38326 matches found
Cross-Site Scripting (XSS)
publifycore is vulnerable to cross-site scripting XSS. The vulnerability is due to improper input sanitization in the redirect functionality, allowing a publisher to execute scripts in an administrator's browser...
Path Traversal
tar-fs is vulnerable to Path Traversal. The vulnerability is due to improper validation of symbolic links and pathnames during tar file extraction, which allows attackers to escape the target extraction directory and write files to arbitrary locations on the file system...
Cross-site Scripting (XSS)
github.com/beego/beego is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper HTML escaping due to user-controlled data not being sanitized in the RenderForm function...
Regular Expression Denial Of Service
uptime-kuma is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regex processing due to catastrophic backtracking triggered by crafted input during notification creation via the web service...
Out Of Memory Error
org.infinispan, infinispan-query is vulnerable to a Out Of Memory Error. The vulnerability is due to lack of proper memory handling when processing large POST requests, allows continual requests to trigger buffer leaks and memory exhaustion...
Path Traversal
org.noear:solon-view is vulnerable to path traversal. The vulnerability is due to insufficient validation of user input in the rendermav function, which allows the manipulation of the template argument to perform path traversal...
Server Side Request Forgery (SSRF)
mobsf is vulnerable to Server Side Request Forgery SSRF Abuse. The vulnerability is due to socket.gethostbyname not properly handling DNS rebinding, allows attackers to exploit DNS resolutions and make requests to internal services...
Unauthorized File Exposure
Vite is vulnerable to Unauthorized File Exposure. The vulnerability is due to improper exposure of non-allowed files through the ?inline or ?raw?import methods when the Vite dev server is explicitly exposed to the network using --host or the server.host config option, allows unauthorized access t...
Prototype Pollution
Redoc is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of user-supplied input in the Module.mergeObjects component, allows attackers to manipulate the prototype chain and introduce malicious payloads, which can trigger a Denial of Service DoS...
Prototype Pollution
depath and cool-path are vulnerable to prototype pollution. The vulnerability is due to improper handling of object properties in the set method at setIn lib/index.js:90, allowing attackers to inject arbitrary properties and potentially execute arbitrary code or cause a Denial of Service DoS...
Path Traversal
go.rgst.io/stencil/v2 is vulnerable to Path Traversal. The vulnerability is due to insufficient validation of file paths during archive extraction, which allows directory traversal sequences like ../ to write files outside the intended extraction directory...
Integer Overflow
cairo-lang-starknet-classes is vulnerable to Integer overflow. The vulnerability is due to improper bounds checking in the Sierra bytecode decompression logic of the cairo-lang-starknet-classes library, allows an integer overflow to occur when processing malicious Declare v2/v3 transactions...
Cross-site Scripting (XSS)
Vega is vulnerable to Cross-site Scripting XSS. The vulnerability is due to unsafe evaluation of JavaScript code due to the lack of an expression interpreter when processing Vega/Vega-lite JSON definitions...
Class Pollution
Mesop is vulnerable to Class Pollution. The vulnerability is due to insecure handling of global variables and class attributes due to the ability of attackers to overwrite them at runtime, leading to potential denial of service, identity confusion, or remote code execution...
Server Side Request Forgery (SSRF)
Apache Kylin is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation of user-supplied input, allowing an attacker with admin access to make arbitrary internal requests via the /kylin/api/xxx/diag endpoint...
HTTP Response Splitting
Pitchfork is vulnerable to HTTP Response Splitting.The vulnerability is due to improper input sanitization allowing unvalidated user input being passed to HTTP headers when used with Rack 3...
Code Injection
org.apache.kylin, kylin is vulnerable to Code Injection. The vulnerability is due to insufficient restrictions on JDBC connection configuration, which allows execution of arbitrary remote code when altered by someone with admin permissions...
Remote Code Execution
k8s.io/ingress-nginx is vulnerable to Remote Code Execution. The vulnerability is due to improper request handling in the ingress-nginx controller due to the controller processing untrusted network traffic that can be manipulated to execute arbitrary code and access Secrets...
Cross-Site Scripting (XSS)
Vega, vega-functions is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient sandboxing, which allows unsupported JavaScript functions to be called from the Vega expression language...
Cross-Site Scripting (XSS)
gifplayer is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input sanitization or output escaping. Specifically, the application fails to properly handle or sanitize user-supplied input before including it in the webpage, which allows attackers to inject and...
Hash Collision Attack
io.netty.incubator, netty-incubator-codec-quic is vulnerable to Hash Collision Attack. The vulnerability is due to a hash collision in the hash map used to manage connections, which allows remote attackers to perform a Hash DoS attack by initiating connections with colliding Source Connection IDs...
Unauthorized File Access
awssamcli is vulnerable to Unauthorized File Access. The vulnerability is due to improper handling of symlinks during the Docker build process, allowing access to privileged host files via elevated permissions...
Unauthorized File Access
awssamcli is vulnerable to Unauthorized File Access. The vulnerability is due to insecure symlink resolution during the build process, which causes the contents of symlinks to be copied into the local workspace cache as regular files, allows an attacker to access restricted files...
Missing Encryption Of Sensitive Data
org.opendaylight.sfc, odl-sfc-openflow-renderer is vulnerable to Missing Encryption of Sensitive Data. The vulnerability is due to missing security attributes or transmission over unencrypted channels, allowing Man-in-the-Middle attacks to access sensitive information...
Unauthorized Access
pixelfed/pixelfed is vulnerable to Unauthorized Access. The vulnerability is due to insufficient verification of follow requests, allowing unauthorized users to access private posts across Fediverse servers...
Environment Variable Exposure
Shescape is vulnerable to Environment Variable Exposure. The vulnerability is due to improper escaping of % characters in user input when using shell: 'cmd.exe' or shell: true, which allows an attacker to read environment variables through unintended variable substitution...
Denial Of Service (DoS)
@mozilla/readability is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression processing caused by specially crafted titles, allowing an attacker to cause a local denial of service...
Denial Of Service (DoS)
@directus/storage-driver-s3 is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of malformed transformation requests, which allows an attacker to trigger a state where all assets return 403 errors, leading to asset unavailability across all Directus policies...
Denial Of Service (DoS)
@directus/storage-driver-s3 is vulnerable to Denial Of Service DoS. The vulnerability is due to asset unavailability caused by excessive HEAD requests, which allows an attacker to trigger 403 errors for all assets and deny access across all Directus policies...
Unauthorized API Access
Directus is vulnerable to unauthorized API access by suspended users. The vulnerability is due to missing session validation due to the absence of a check in verifySessionJWT to confirm if a user is still active and authorized...
Improper Access Control
org.opendaylight.sfc:sfc-parent is vulnerable to Improper Access Control. The vulnerability is due to flaws in the Shiro-based RBAC mechanism due to improper enforcement of role-based access control, allowing attackers to execute privileged operations via crafted requests...
Cross-site Scripting (XSS)
django-tomselect is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input sanitization due to user-supplied values not being fully escaped in form widget attributes, allowing potentially dangerous HTML tags to be rendered in the browser...
Sensitive Information Disclosure
Directus is vulnerable to information disclosure. The vulnerability is due to improper error handling due to sensitive data being exposed in API responses when a ValidationError is triggered in flows using the "Webhook" trigger and "Data of Last Operation" response body...
Relative Path Traversal
Apache Commons VFS is vulnerable to Relative Path Traversal. The vulnerability is due to improper validation in the resolveFile method, which allows encoded ".." sequences to bypass descendant path restrictions and access unintended files...
Cross-site Scripting (XSS)
Apache Oozie is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of input during web page generation, allowing attackers to inject malicious scripts into web pages...
Improper Verification Of Cryptographic Signature
Kyverno is vulnerable to Improper Verification of Cryptographic Signature. The vulnerability is due to improper verification of artifact signatures due to the subjectRegExp and IssuerRegExp fields being ignored in keyless mode, allowing attackers to deploy unauthorized Kubernetes resources,...
Incorrect Authorization
Cilium is vulnerable to Incorrect Authorization. The vulnerability is due to improper enforcement of node-based network policies due to misconfigured fromNodes and toNodes rules, which incorrectly permit traffic to or from non-node endpoints that share the specified labels...
Incorrect Authorization
github.com/cilium/cilium is vulnerable to Incorrect Authorization. The vulnerability is due to improper enforcement of egress restrictions due to a misconfiguration where egress traffic to LoadBalancers deployed via Gateway API is incorrectly allowed, despite network policies blocking such traffi...
Improper Security Check Handling
api-platform/core is vulnerable to Improper Security Check Handling. The vulnerability is due to a missing break statement in the security check logic, caused by a fallback mechanism that replaces the intended security check after GraphQL resolvers. It allows an attacker to bypass intended securi...
Overly Permissive Authorization
aws-cdk-lib is vulnerable to Overly Permissive Authorization. The vulnerability is due to the CDK Construct Library automatically generating an overly permissive AWS IAM trust policy, which allows any user with unrestricted sts:AssumeRole permissions to assume the role...
Denial Of Service (DoS)
OpenDaylight Service Function Chaining SFC is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of name resolution or references and allows an attacker to exploit incorrect resolutions to cause a Denial of Service DoS...
Out Of Memory Error
org.keycloak, keycloak-services is vulnerable to an Out Of Memory Error. The vulnerability is due to unbounded caching of JWT tokens with long expiration times, causing excessive memory consumption and potential system failure. It allows an attacker to cause a Denial of Service DoS by exhausting...
Sensitive Information Exposure
org.apache.commons, commons-vfs2 is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper handling of exception messages, where the FtpFileObject class exposes the original URI, including sensitive information like passwords, when a file is not found. It allows an...
Arbitrary File Disclosure
Vite is vulnerable to Arbitrary File Disclosure. The vulnerability is due to improper handling of trailing separators in query strings and is caused by the removal of trailing separators ? without proper validation in regex checks, allows attackers to bypass file access restrictions and retrieve...
Arbitrary Code Execution (ACE)
k8s.io/ingress-nginx is vulnerable to Arbitrary Code Execution ACE. The vulnerability is due to improper input validation in the auth-tls-match-cn Ingress annotation, which allows attackers to inject arbitrary Nginx configuration...
Arbitrary Code Execution (ACE)
k8s.io/ingress-nginx is vulnerable to Arbitrary Code Execution ACE. The vulnerability is due to improper access control, allowing an unauthenticated attacker with access to the pod network to execute arbitrary code in the context of the ingress-nginx controller...
Arbitrary Code Execution (ACE)
k8s.io/ingress-nginx is vulnerable to Arbitrary Code Execution ACE . The vulnerability is due to improper handling of mirror-target and mirror-host annotations, allowing arbitrary configuration injection into nginx...
Directory Traversal
k8s.io/ingress-nginxx is vulnerable to Directory traversal. The vulnerability is due to the ingress-nginx Admission Controller including attacker-provided data in a filename, allowing traversal within the container...
Arbitrary Code Execution (ACE)
k8s.io/ingress-nginx is vulnerable to Arbitrary Code Execution ACE. The vulnerability is due to improper validation and sanitization of user-supplied input in the auth-url Ingress annotation, allowing attackers to inject arbitrary nginx configuration directives...
Server Side Request Forgery (SSRF)
nossrf is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper hostname validation, allowing attackers to bypass the protection mechanism and access local or reserved IP addresses...