Access Control Bypass

github.com/external-secrets/external-secrets is vulnerable to Access Control Bypass. The vulnerability is due to missing namespace selector in List calls for Secret and SecretStore resources, allowing attackers to exfiltrate secrets across the cluster...

Allocation Of Resources Without Limits

Bouncy Castle is vulnerable to Allocation Of Resources Without Limits. The vulnerability is due to improper resource management due to excessive allocation in PKIX certificate path review components...

Improper Neutralization

Active Record is vulnerable to Improper Neutralization. The vulnerability is due to unescaped ANSI sequences being logged when IDs are passed to find or similar methods...

Information Disclosure

omeroweb is vulnerable to information disclosure. The vulnerability is due to error messages displayed during the Forgot Password reset process disclosing user information, which allows an attacker to enumerate or gain insights about valid users...

Arbitrary Code Execution (ACE)

future is vulnerable to Arbitrary Code Execution ACE. The vulnerability is due to the unintended automatic import of a file named test.py when the module is loaded, which allows an attacker with file write access to execute arbitrary code...

Improper Access Control

github.com/aws/amazon-ecs-agent is vulnerable to improper access control. The vulnerability is due to the introspection server being accessible off-host under certain security group configurations, which allows an attacker from another instance to gain unauthorized access to the server...

Improper Access Control

apachesuperset is vulnerable to Improper Access Control. The vulnerability is due to a missing authorization check in the /explore endpoint, which allows an attacker to enumerate datasourceid values and disclose sensitive metadata about protected datasources...

Brute-force Attack

soosyze/soosyze is vulnerable to Brute-force Attack. The vulnerability is due to missing rate-limiting and account lockout mechanisms on the /user/login endpoint, which allows an attacker to repeatedly attempt logins and potentially gain unauthorized administrative access...

Session Fixation

org.apache.tomcat, tomcat-catalin is vulnerable to Session Fixation. The vulnerability is due to improper session handling in the rewrite valve, which allows an attacker to fixate a user's session ID and potentially hijack their session...

OS Command Injection

github.com/olivetin/olivetin is vulnerable to OS Command Injection. The vulnerability is due to improper handling of user input in the ParseRequestURI function in service/internal/executor/arguments.go, which allows an attacker to inject and execute arbitrary operating system commands...

Improper Input Validation

helm.sh/helm/v3 is vulnerable to improper input validation. The vulnerability is due to improper type validation when parsing Chart.yaml and index.yaml files, which allows an attacker to cause a panic by providing malformed YAML files...

Prototype Pollution

content-security-policy-parser is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of the proto property in policy names, which allows an attacker to override the Object prototype and potentially execute arbitrary actions through prototype pollution...

Cross-Site Scripting (XSS)

Liferay Portal and Liferay DXP are vulnerable to reflected cross-site scripting XSS. The vulnerability is due to improper input handling in the “first display label” field of a custom sort widget configuration, which allows an attacker to inject malicious JavaScript that gets reflected and execut...

Allocation Of Resources Without Limits

Bouncy Castle is vulnerable to Allocation Of Resources Without Limits. The vulnerability is due to excessive resource allocation due to lack of proper limits in the handling of ASN1ObjectIdentifier in API modules...

Command Injection

activestorage is vulnerable to command injection. The vulnerability is due to unsafe defaults in the allowed list of image transformation methods, which allows an attacker to supply arbitrary input and execute malicious commands...

Denial Of Service (DoS)

Liferay Portal is vulnerable to Denial Of Service DoS. The vulnerability is due to failure to enforce the 300kb file size limit on profile picture uploads, allowing oversized files that can degrade system performance...

Denial Of Service (DoS)

helm.sh/helm/v3 is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of crafted JSON Schema files with $ref pointing to /dev/zero, which allows an attacker to exhaust system memory leading to OOM termination...

Cross-site Scripting (XSS)

enshrined/svg-sanitize is vulnerable to Cross-site Scripting XSS. The vulnerability is due to the cleanXlinkHrefs method only checking lower-case attribute names, allowing bypass of the isHrefSafeValue check and enabling XSS or external domain linking...

Improper Access Control

github.com/mattermost/mattermost-plugin-confluence is vulnerable to Improper Access Control. The vulnerability is due to missing access checks on the Confluence space when editing subscriptions, which allows an attacker to modify subscriptions for spaces they do not have access to via the edit...

Improper Access Control

github.com/mattermost/mattermost-plugin-confluence is vulnerable to Improper Access Control. The vulnerability is due to a failure to verify user access to a channel, which allows an attacker to retrieve channel subscription details without proper authorization via the API endpoint...

Improper Authentication

github.com/mattermost/mattermost-plugin-confluence is vulnerable to Improper Authentication. The vulnerability is due to missing enforcement of user authentication in the Mattermost instance, which allows an attacker to access subscription details through an unauthenticated API call to the GET...

Denial Of Service (DoS)

github.com/mattermost/mattermost-plugin-confluence is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of unexpected request bodies, which allows an attacker to repeatedly send invalid request bodies to the server webhook endpoint to crash the plugin...

Cross-site Scripting (XSS)

Liferay Portal is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input validation due to failure to sanitize user-supplied input in the googlegadget component, allowing remote attackers to inject malicious JavaScript...

Denial Of Service (DoS)

github.com/mattermost/mattermost-plugin-confluence is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of unexpected request bodies, which allows an attacker to repeatedly send invalid requests to the server webhook endpoint and crash the plugin...

Improper Access Control

github.com/mattermost/mattermost-plugin-confluence is vulnerable to Improper Access Control. The vulnerability is due to missing access checks for user permissions on channels, which allows an attacker to retrieve channel subscription details without proper authorization via the GET...

Missing Authorization

Mattermost Confluence Plugin is vulnerable to Missing Authorization. The vulnerability is due to missing authorization checks due to failure to validate user access to Confluence spaces before allowing subscription creation via the create subscription endpoint...

Two-factor Authentication Bypass

github.com/komari-monitor/komari is vulnerable to two-factor authentication bypass. The vulnerability is due to a logic error in the 2FA verification condition, which allows an attacker to bypass the two-factor authentication mechanism...

Improper Input Validation

picklescan are vulnerable to improper input validation. The vulnerability is due to a parsing logic error in handling the STACKGLOBAL opcode, where the function listglobals tracks arguments in the wrong range, which allows an attacker to bypass proper opcode processing...

Denial Of Service (DoS)

Mattermost Confluence Plugin is vulnerable to Denial Of Service DoS. The vulnerability is due to failure to handle unexpected request bodies in the update channel subscription endpoint, allowing attackers to crash the plugin...

Denial Of Service (DoS)

github.com/mattermost/mattermost-plugin-confluence is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of unexpected request bodies, which allows an attacker to repeatedly send invalid data to the channel subscription endpoint and crash the plugin...

SQL Injection

pyloadng is vulnerable to SQL Injection. The vulnerability is due to improper handling of the addlinks parameter in the /json/addpackage API, which allows an attacker to modify or delete database data leading to errors or loss...

Improper Authorization

github.com/mattermost/mattermost-plugin-confluence is vulnerable to improper authorization. The vulnerability is due to failing to check user authorization in the Mattermost instance, which allows an attacker to create a channel subscription without proper authorization via an API call to the...

Improper Resource Shutdown Or Release

org.apache.tomcat.embed, tomcat-embed-core is vulnerable to Improper Resource Shutdown or Release. The vulnerability is due to improper handling of resource shutdown, which allows an attacker to perform the "made you reset" attack...

Missing Authorization

Mattermost Confluence Plugin is vulnerable to Missing Authorization. The vulnerability is due to missing access validation due to failure to check user permissions when editing channel subscriptions via the API...

Missing Authorization

Mattermost Confluence Plugin is vulnerable to Missing Authorization. The vulnerability is due to missing access validation caused by failure to check user permissions when creating channel subscriptions via the API...

Remote Code Execution (RCE)

Apache Commons OGNL is vulnerable to Remote Code Execution RCE. The vulnerability is due to incomplete blocklist restrictions in the OGNL engine when parsing and evaluating expressions, which allows an attacker to bypass protections and potentially achieve arbitrary code execution...

Improper Authentication

Mattermost Confluence Plugin is vulnerable to improper authentication. The vulnerability is due to the failure to enforce user authentication to the Mattermost instance, which allows an attacker to edit channel subscriptions via an unauthenticated API call...

Reverse Tabnabbing

hfs is vulnerable to reverse tabnabbing. The vulnerability is due to missing rel="noopener noreferrer" when opening web links with target="blank", which allows an attacker to manipulate the original HFS tab via the window.opener property...

Cross-Site WebSocket Hijacking (CSWSH)

github.com/komari-monitor/komari, is vulnerable to Cross-Site WebSocket Hijacking CSWSH. The vulnerability is due to disabled origin checking, which allows an attacker to hijack authenticated user WebSocket connections...

Denial Of Service (DoS)

@oakserver/oak is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of specially crafted x-forwarded-proto or x-forwarded-for headers, which allows an attacker to significantly slow down an oak server...

Server-Side Request Forgery (SSRF)

Liferay Portal is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper access validation due to crafted URLs in FreeMarker templates that allow template editors to bypass restrictions...

Authentication Bypass

Fedify is vulnerable to authentication bypass. The vulnerability is due to processing forged activities before verifying that the signing key belongs to the claimed actor, which allows an attacker to impersonate any ActivityPub actor across all Fedify instances...

Arbitrary Code Execution

Keras is vulnerable to Arbitrary Code Execution. The vulnerability is due to improper validation in the Model.loadmodel method when loading specially crafted .keras model archives...

Path Traversal

tinyscientist is vulnerable to path Traversal. The vulnerability is due to improper validation of file paths in the reviewpaper function, which allows an attacker to craft malicious file paths to read arbitrary PDF files on the server, access sensitive documents, and perform reconnaissance on the...

Stack-based Buffer Overflow

libtiff.so is vulnerable to Stack-based Buffer Overflow. The vulnerability is due to insufficient validation in the readSeparateStripsToBuffer function in tiffcrop.c, allowing attackers to trigger a buffer overflow...

Server-Side Request Forgery (SSRF)

Liferay Portal is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper input validation due to user-supplied URLs in the OpenSSO authentication settings being accepted without proper validation, allowing attackers to make arbitrary HTTP requests to internal systems...

Privilege Escalation

github.com/openbao/openbao is vulnerable to Privilege Escalation. The vulnerability is due to accounts with access to privileged identity entity systems in root namespaces being able to escalate privileges to the global root policy...

Authentication Bypass

github.com/openbao/openbao is vulnerable to Authentication Bypass. The vulnerability is due to using caller-supplied usernames as aliases without normalization when usernameasalias=true in the LDAP auth method, allowing bypass of MFA requirements...

Remote Code Execution (RCE)

org.apache.cxf:cxf-rt-transports-jms is vulnerable to Remote Code Execution RCE. The vulnerability is due to allowing untrusted users to configure JMS with RMI or LDAP URLs, which could be abused for code execution...

Deserialization Of Untrusted Data

org.apache.seata:seata-serializer-fury is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to insecure deserialization due to improper handling of untrusted input data, which could allow attackers to execute arbitrary code...