. The vulnerability exists because calling an URI with page-id query parameters that are not part of a particular site is not properly restricted which allows an attacker to add crafted query parameters to the URL of publicly available sites a...

Arbitrary Code Execution

libopenbabel.so is vulnerable to Arbitrary Code Execution. The vulnerability exists in the ReadMolecule function at PQSformat.cpp due to a malformed file which allows an attacker to inject and execute arbitrary codes...

Cross-Site Scripting (XSS)

typo3/html-sanitizer is vulnerable to Cross-Site Scripting XSS. The vulnerability exists because a malicious text embedded in a noscript element was not encoded appropriately due to a serialization layer encoding bug, which allows an attacker to inject and execute arbitrary JavaScript when noscri...

Websocket Session Hijacking

nodebb is vulnerable to Websocket Session Hijacking. The vulnerability exists due to missing csrf token in the request which allows an attacker to gain access to private information via cross-origin websocket session hijacking...

Remote Code Execution (RCE)

org.apache.helix:helix-core and org.apache.helix:helix-rest are vulnerable to Remote Code Execution RCE. The vulnerable SnakeYAML component could be used by an attacker to deserialize Java.net.URLClassLoader and instruct it to load a JAR from a certain URL before deserializing...

Denial Of Service (DoS)

github.com/envoyproxy/envoy is vulnerable to Denial of Service DoS attacks. When the origin header is deleted and removed between decodeHeaders and encodeHeaders, the CORS filter will trigger a segmentation fault and crash the application...

Improper Authorization

github.com/envoyproxy/envoy is vulnerable to Improper Authorization. In rare circumstances, a rogue client is able to create credentials that are always valid. This occurs due to a few uncommon circumstances in which the HMAC payload might always be legitimate in the OAuth2 filter's check...

Denial Of Service (DoS)

github.com/envoyproxy/envoy is vulnerable to Denial of Service DoS attacks. When the listener is exhausted, gRPC access logs utilizing its global scope may result in a use-after-free, which allows an authenticated attacker to cause an application crash via a malicious LDS upstream...

Authentication Bypass

github.com/envoyproxy/envoy is vulnerable to Authentication Bypass. The library supports mixed-case schemes for HTTP/2; however, internal checks that are case-sensitive may result in rejections or bypasses in unencrypted connections, possibly harming htTp and htTps requests...

Cross Site Scripting (XSS)

typo3 is vulnerable to Stored XSS. The vulnerability is due to GeneralUtility::getIndpEnv function which uses unfiltered server environment variable PATHINFO and TypoScript setting config.absRefPrefix=auto. This can lead to an attacker injecting malicious content or malicious HTML code in...

Improper Permission Checks

directus is vulnerable to Improper Permission Checks. The vulnerability exists because the permission filters such as usercreated IS $CURRENTUSER are not properly checked in the library when using a GraphQL subscription, allowing an attacker to get a subscription event for which they do not have...

Denial Of Service (DoS)

paddlepaddle is vulnerable to Denial Of Service DoS. The vulnerability exists due to the heap buffer overflow in the TraceInferMeta function of unary.cc, which allows an attacker to gain sensitive information and crash the application...

Denial Of Service (DoS)

paddlepaddle is vulnerable to Denial Of Service DoS. The vulnerability exists due to the null pointer dereference in the PyObjectCheckLongOrToLong function of opfunctioncommon.cc, which allows an attacker to cause an application crash...

Use After Free

paddlepaddle is vulnerable to Use After Free. The vulnerability exists due to the lack of range checks in the axis1 parameter in the DiagonalInferMeta function of unary.cc, allowing an attacker to cause an application crash...

Denial Of Service (DoS)

github.com/taosdata/TDengine is vulnerable to Denial Of Service DoS. The vulnerability exists due to the improper input validation of the library, which allows an attacker with the create function privilege to crash the application by providing a maliciously crafted UDF nested query...

Authorization Bypass

armeria is Authorization Bypass. The vulnerability exists because the library does not properly remove matrix variables from the path on the server side when the library calls the spring controller via TomcatService or JettyService, which allows an attacker to bypass the authorization mechanism b...

Arbitrary File Write

pandoc is vulnerable to Arbitrary File Write. By providing a constructed picture element as input while creating files with the --extract-media option or outputting to PDF format, an arbitrary file write vulnerability may be exploited. This vulnerability affects systems that enable pandoc to outp...

Authorization Bypass

certifi is vulnerable to Authorization Bypasses. The application accepted e-Tugra's root certificates which were subject to an investigation prompted by reporting of security issues. The fix removes e-Tugra's root certificates as accepted...

Denial Of Service (DoS)

ImageMagick is vulnerable to Denial Of Service DoS. The vulnerability exists in BMPs which allows an attacker to cause an application crash...

Path Traversal

org.apache.shiro:shiro-web is vulnerable to Path Traversal. The vulnerability exists in InvalidRequestFilter.java because it does not properly validate downloaded files for subpaths, which allows an attacker to to write to a directory outside the restricted path...

Information Disclosure

@strapi/utils is vulnerable to Information Disclosure. The vulnerability exists because the private fields are not properly handled which allows an attacker to filter the fields and gain access to sensitive information...

Information Disclosure

@strapi/utils, @strapi/strapi and @strapi/database is vulnerable to Information Disclosure. The vulnerability exists due to the use of getters for private attributes which allows an attacker to view sensitive attributes because the privateAttributes may be removed unintentionally...

Stored XSS

Grafana is vulnerable to Stored XSS. The vulnerability is due to not sanitizing the SVG image output displayed on the browser leading to arbitrary JavaScript to be executed in the context of the currently authorized user. The attacker with an editor role can achieve vertical privilege escalation ...

Missing Authorization

sentry is vulnerable to Missing Authorization. The vulnerability exists in the download function at debugfiles.py due to not restricting file downloads to unauthenticated users of a different project which allows an attacker to perform arbitrary file downloads of debug or artifact bundles of an...

Denial Of Service (DoS)

libvirt.so is vulnerable to Denial of Service. The vulnerability exists in virStoragePoolObjListSearch of virstorageobj.c because it tries to lock the same item from another thread, which causes an application crash...

Cross-Site Scripting (XSS)

org.apache.felix: org.apache.felix.healthcheck.webconsoleplugin is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape user inputs during web page generation, allowing an attacker to inject and execute malicious javascript in the victim's browser...

Remote Code Execution (RCE)

org.apache.jena:jena is vulnerable to Remote Code Execution RCE. Lack of proper checking for user permissions in script functions allows an attacker to upload and execute malicious code on the system via a SPARQL query...

Arbitrary File Creation

org.codehaus.plexus, plexus-archiver is vulnerable to Arbitrary File Creation. The vulnerability exists due to incorrect verification in the newOutputStream function of AbstractUnArchiver.java, which allows an attacker to create arbitrary files, possibly resulting in execution of malicious code...

Insecure Signature Verification

vyper is vulnerable to Insecure Signature Verification. The vulnerability exists in buildIR function at functions.py due to not verifying the signature which allows an attacker to verify invalid signatures...

Cross-site Scripting (XSS)

contao/core-bundle is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of a validation in the input unit widget, which allows an attacker to inject and execute malicious Javascript into the browser and backend server...

Cross-Site Scripting (XSS)

copyparty is vulnerable to Cross-Site Scripting. The vulnerability exists due to a lack of user input validation in the ?k304= and ?setck= parameters which allows an attacker to inject and execute arbitrary JavaScript into the browser...