Remote Code Execution (RCE)

generator-jhipster-entity-audit is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe reflection caused by using Javers as the Entity Audit Framework, which allows malicious classes on the classpath to be exploited through exposed REST endpoints...

Improper Cache Key Handling

api-platform/core is vulnerable to Improper cache key handling. The vulnerability is due to the isCacheKeySafe method not effectively preventing caching when followed by the parent::normalize call, which may allow an attacker to access unauthorized data...

Cross-Site Scripting (XSS)

pgadmin4 is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to lack of input/output encoding when rendering query results, which allows an attacker to execute arbitrary HTML or JavaScript in the victim's browser...

Remote Code Execution (RCE)

pgAdmin4 is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe use of Python's eval function due to unsanitized input in the querycommitted and highavailability parameters on two POST endpoints...

Improper Verification Of Cryptographic Signature

github.com/minio/minio is vulnerable to authorization bypass. The vulnerability is due to improper signature verification due to the ability to use arbitrary secrets to upload objects if the attacker has prior WRITE permissions and access to the access key and bucket name...

Remote Code Execution (RCE)

BentoML is vulnerable to Remote Code Execution RCE. The vulnerability is due to insecure deserialization due to an unsafe code segment in serde.py that allows arbitrary code execution by unauthenticated users...

Cross-Site Scripting (XSS)

react-draft-wysiwyg is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input sanitization or escaping of user-provided data in the Embedded button functionality, allowing malicious payloads to be executed when the data is saved in the tag...

Prototype Pollution

expand-object is vulnerable to Prototype Pollution. The vulnerability is due to improper input validation in the expand function in index.js, which expands strings into objects without filtering out sensitive properties like proto, and allows attackers to manipulate object prototypes, potentially...

Buffer Overflow

bigint-bufferr is vulnerable to Buffer Overflow. The vulnerability is due to improper bounds checking in the toBigIntLE function, which allows attackers to cause a buffer overflow and potentially crash the application...

Server Side Request Forgery (SSRF)

spatie/browsershot is vulnerable to Server-side Request Forgery SSRF. The vulnerability is due to a missing restriction on user input in the setUrl function, allowing attackers to access localhost and list its directories...

Missing Authorization

goalgorilla/opensocial is vulnerable to Missing Authorization. The vulnerability is due to missing authorization due to insufficient access control checks that allow unauthorized users to access restricted resources...

Information Disclosure

api-platform/core is vulnerable to Information disclosure. The vulnerability is due to improper handling of exception messages, where non-HTTP exceptions are not sanitized and are directly included in the JSON error response, allows potentially sensitive internal information to be exposed to...

Cross-Site Scripting (XSS)

drupal/core is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of input during web page generation, allowing malicious scripts to be executed in the context of a user's browser...

Missing Authorization

goalgorilla/opensocial is vulnerable to Missing Authorization. The vulnerability is due to insufficient access control mechanisms in Open Social, which fail to properly enforce user authorization, allows unauthorized users to bypass restrictions and access sensitive resources through forceful...

Denial Of Service (DoS)

image-size is vulnerable to a Denial of Service vulnerability. The vulnerability is due to an infinite loop due to processing image boxes with size 0, which allows an attacker to cause the application to hang...

Improper Authorization

Jenkins is vulnerable to Improper authorization. The vulnerability is due to missing permission checks in an HTTP endpoint, allowing attackers with only Computer/Create permission to copy an agent and gain unauthorized access to its configuration...

Denial Of Service (DoS)

Django is vulnerable to Denial of Service DoS. The vulnerability is due to inefficient Unicode normalization due to slow NFKC normalization on Windows, which allows attackers to send specially crafted inputs with a large number of Unicode characters to exhaust server resources...

Deserialization Of Untrusted Data

io.jooby, jooby-pac4j is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to insecure deserialization logic in the SessionStoreImplget method, which allows processing of untrusted input...

Server Side Request Forgery (SSRF)

shopxo/shopxo is vulnerable to Server Side Request Forgery SSRF. The vulnerability is due to insufficient input validation and sanitization in multiple places, allowing unauthorized requests and script injection...

Remote Code Execution

@tauri-apps/plugin-shell is vulnerable to Remote Code Execution. The vulnerability is due to insufficient input validation in the /console/dashboard/executorCount?zkClusterKey component, allowing a remote attacker to execute arbitrary code...

SQL Injection

com.vip.saturn, saturn-console is vulnerable to SQL injection. The vulnerability is due to SQL injection due to insufficient input validation in the /console/dashboard/executorCount?zkClusterKey component, allowing remote attackers to execute arbitrary code...

Privilege Escalation

github.com/rancher/rancher is vulnerable to Privilege Escalation. The vulnerability is due to improper access control that allows Restricted Administrators to change the passwords of higher-privileged users without having the Manage Users permission...

Server Side Request Forgery (SSRF)

shopxo/shopxo is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation of user-supplied URLs in the Email Settings feature, allows attackers to manipulate the server into making arbitrary requests to internal or external resources...

Server Side Request Forgery (SSRF)

shopxo/shopxo is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation of user-supplied URLs in the image upload function, allowing attackers to craft requests that the server executes on their behalf...

Arbitrary Code Execution (ACE)

org.apache.parquet, parquet-avro is vulnerable to Arbitrary Code Execution. The vulnerability is due to unsafe deserialization during schema parsing in the parquet-avro module, which allows bad actors to execute arbitrary code...

Authorization Bypass

org.apache.activemq:artemis-server is vulnerable to Authorization Bypass. The vulnerability is due to improper permission enforcement due to users being able to augment the routing-type of an address without having the necessary createAddress permission, potentially allowing unauthorized message...

Host Header Injection

@react-router/express, @remix-run/express is vulnerable to Host header injection. The vulnerability exists due to improper validation of the Host and X-Forwarded-Host headers, allowing attackers to spoof the request URL by injecting a pathname into the port section of the header...

Object Injection

drupal/core is vulnerable to Object Injection. The vulnerability is due to improperly controlled modification of dynamically-determined object attributes, which allows attackers to inject and manipulate objects within the application...

Authentication Bypass

Apache Pinot is vulnerable to Authentication Bypass. The vulnerability is due to improper request path validation due to the application's failure to enforce authentication when the request path contains a semicolon ; and lacks a forward slash /, allowing unauthorized user creation...

Cross-Site Scripting (XSS)

drupal/core is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of user-supplied input during web page generation, which allows malicious scripts to be executed in the context of a user's browser...

Private Data Structure Returned From A Public Method

github.com/apache/answer, is vulnerable to Private Data Structure Returned From A Public Method. The vulnerability is due to the application allowing external content to be loaded without restriction, allowing an attacker to track or identify users by collecting their IP addresses through...

Path Traversal

YesWiki is vulnerable to Path Traversal. The vulnerability is due to insufficient input validation due to improper sanitization of the squelette parameter, allowing unauthorized file read access on the server...

Incorrect Authorization

drupal/core package is vulnerable to Incorrect Authorization. The vulnerability is due to insufficient access controls. This allows forceful browsing in certain core versions, enabling attackers to access restricted resources...

IP Address Spoofing

github.com/phires/go-guerrilla is vulnerable to IP address spoofing. The vulnerability is due to improper enforcement of the PROXY protocol due to the server accepting multiple PROXY commands, allowing clients to override the original IP address...

Remote Code Execution (RCE)

github.com/jaredallard/archives is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper archive parsing due to insufficient validation of specially crafted archive files, which allows an attacker to execute arbitrary code or modify files in the context of the user running...

Cross-Site Scripting (XSS)

publifycore is vulnerable to cross-site scripting XSS. The vulnerability is due to improper input sanitization in the redirect functionality, allowing a publisher to execute scripts in an administrator's browser...

Path Traversal

tar-fs is vulnerable to Path Traversal. The vulnerability is due to improper validation of symbolic links and pathnames during tar file extraction, which allows attackers to escape the target extraction directory and write files to arbitrary locations on the file system...

Cross-site Scripting (XSS)

github.com/beego/beego is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper HTML escaping due to user-controlled data not being sanitized in the RenderForm function...

Regular Expression Denial Of Service

uptime-kuma is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regex processing due to catastrophic backtracking triggered by crafted input during notification creation via the web service...

Out Of Memory Error

org.infinispan, infinispan-query is vulnerable to a Out Of Memory Error. The vulnerability is due to lack of proper memory handling when processing large POST requests, allows continual requests to trigger buffer leaks and memory exhaustion...

Path Traversal

org.noear:solon-view is vulnerable to path traversal. The vulnerability is due to insufficient validation of user input in the rendermav function, which allows the manipulation of the template argument to perform path traversal...

Server Side Request Forgery (SSRF)

mobsf is vulnerable to Server Side Request Forgery SSRF Abuse. The vulnerability is due to socket.gethostbyname not properly handling DNS rebinding, allows attackers to exploit DNS resolutions and make requests to internal services...

Unauthorized File Exposure

Vite is vulnerable to Unauthorized File Exposure. The vulnerability is due to improper exposure of non-allowed files through the ?inline or ?raw?import methods when the Vite dev server is explicitly exposed to the network using --host or the server.host config option, allows unauthorized access t...

Prototype Pollution

Redoc is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of user-supplied input in the Module.mergeObjects component, allows attackers to manipulate the prototype chain and introduce malicious payloads, which can trigger a Denial of Service DoS...

Prototype Pollution

depath and cool-path are vulnerable to prototype pollution. The vulnerability is due to improper handling of object properties in the set method at setIn lib/index.js:90, allowing attackers to inject arbitrary properties and potentially execute arbitrary code or cause a Denial of Service DoS...

Path Traversal

go.rgst.io/stencil/v2 is vulnerable to Path Traversal. The vulnerability is due to insufficient validation of file paths during archive extraction, which allows directory traversal sequences like ../ to write files outside the intended extraction directory...

Integer Overflow

cairo-lang-starknet-classes is vulnerable to Integer overflow. The vulnerability is due to improper bounds checking in the Sierra bytecode decompression logic of the cairo-lang-starknet-classes library, allows an integer overflow to occur when processing malicious Declare v2/v3 transactions...

Cross-site Scripting (XSS)

Vega is vulnerable to Cross-site Scripting XSS. The vulnerability is due to unsafe evaluation of JavaScript code due to the lack of an expression interpreter when processing Vega/Vega-lite JSON definitions...

Class Pollution

Mesop is vulnerable to Class Pollution. The vulnerability is due to insecure handling of global variables and class attributes due to the ability of attackers to overwrite them at runtime, leading to potential denial of service, identity confusion, or remote code execution...

Server Side Request Forgery (SSRF)

Apache Kylin is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation of user-supplied input, allowing an attacker with admin access to make arbitrary internal requests via the /kylin/api/xxx/diag endpoint...