Denial Of Service (DoS)

github.com/gofiber/fiber is vulnerable to Denial of Service DoS. The vulnerability is due to improper input validation when parsing form data with excessively large numeric slice indexes, leading to integer overflow or memory exhaustion and application crash...

Command Injection

mcp-package-docs is vulnerable to command injection. The vulnerability is due to unsanitized input passed to childprocess.exec, which allows an attacker to inject arbitrary system commands and achieve remote code execution under the server process's privileges...

Arbitrary Code Execution (ACE)

topthink/framework is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper input handling in the routecheck function, which allows an attacker to execute arbitrary code remotely...

Cross-site Scripting (XSS)

com.liferay:com.liferay.captcha.impl are vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper captcha validation which allows attackers to bypass verification and execute scripts in the Gogo shell...

Heap Buffer Overflow

libsquid.so is vulnerable to Heap Buffer Overflow. The vulnerability is due to improper buffer management when processing URN requests, which may allow remote code execution...

Weak Encryption

jose is vulnerable to weak encryption. The vulnerability is due to encryption algorithms that are claimed to not meet recommended security standards, which allows an attacker to potentially bypass intended cryptographic strength...

NULL Pointer Dereference

libtiff is vulnerable to Null Pointer Dereference. The vulnerability is due to lack of validation in the PSLvl2page function of tiff2ps.c, which can trigger a null pointer dereference under specific configurations...

Path Traversal

IPX is vulnerable to Path Traversal. The vulnerability is due to reliance on raw string prefix comparison without ensuring a path separator, allowing path prefix bypass...

Command Injection

@anthropic-ai/claude-code is vulnerable to Command Injection. The vulnerability is due to the confirmation prompt being bypassed, allowing execution of untrusted commands if malicious content is injected into the context window...

SQL Injection

adodb/adodb-php is vulnerable to SQL Injection. The vulnerability is due to improper escaping of query parameters due to crafted table names being passed to the metaColumns, metaForeignKeys, or metaIndexes methods when connected to a sqlite3 database...

Null Pointer Dereference

libtiff.so is vulnerable to Null Pointer Dereference. The vulnerability is due to improper handling in the t2preadtiffinit function of tools/tiff2pdf.c in the fax2ps component, which allows a local attacker to trigger a null pointer dereference under complex conditions...

Improper Input Validation

github.com/grafana/grafana-infinity-datasource is vulnerable to Improper Input Validation. The vulnerability is due to insufficient validation of allowed URL restrictions, which allows an attacker to bypass configured URL checks using a specially crafted URL...

Missing Origin Validation

org.apache.zeppelin, zeppelin-shell is vulnerable to Missing Origin Validation. The vulnerability is due to lack of origin validation in WebSocket connections, which allows an attacker to access the Zeppelin server from another origin and retrieve internal information about paragraphs...

Remote Code Execution (RCE)

pyloadng is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe path construction in the addcrypted endpoint via the package parameter, which allows unauthenticated attackers to write arbitrary files outside the designated directory, enabling privilege escalation and remot...

Regular Expression Denial Of Service (ReDoS)

copyparty is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to allowing arbitrary RegEx inputs in the filter parameter of the "Recent Uploads" page, which allows an attacker to craft a malicious regex that deadlocks the server...

Path Traversal

@anthropic-ai/claude-code is vulnerable to Path Traversal. The vulnerability is due to using prefix matching instead of canonical path comparison, which allows bypassing directory restrictions and accessing files outside the CWD if a directory with the same prefix exists and untrusted content is...

Improper Input Validation

org.apache.zeppelin, zeppelin-jdbc is vulnerable to Improper Input Validation. The vulnerability is due to incomplete JDBC URL validation that failed to handle URL encoded input, which allows an attacker to bypass validation checks and potentially exploit database connections...

Cross-Site Scripting (XSS)

org.apache.zeppelin, zeppelin-web is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to an incomplete blacklist of user input, which allows an attacker to inject malicious scripts and execute them in a victim’s browser...

Cross-site Scripting (XSS)

microweber/microweber is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper input sanitization due to malicious scripts being injected into user profile fields, which execute in admin browsers...

Remote Code Execution (RCE)

@nestjs/devtools-integration is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper sandboxing and missing cross-origin protections due to unsafe execution of attacker-controlled input in a JavaScript sandbox via the /inspector/graph/interact endpoint...

Sensitive Information Disclosure

org.opensearch.plugin:opensearch-security is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper enforcement of Field Level Security FLS rules due to member attributes of excluded objects still being accessible through search queries, allowing reconstruction of...

Authentication Bypass

Vault is vulnerable to authentication bypass. The vulnerability is due to insufficient enforcement of MFA login rate limits and TOTP token reuse, which allows an attacker to bypass MFA protections and reuse valid tokens for unauthorized access...

Privilege Escalation

github.com/hashicorp/vault is vulnerable to privilege escalation. The vulnerability is due to a privileged operator with write permissions to the root namespace’s identity endpoint being able to escalate their own or another user’s token privileges, which allows an attacker to gain Vault’s root...

Authentication Bypass

github.com/hashicorp/vault is vulnerable to authentication bypass. The vulnerability is due to the TOTP Secrets Engine code validation endpoint allowing code reuse within its validity period, which allows an attacker to replay a previously valid code to gain unauthorized access...

Cross-site Scripting (XSS)

microweber/microweber is vulnerable to cross-site scripting XSS. The vulnerability is due to improper input validation due to the last name field in the /projects/profile homepage endpoint allowing injection of malicious scripts...

Reflected Cross Site Scripting (XSS)

microweber/microweber is vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is due to improper validation of the layout parameter on the /admin/page/create page, which allows arbitrary JavaScript execution in the context of authenticated admin users...

Code Execution

Vault is vulnerable to code execution. The vulnerability is due to a privileged operator with write access to sys/audit being able to exploit a plugin directory in Vault’s configuration, which allows an attacker to execute arbitrary code on the underlying host...

Timing Side-channel Attacks

github.com/hashicorp/vault is vulnerable to Timing side-channel Attacks. The vulnerability is due to differences in response timing in the Userpass auth method, which allows an attacker to distinguish between valid and invalid usernames and potentially enumerate existing accounts...

Path Traversal

github.com/traefik/traefik is vulnerable to path traversal. The vulnerability is due to improper validation of file paths in the WASM plugin installation mechanism, which allows an attacker to supply a malicious ZIP archive with ../ sequences to overwrite arbitrary files on the system...

Remote Code Execution (RCE)

github.com/1panel-dev/1panel is vulnerable to Remote Code Execution RCE. The vulnerability is due to incomplete certificate verification during HTTPS communication between the Core and Agent endpoints, which allows an attacker to gain unauthorized access and execute commands with high privileges...

NULL Pointer Dereference

materialx is vulnerable to null pointer dereference. The vulnerability is due to improper handling of shader node parsing in MTLX files, which allows an attacker to crash a target program by supplying a maliciously crafted file...

Cross-site Scripting (XSS)

microweber/microweber is vulnerable to Cross-site Scripting XSS. The vulnerability is due to the id parameter in the liveedit.modulesettings API endpoint allowing arbitrary JavaScript execution...

Authentication Bypass

github.com/hashicorp/vault is vulnerable to Authentication Bypass. The vulnerability is due to improper enforcement of the user lockout feature due to flaws in the Userpass and LDAP authentication methods that allow lockout bypass...

NULL Pointer Dereference

MaterialX is vulnerable to NULL pointer dereference. The vulnerability is due to improper handling of shader node parsing in MTLX files, which allows an attacker to craft malicious files that can crash a target program...

Authentication Bypass

github.com/hashicorp/vault is vulnerable to Authentication Bypass. The vulnerability is due to improper certificate validation due to accepting non-CA certificates as trusted, allowing attackers to impersonate users with crafted certificates...

Sensitive Information Disclosure

OpenSearch is vulnerable to Sensitive Information Disclosure. The vulnerability is due to redacted values being retrievable through range queries and the fields option in the search API...

Denial Of Service (DoS)

OpenEXR is vulnerable to Denial Of Service DoS. The vulnerability is due to a NULL pointer dereference due to improper handling of deep scanline images with large sample counts in reduceMemory mode...

Denial Of Service (DoS)

MaterialX is vulnerable to Denial Of Service DoS. The vulnerability is due to stack exhaustion due to improper handling of multiple nested nodegraph implementations when parsing malicious MTLX files...

Denial Of Service (DoS)

OpenEXR is vulnerable to denial of service DoS. The vulnerability is due to improper input validation due to trusting unvalidated dataWindow size values from file headers, leading to excessive memory allocation and performance degradation...

Heap-based Buffer Overflow

OpenEXR is vulnerable to Heap-based Buffer Overflow. The vulnerability is due to improper memory handling due to a maliciously forged chunk header when decompressing ZIPS-packed deep scan-line EXR files...

Deserialization Of Untrusted Data

prestashop/prestashop is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to improper handling in the getHeaders function, which allows an attacker to execute arbitrary code via a crafted POST request...

Deserialization

prestashop/prestashop is vulnerable to Deserialization. The vulnerability is due to improper handling of crafted POST requests in the /themes/import component, which allows an attacker to execute arbitrary code...

Remote Code Execution (RCE)

ms-swift is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper output neutralization for logs because malicious input passed into the train method is concatenated into shell commands, allowing arbitrary command execution...

Remote Code Execution (RCE)

ms-swift is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe deserialization because yaml.load from PyYAML is used in tests/run.py, allowing attackers to execute arbitrary code via a crafted YAML configuration file...

Deserialization Of Untrusted Data

ms-swift is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to unsafe deserialization due to malicious pickle deserialization in adapter model files, allowing arbitrary command execution when loading specially crafted adapter models from ModelScope...

Cross-Site Scripting

Copyparty is vulnerable to reflected Cross-Site Scripting XSS. The vulnerability is due to improper escaping of user-supplied input in the filter parameter on the recent uploads page, which is reflected into a...

Prototype Pollution

@nyariv/sandboxjs is vulnerable to prototype pollution. The vulnerability is due to insufficient prototype access checks in the sandbox’s executor logic, particularly when handling JavaScript function objects, which allows an attacker to inject arbitrary properties into Object.prototype...

Cross-site Scripting (XSS)

Apache JSPWiki is vulnerable to Cross-site Scripting XSS. The vulnerability is due to insufficient sanitization of wiki markup and markdown header link creation because specially crafted input can execute JavaScript in the victim’s browser, enabling theft of sensitive information...

Improper Output Neutralization For Logs

org.apache.struts, struts-extras is vulnerable to Improper Output Neutralization for Logs. The vulnerability is due to LookupDispatchAction printing untrusted input to logs without filtering, which allows an attacker to craft input that injects misleading log entries, potentially confusing human ...

Authentication Bypass

github.com/oauth2-proxy/oauth2-proxy is vulnerable to Authentication Bypass. The vulnerability is due to the skipauthroutes configuration option matching against the full request URI, including query parameters, when using overly permissive regex patterns, which allows an attacker to craft URLs...