38111 matches found
Denial Of Service (DoS)
Koa is vulnerable to Denial of Service. The vulnerability is due to inefficient regular expression processing due to the use of an overly complex regex to parse the X-Forwarded-Proto and X-Forwarded-Host HTTP headers, which can be exploited to cause excessive resource consumption...
Denial Of Service (DoS)
github.com/cosmos/ibc-apps is vulnerable to Denial Of Service DoS. The vulnerability is due to disruptions in IBC transfers, allowing an attacker to interfere with asset transfers between their native chain and another chain...
Request Parameter Leakage
io.quarkus, quarkus-rest is vulnerable to Request parameter leakage. The vulnerability is due to request parameters leaking between concurrent requests due to endpoints using field injection without a CDI scope, allows an attacker to manipulate request data, impersonate users, or access sensitive...
Cross-Site Scripting (XSS)
org.apache.atlas, apache-atlas is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input sanitization, allowing an authenticated user to inject malicious scripts...
Denial Of Service (DoS)
io.netty:netty-handler is vulnerable to Denial of Service. The vulnerability is due to improper input validation due to incorrect handling of specially crafted packets in SslHandler, which can lead to a native crash...
Improper Authentication
github.com/distribution/distribution/v3 is vulnerable to Improper Authentication. The vulnerability is due to Improper Authentication due to inadequate verification of JSON Web Keys JWK in JSON Web Tokens JWT, allowing an attacker to inject an untrusted signing key when token authentication is...
Privilege Escalation
github.com/mayswind/ezbookkeeping is vulnerable to Privilege Escalation. The vulnerability is due to Privilege Escalation due to the lack of rate limiting, allowing a remote attacker to repeatedly attempt authentication or privilege elevation without restriction...
Improper Data Encryption
Temporal api-go is vulnerable to Improper Data Encryption. The vulnerability is due to missing Data Converter transformations due to the update response information not being processed by the Data Converter when using a gRPC proxy with the api-go module, leading to unencrypted data exposure...
Open Redirection
@sap/approuter is vulnerable to Open Redirection. The vulnerability is due to improper session handling due to an attacker injecting a malicious payload when trading an authorization code, allowing session hijacking and impacting the application's confidentiality and integrity...
Improper Access Control
esbuild is vulnerable to Improper Access Control. The vulnerability is due to improper CORS settings due to the development server allowing any website to send requests and read responses by default...
Denial Of Service
Net::IMAP is vulnerable to Denial of Service DoS. The vulnerability is due to memory exhaustion due to the response parser's use of Rangetoa, which allows a malicious server to send highly compressed uid-set data, leading to uncontrolled memory expansion...
Missing Encryption Of Sensitive Data
@coinbase/wallet-sdk is vulnerable to Missing Encryption of Sensitive Data. The vulnerability is due to the use of outdated versions due to an unspecified security flaw that does not directly impact users' keys, smart contracts, or funds...
Signature Bypass
github.com/distribution/distribution is vulnerable to Signature Bypass. The vulnerability is due to improper JSON Web Key JWK verification, allowing an attacker to forge a malicious JWT and bypass authentication...
Authentication Bypass
OpenSSL is vulnerable to Authentication Bypass. The vulnerability is due to SSLVERIFYPEER not enforcing handshake failure when the server's RPK does not match an expected key, allowing unauthenticated connections to proceed...
Prompt Injection
pandasai is vulnerable to Prompt Injection. The vulnerability is due to insufficient input validation in the interactive prompt function, allowing prompt injection to execute arbitrary Python code...
Privilege Escalation
com.instaclustr:cassandra-lucene-index-plugin is vulnerable to Privilege Escalation. The vulnerability is due to a flaw in the Instaclustr fork of Stratio's Cassandra-Lucene-Index plugin, which allows authenticated users to bypass the RBAC mechanism and gain elevated privileges...
Cross-site Scripting (XSS)
serialize-javascript is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper input sanitization due to the failure to properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject and execute malicious code when deserializ...
Authentication Bypass
OPCFoundation.NetStandard.Opc.Ua is vulnerable to an Authentication Bypass. The vulnerability is due to improper authentication enforcement due to weaknesses in HTTPS endpoint handling, allowing an unauthorized attacker to bypass application authentication...
Authorization Bypass
OPCFoundation.NetStandard.Opc.Ua is vulnerable to Authorization Bypass. The vulnerability is due to improper authentication enforcement due to the deprecated Basic128Rsa15 security policy being enabled, allowing an unauthorized attacker to bypass application authentication...
Sensitive Information Exposure
opensource-workshop/connect-cms is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper access control due to restricted information in site search results still being accessible via the main text feature...
SQL Injection
org.jeecgframework.boot, jeecg-boot-common is vulnerable to SQL injection. The vulnerability is due to improper input validation in the getTotalData component, allowing a remote attacker to execute malicious SQL queries and obtain sensitive information...
Denial Of Service (DoS)
io.netty, netty-common is vulnerable to Denial Of Service DoS. The vulnerability is due to an unsafe reading of the environment file, allows an attacker to create a large nonexistent file on Windows, causing Netty to crash due to an unsafe reading of the environment file...
Cross-Site Scripting (XSS)
org.apache.felix, org.apache.felix.webconsole is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper neutralization of user-supplied input during web page generation, which allows an attacker to inject and execute malicious scripts in a user's browser...
Cross-Site Scripting (XSS)
redaxo/source is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of the "Article Name" argument in the Structure Management Page, allowing remote attackers to inject malicious scripts...
Denial Of Service (DoS)
Apache James Server is vulnerable to Denial of Service DoS. The vulnerability is due to unbounded memory consumption due to the JMAP HTML-to-plain-text conversion implementation failing to properly limit resource usage, potentially leading to service disruption...
Path Traversal
github.com/clidey/whodb/core is vulnerable to Path Traversal. The vulnerability is due to improper path validation due to the lack of checks when joining user-controlled database file names with the default directory, allowing an attacker to use path traversal ../../ to access any Sqlite3 databas...
Parameter Injection
github.com/clidey/whodb/core is vulnerable to Parameter Injection. The vulnerability is due to unsafe string concatenation due to improper handling of user input in database connection URIs, allowing an attacker to inject parameters like allowAllFiles=true and read local files thr ugh the LOAD DA...
Cache Poisoning
vLLM is vulnerable to Cache Poisoning. The vulnerability is due to hash collisions due to the use of Python's built-in hash function for prefix caching, which makes hashNone a predictable constant value, allowing an attacker to intentionally populate the cache with colliding prompts and interfere...
Cross-Site Scripting (XSS)
@nuxtjs/mdc is vulnerable to cross-site scripting XSS. The vulnerability is due to a deny-list approach in URL parsing that fails to properly filter encoded HTML entities, allowing an attacker to bypass security checks and execute arbitrary JavaScript...
Remote Code Execution (RCE)
mitmproxy is vulnerable to Remote Code Execution RCE. The vulnerability is due to mitmweb's proxy server allowing access to its internal API, allowing an attacker to perform SSRF and potentially escalate to remote code execution...
XML External Entity (XXE)
xml2rfc is vulnerable to XML External Entity XXE. The vulnerability is due to improper enforcement of the --allow-local-file-access flag, allowing XML entity references to access local files within the source directory, leading to potential information disclosure...
Access Control Vulnerability
opensource-workshop/connect-cms is vulnerable to Access control vulnerability. The vulnerability is due to improper access control mechanisms, allowing unauthorized access to restricted areas of the management system...
Improper Input Validation
github.com/drakkan/sftpgo is vulnerable to Improper Input Validation. The vulnerability is due to missing sanitization of the client-provided rsync command, allowing an authenticated remote user to read or write files with the permissions of the SFTPGo server process...
User Enumeration
pimcore/admin-ui-classic-bundle is vulnerable to User Enumeration. The vulnerability is due to improper error handling in the "Forgot password" function, which reveals valid account usernames, allows an attacker to identify existing user accounts and use them for further attacks such as brute-for...
Man-In-The-Middle (MITM)
org.apache.cassandra:cassandra-all is vulnerable to a Man-In-The-Middle attack. The vulnerability is due to improper RMI registry protections due to the ability of a local attacker to manipulate the RMI registry, allowing them to capture JMX interface credentials and perform unauthorized operatio...
Buffer Overflow
libcurl.so is vulnerable to a Buffer Overflow. The vulnerability is due to an attacker-controlled integer overflow due to the use of zlib when performing automatic gzip decompression with the CURLOPTACCEPTENCODING option, leading to a potential buffer overflow...
Duplicate Operations On Resource
libcurl is vulnerable to Duplicate Operations on Resource. The vulnerability is due to improper handling of eventfd file descriptors due to closing the same descriptor twice after completing a threaded name resolution, which may lead to unexpected behavior or resource leaks...
Credential Exposure
Curl is vulnerable to Credential Exposure. The vulnerability is due to improper handling of .netrc credentials due to the presence of a default entry without login and password, which can lead to the unintended leakage of credentials to redirected hosts...
Prototype Pollution
@ndhoule/defaults is vulnerable to Prototype pollution. The vulnerability is due to improper handling of object properties in the lib.deep function, allowing attackers to supply a crafted payload, leading to a Denial of Service DoS...
Prototype Pollution
utils-extend is vulnerable to Prototype Pollution. The vulnerability is due to the lib.extend function, which allows an attacker to modify the global prototype chain and potentially cause a denial of service DoS...
Prototype Pollution
Vxe-table is vulnerable to Prototype pollution. The vulnerability is due to prototype pollution in the lib.install function, which allows attackers to supply a crafted payload, leading to a Denial of Service DoS...
Prototype Pollution
eazy-logger is vulnerable to prototype pollution. The vulnerability is due to prototype pollution caused by the lib.Logger function allowing attackers to supply a crafted payload, leading to a Denial of Service DoS...
Prototype Pollution
@zag-js/core is vulnerable to prototype pollution. The vulnerability is due to improper handling of crafted payloads in the lib.deepMerge function, allowing attackers to cause a Denial of Service DoS...
Prototype Pollution
module-from-string is vulnerable to Prototype pollution. The vulnerability is due to improper handling of user-supplied input in the lib.requireFromString function, allowing attackers to supply a crafted payload, leading to a Denial of Service DoS...
Prototype Pollution
@rpldy/uploader is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of user-supplied input in the lib.createUploader function, allowing attackers to manipulate object properties and cause a Denial of Service DoS attack via a crafted payload...
Prototype Pollution
@tanstack/form-core is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of object properties in the lib.mutateMergeDeep function, allowing attackers to inject properties into JavaScript prototypes by supplying a crafted payload...
Authentication Bypass
NGINX is vulnerable to Authentication Bypass. The vulnerability is due to shared TLS session states due to the use of TLS Session Tickets and/or the SSL session cache in the default server, which performs client certificate authentication. Attackers can use session resumption to bypass...
Denial Of Service
GitLab is vulnerable to Denial of Service DoS. The vulnerability is due to the server's failure to safely process crafted OpenAPI files, and attackers can exploit this to consume excessive resources or crash the service, leading to a denial of service...
Authentication Bypass
GitLab CE/EE is vulnerable to Authentication bypass. The vulnerability is due to an issue where an LDAP user can reset their password using their verified secondary email address, bypassing LDAP authentication. Attackers can exploit this to gain direct access to affected GitLab instances without...
Arbitrary Code Execution
ckan is vulnerable to Arbitrary Code Execution. The vulnerability is due to insufficient validation of uploaded files, allowing a specially crafted file to execute code when opened by an administrator, potentially leading to privilege escalation or other malicious actions...