Cross Site Scripting

solid-js is vulnerable to Cross Site Scripting. The vulnerability is due to improper escaping of user input inside illegal inlined JSX fragments, allowing unescaped input to be rendered as HTML...

Open Redirect

better-auth is vulnerable to an Open Redirect. The vulnerability is due to improper validation of the callbackURL parameter, allowing scheme-less URLs that the browser interprets as fully qualified URLs, leading to unintended redirection...

Unauthorized Channel Content Export

github.com/mattermost/mattermost-server is vulnerable to unauthorized channel content export. The vulnerability is due to improper access control due to failing to restrict channel export of archived channels when the "Allow users to view archived channels" setting is disabled...

Cross-Site Scripting (XSS)

tarteaucitronjs is vulnerable to Cross-site Scripting XSS. The vulnerability is due to insufficient input sanitization and improper handling of dynamic content in the getElemWidth and getElemHeight functions, allowing malicious scripts to be injected and executed...

Arbitrary File Read

github.com/mattermost/mattermost-server is vulnerable to Arbitrary File Read. The vulnerability is due to improper validation of board blocks when importing boards, which allows an attacker to perform a path traversal attack by importing and exporting a specially crafted import archive in Boards...

Authentication Bypass

github.com/navidrome/navidrome is vulnerable to Authentication Bypass. The vulnerability is due to flawed authentication logic, which allows an attacker to authenticate using any non-existent username and a salted hash of an empty password...

Cross-Site Scripting (XSS)

dom-expressions is vulnerable to Cross-site Scripting XSS. The vulnerability is due to the use of .replace with special replacement patterns $' or $\ in user-defined attributes of the Meta tag, allows an attackers can exploit this by injecting malicious payloads into meta tags, potentially...

Improper JWT Signature Validation

jupyterhub-ltiauthenticator is vulnerable to improper JWT signature validation. The vulnerability is due to missing JWT signature validation in LTI13Authenticator, allowing forged authentication requests to be accepted...

Arbitrary IRC Command Execution

matrix-appservice-irc is vulnerable to arbitrary IRC command execution. The vulnerability is due to improper command handling, which allows an attacker to inject and execute arbitrary IRC commands as their own puppeted user...

Denial Of Service (DoS)

Passenger is vulnerable to Denial Of Service DoS. The vulnerability is due to an issue in the HTTP parser during the parsing of a request with an invalid HTTP method, allowing an attacker to exploit this issue...

Path Traversal

org.noear:solon-web-staticfiles is vulnerable to Path Traversal. The vulnerability is due to improper validation of user-supplied file paths in StaticMappings.java, allowing an attacker to access arbitrary files using "../filedir"...

Arbitrary File Read

Mattermost is vulnerable to Arbitrary File Read. The vulnerability is due to improper input validation when handling board patching and duplication. Specifically, the system fails to properly validate user input when duplicating a specially crafted block in Boards, allowing unauthorized access to...

Session Fixation

github.com/mattermost/mattermost-server is vulnerable to Session Fixation. The vulnerability is due to improper session invalidation when converting a user to a bot, allows the user to retain their previous session and potentially escalate privileges based on the bot’s assigned permissions...

Open Redirect

better-auth is vulnerable to an Open Redirect vulnerability. The vulnerability is due to improper validation of the trustedOrigins configuration, which allows attackers to manipulate the callbackURL parameter, leading to an open redirect that can be exploited for token theft...

Arbitrary File Read

moodle/moodle is vulnerable to Arbitrary File Read. The vulnerability is due to insufficient input sanitization in the TeX notation filter, which allows an attacker to exploit pdfTeX to read arbitrary files on the server...

Reflected Cross-Site Scripting

moodle/moodle is vulnerable to Reflected Cross-Site Scripting Reflected XSS. The vulnerability is due to insufficient sanitization of user input in the question bank filter, allowing malicious scripts to be executed in a victim's browser...

Information Disclosure

moodle/moodle is vulnerable to Information Disclosure. The vulnerability is due to inadequate restrictions on tag visibility, which allows users to access and discover hidden tags through the tag search page or tags block...

Cross-Site Scripting (XSS)

NagVis is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to user-supplied input being reflected in responses without adequate sanitization, and attackers can exploit this by crafting malicious links that execute arbitrary JavaScript in the victim's browser when clicked, affectin...

Remote Code Execution

NagVis is vulnerable to Remote Code Execution RCE. The vulnerability is due to the ability of an authenticated administrator to upload a malicious PHP file and modify configuration settings, and attackers can exploit this to execute arbitrary PHP code on the server...

Use Of A Broken Or Risky Cryptographic Algorithm

Easy-RSA is vulnerable to weak encryption algorithm usage. The vulnerability is due to insecure key generation due to the use of a weak default encryption algorithm when creating the private CA key with OpenSSL 3, and attackers can exploit this to more easily brute-force the CA private key and...

SQL Injection

ZoneMinder is vulnerable to SQL Injection. The vulnerability is due to unsanitized parameters being directly passed to an SQL query in WWW/AJAX/watch.php, and attackers can exploit this to execute arbitrary SQL commands on the database...

Host Header Injection

leantime/leantime is vulnerable to Host Header Injection. The vulnerability is due to improper validation of the host header due to the system allowing attackers to manipulate HTTP request headers, leading to unauthorized access to user details...

Cross-site Scripting (XSS)

Leantime is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input sanitization due to the API key name allowing malicious script injection during API key generation...

Cross-Site Request Forgery (CSRF)

leantime/leantime is vulnerable to cross-site request forgery CSRF. The vulnerability is due to CSRF allowing a remote attacker to create an account with elevated privileges by tricking an Owner or Administrator into clicking a malicious link...

Stored Cross-site Scripting (XSS)

leantime/leantime is vulnerable to Stored Cross-site Scripting XSS. The vulnerability is due to improper input sanitization and output encoding, allowing attackers to inject malicious scripts that get stored and executed when retrieved by users...

SQL Injection

moodle/moodle is vulnerable to SQL injection. The vulnerability is due to insufficient input sanitization in the module list filter, allowing attackers to manipulate database queries...

Improper Access Control

moodle/moodle is vulnerable to Improper access control. The vulnerability is due to missing Separate Groups mode restrictions in permission checks, allowing unauthorized viewing or deletion of responses in Feedback activities...

Incorrect Calculation

Vyper is vulnerable to Incorrect Calculation. The vulnerability is due to improper handling of oscillating final states due to the sqrt builtin incorrectly rounding up results when using the Babylonian method for square root calculation...

Out-of-bounds Write

Vyper is vulnerable to Out-of-bounds Write. The vulnerability is due to improper bounds validation due to the caching of the target location in an AugAssign statement, which prevents re-evaluating the bounds check when modifying a DynArray...

Denial Of Service (DoS)

github.com/go-jose/go-jose is vulnerable to Denial Of Service DoS. The vulnerability is due to improper token parsing using strings.Splittoken, ".", which fails to limit the number of splits, allowing attackers to create excessively large token segments that consume excessive memory...

Improper Access Control

moodle/moodle is vulnerable to Improper access control. The vulnerability is due to insufficient enforcement of security policies, allowing a privilege escalation attack due to inadequate checks ensuring trusttext is applied to restored glossary entries...

Insufficient Capability Checks

moodle/moodle is vulnerable to Insufficient capability checks. The vulnerability is due to missing or improper authorization checks before allowing badge modifications, allows users to perform actions beyond their intended permissions...

Stored Cross-site Scripting (XSS)

moodle/moodle is vulnerable to Stored Cross-site Scripting XSS. The vulnerability is due to insufficient sanitization of user input when handling drag-and-drop image or text elements, allowing malicious scripts to be stored and executed...

Insufficiently Protected Credentials

leantime/leantime is vulnerable to Insufficiently Protected Credentials. The vulnerability is due to improper cache control where an attacker can view sensitive information even if they are not logged into the account anymore...

Cross-site Scripting (XSS)

leantime/leantime is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper handling of SVG uploads which allows an attacker to inject malicious scripts and potentially redirect users to malicious websites by uploading specially crafted SVG files...

Authorization Bypass

leantime/leantime is vulnerable to an Authorization Bypass. The vulnerability is due to missing authorization checks on the "Host" parameter, allowing an attacker to access another user's profile information by modifying the parameter...

Cross-site Scripting (XSS)

leantime/leantime is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper input validation due to the lack of sanitization of the $GET"id" parameter, allowing an attacker to inject malicious scripts...

Cross-Site Scripting (XSS)

leantime/leantime is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper input sanitization and output encoding of the title field in a To-Do, allows an attacker to inject and execute arbitrary JavaScript in a victim's browser...

Insufficient Control Flow Management

Vyper is vulnerable to Insufficient Control Flow Management. The vulnerability is due to improper handling of iterator expressions in for loops due to the ability of iterators to consume side effects produced in the loop body, potentially leading to unexpected program behavior...

HTML Injection

leantime/leantime is vulnerable to HTML injection. The vulnerability is due to improper neutralization of HTML tags in users' first names, allowing arbitrary HTML to be injected into emails...

Heap Buffer Overflow

libexiv2.so is vulnerable to a Heap Buffer Overflow. The vulnerability is due to a heap buffer overflow triggered when writing metadata into a crafted image file, allows an attacker could exploit this to achieve code execution if a victim processes a malicious image with Exiv2...

Stored Cross-site Scripting (XSS)

moodle/moodle is vulnerable to Stored Cross-site Scripting XSS. The vulnerability is due to insufficient sanitization of user-inputted data in the site administration live log, allowing malicious scripts to be stored and executed when viewed...

Denial Of Service (DoS)

net.minidev, json-smart is vulnerable to Denial Of Service DoS. The vulnerability is due to loading a specially crafted JSON input with a large number of ‘’, which allows an attacker to trigger a Denial of Service DoS attack...

Denial Of Service (DoS)

qiskit is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of malformed symengine serialization streams within QPY files, allowing an attacker to trigger a segmentation fault in the symengine library using a malicious QPY file...

Cross-Site Scripting (Reflected XSS)

Leantime is vulnerable to cross-site scripting XSS. The vulnerability is due to improper input validation and output encoding in the "overdue" section, allowing attackers to upload malicious image files containing XSS payloads...

Arbitrary File Access

@graphql-mesh is vulnerable to Arbitrary File Access. The vulnerability is due to a missing validation check in the static file handler, which fails to restrict absolutePath to the designated staticFiles directory, allows attackers to access files outside the intended directory...

Bit Flipping Attack

cookie-encrypter is vulnerable to Bit flipping Attack. The vulnerability is due to the lack of integrity verification, allowing attackers to modify encrypted cookies without detection...

Denial Of Service (DoS)

Libming is vulnerable to Denial Of Service DoS. The vulnerability is due to improper memory management due to the parseABCCONSTANTPOOL and parseABCFILE functions in util/parser.c failing to release allocated memory, potentially leading to a denial of service via a crafted ABC file...

Denial Of Service (DoS)

Libming is vulnerable to Denial Of Service DoS. The vulnerability is due to improper memory management due to the parseSWFIMPORTASSETS2 function in util/parser.c failing to release allocated memory, potentially leading to a denial of service via a crafted SWF file...

Insecure Direct Object Reference (IDOR)

github.com/kubesphere/kubesphere is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is due to missing proper authorization checks, which allow low-privileged authenticated attackers to access sensitive resources directly...