HTTP Response Splitting

Pitchfork is vulnerable to HTTP Response Splitting.The vulnerability is due to improper input sanitization allowing unvalidated user input being passed to HTTP headers when used with Rack 3...

Code Injection

org.apache.kylin, kylin is vulnerable to Code Injection. The vulnerability is due to insufficient restrictions on JDBC connection configuration, which allows execution of arbitrary remote code when altered by someone with admin permissions...

Remote Code Execution

k8s.io/ingress-nginx is vulnerable to Remote Code Execution. The vulnerability is due to improper request handling in the ingress-nginx controller due to the controller processing untrusted network traffic that can be manipulated to execute arbitrary code and access Secrets...

Cross-Site Scripting (XSS)

Vega, vega-functions is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient sandboxing, which allows unsupported JavaScript functions to be called from the Vega expression language...

Cross-Site Scripting (XSS)

gifplayer is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input sanitization or output escaping. Specifically, the application fails to properly handle or sanitize user-supplied input before including it in the webpage, which allows attackers to inject and...

Hash Collision Attack

io.netty.incubator, netty-incubator-codec-quic is vulnerable to Hash Collision Attack. The vulnerability is due to a hash collision in the hash map used to manage connections, which allows remote attackers to perform a Hash DoS attack by initiating connections with colliding Source Connection IDs...

Unauthorized File Access

awssamcli is vulnerable to Unauthorized File Access. The vulnerability is due to improper handling of symlinks during the Docker build process, allowing access to privileged host files via elevated permissions...

Unauthorized File Access

awssamcli is vulnerable to Unauthorized File Access. The vulnerability is due to insecure symlink resolution during the build process, which causes the contents of symlinks to be copied into the local workspace cache as regular files, allows an attacker to access restricted files...

Missing Encryption Of Sensitive Data

org.opendaylight.sfc, odl-sfc-openflow-renderer is vulnerable to Missing Encryption of Sensitive Data. The vulnerability is due to missing security attributes or transmission over unencrypted channels, allowing Man-in-the-Middle attacks to access sensitive information...

Unauthorized Access

pixelfed/pixelfed is vulnerable to Unauthorized Access. The vulnerability is due to insufficient verification of follow requests, allowing unauthorized users to access private posts across Fediverse servers...

Environment Variable Exposure

Shescape is vulnerable to Environment Variable Exposure. The vulnerability is due to improper escaping of % characters in user input when using shell: 'cmd.exe' or shell: true, which allows an attacker to read environment variables through unintended variable substitution...

Denial Of Service (DoS)

@mozilla/readability is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression processing caused by specially crafted titles, allowing an attacker to cause a local denial of service...

Denial Of Service (DoS)

@directus/storage-driver-s3 is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of malformed transformation requests, which allows an attacker to trigger a state where all assets return 403 errors, leading to asset unavailability across all Directus policies...

Denial Of Service (DoS)

@directus/storage-driver-s3 is vulnerable to Denial Of Service DoS. The vulnerability is due to asset unavailability caused by excessive HEAD requests, which allows an attacker to trigger 403 errors for all assets and deny access across all Directus policies...

Unauthorized API Access

Directus is vulnerable to unauthorized API access by suspended users. The vulnerability is due to missing session validation due to the absence of a check in verifySessionJWT to confirm if a user is still active and authorized...

Improper Access Control

org.opendaylight.sfc:sfc-parent is vulnerable to Improper Access Control. The vulnerability is due to flaws in the Shiro-based RBAC mechanism due to improper enforcement of role-based access control, allowing attackers to execute privileged operations via crafted requests...

Cross-site Scripting (XSS)

django-tomselect is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input sanitization due to user-supplied values not being fully escaped in form widget attributes, allowing potentially dangerous HTML tags to be rendered in the browser...

Sensitive Information Disclosure

Directus is vulnerable to information disclosure. The vulnerability is due to improper error handling due to sensitive data being exposed in API responses when a ValidationError is triggered in flows using the "Webhook" trigger and "Data of Last Operation" response body...

Relative Path Traversal

Apache Commons VFS is vulnerable to Relative Path Traversal. The vulnerability is due to improper validation in the resolveFile method, which allows encoded ".." sequences to bypass descendant path restrictions and access unintended files...

Cross-site Scripting (XSS)

Apache Oozie is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of input during web page generation, allowing attackers to inject malicious scripts into web pages...

Improper Verification Of Cryptographic Signature

Kyverno is vulnerable to Improper Verification of Cryptographic Signature. The vulnerability is due to improper verification of artifact signatures due to the subjectRegExp and IssuerRegExp fields being ignored in keyless mode, allowing attackers to deploy unauthorized Kubernetes resources,...

Incorrect Authorization

Cilium is vulnerable to Incorrect Authorization. The vulnerability is due to improper enforcement of node-based network policies due to misconfigured fromNodes and toNodes rules, which incorrectly permit traffic to or from non-node endpoints that share the specified labels...

Incorrect Authorization

github.com/cilium/cilium is vulnerable to Incorrect Authorization. The vulnerability is due to improper enforcement of egress restrictions due to a misconfiguration where egress traffic to LoadBalancers deployed via Gateway API is incorrectly allowed, despite network policies blocking such traffi...

Improper Security Check Handling

api-platform/core is vulnerable to Improper Security Check Handling. The vulnerability is due to a missing break statement in the security check logic, caused by a fallback mechanism that replaces the intended security check after GraphQL resolvers. It allows an attacker to bypass intended securi...

Overly Permissive Authorization

aws-cdk-lib is vulnerable to Overly Permissive Authorization. The vulnerability is due to the CDK Construct Library automatically generating an overly permissive AWS IAM trust policy, which allows any user with unrestricted sts:AssumeRole permissions to assume the role...

Denial Of Service (DoS)

OpenDaylight Service Function Chaining SFC is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of name resolution or references and allows an attacker to exploit incorrect resolutions to cause a Denial of Service DoS...

Out Of Memory Error

org.keycloak, keycloak-services is vulnerable to an Out Of Memory Error. The vulnerability is due to unbounded caching of JWT tokens with long expiration times, causing excessive memory consumption and potential system failure. It allows an attacker to cause a Denial of Service DoS by exhausting...

Sensitive Information Exposure

org.apache.commons, commons-vfs2 is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper handling of exception messages, where the FtpFileObject class exposes the original URI, including sensitive information like passwords, when a file is not found. It allows an...

Arbitrary File Disclosure

Vite is vulnerable to Arbitrary File Disclosure. The vulnerability is due to improper handling of trailing separators in query strings and is caused by the removal of trailing separators ? without proper validation in regex checks, allows attackers to bypass file access restrictions and retrieve...

Arbitrary Code Execution (ACE)

k8s.io/ingress-nginx is vulnerable to Arbitrary Code Execution ACE. The vulnerability is due to improper input validation in the auth-tls-match-cn Ingress annotation, which allows attackers to inject arbitrary Nginx configuration...

Arbitrary Code Execution (ACE)

k8s.io/ingress-nginx is vulnerable to Arbitrary Code Execution ACE. The vulnerability is due to improper access control, allowing an unauthenticated attacker with access to the pod network to execute arbitrary code in the context of the ingress-nginx controller...

Arbitrary Code Execution (ACE)

k8s.io/ingress-nginx is vulnerable to Arbitrary Code Execution ACE . The vulnerability is due to improper handling of mirror-target and mirror-host annotations, allowing arbitrary configuration injection into nginx...

Directory Traversal

k8s.io/ingress-nginxx is vulnerable to Directory traversal. The vulnerability is due to the ingress-nginx Admission Controller including attacker-provided data in a filename, allowing traversal within the container...

Arbitrary Code Execution (ACE)

k8s.io/ingress-nginx is vulnerable to Arbitrary Code Execution ACE. The vulnerability is due to improper validation and sanitization of user-supplied input in the auth-url Ingress annotation, allowing attackers to inject arbitrary nginx configuration directives...

Server Side Request Forgery (SSRF)

nossrf is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper hostname validation, allowing attackers to bypass the protection mechanism and access local or reserved IP addresses...

Race Condition

k8s.io/kubernetes/cmd/kube-apiserver is vulnerable to Race Condition. The vulnerability is due to improper enforcement of network policies due to the undefined deletion order during namespace termination, which can result in network policies being removed before the pods they protect, allowing...

Authentication Credential Reuse

parse-server is vulnerable to Authentication Credential Reuse. The vulnerability is due to improper isolation of authentication credentials, allowing them to be shared across multiple Parse Server apps using the same third-party authentication provider...

Denial Of Service (DoS)

github.com/envoyproxy/envoy is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of the filter's lifecycle or crash when a local reply is sent to the external server, allows an attacker to trigger a DoS by forcing a failed WebSocket handshake or another scenario...

Authentication Bypass

Mattermost is vulnerable to Authentication Bypass. The vulnerability is due to a flaw that allows authenticated attackers to bypass MFA protections via user search, channel search, or team search queries...

Remote Code Execution (RCE)

InvokeAI is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe deserialization using torch.load without proper validation in the /api/v2/models/install API, allowing attackers to execute arbitrary code by embedding malicious code in model files...

Deserialization Of Untrusted Data

com.aizuda, snail-job is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to improper input validation of the nodeExpression argument in the getRuntime function of the Workflow-Task Management Module, allowing an attacker to execute arbitrary code remotely...

Deserialization Of Untrusted Data

yiisoft/yii2-dev is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to improper handling in the getIterator function of symfony\finder\Iterator\SortableIterator.php, which allows an attacker to execute arbitrary code remotely...

Cross-Site Scripting (XSS)

ContentTools is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of the onload argument in the Image Handler component, allowing an attacker to exploit it...

Authorization Bypass

org.springframework.security, spring-security-core is vulnerable to Authorization Bypass. The vulnerability is due to improper method security annotation detection due to issues in locating annotations on parameterized types or methods, allowing an attacker to access methods or resources without...

Denial Of Service (DoS)

Ollama is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of GGUF model files, allowing a malicious user to create a crafted file that causes the server to allocate unlimited memory, leading to a DoS condition...

Incorrect Authorization

Mattermost is vulnerable to Incorrect Authorization. The vulnerability is due to improper restriction of command execution due to a flaw that allows authenticated users to run commands in archived channels...

Authentication Bypass

Mattermost is vulnerable to Authentication Bypass. The vulnerability is due to improper enforcement of multi-factor authentication MFA due to a flaw that allows authenticated attackers to bypass MFA protections via API requests to plugin-specific routes...

Incorrect Authorization

Mattermost is vulnerable to Incorrect Authorization. The vulnerability is due to a flaw that allows authenticated users to create or update bookmarks in archived channels...

Improper Authorization

Mattermost is vulnerable to an Improper Authorization. The vulnerability is due to insufficient enforcement of channel conversion restrictions due to a flaw that allows users with permission to convert public channels to private ones to also convert private channels to public...

Privilege Escalation

github.com/pipe-cd/pipecd is vulnerable to Insecure Permissions. The vulnerability is due to insecure permissions, which allow attackers to access the service account's token and escalate privileges...