Denial Of Service (DoS)

@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/node, @sentry/nuxt, @sentry/remix, @sentry/solidstart and @sentry/sveltekit are vulnerable to Denial of Service DoS. The vulnerability is due to resource exhaustion due to...

Path Traversal

Deep Java Library DJL is vulnerable to a Path Traversal. The vulnerability is due to insufficient validation of file paths in the ZipUtils.unzip and TarUtils.untar methods, allows an attacker to manipulate file paths, enabling them to write files to arbitrary locations on the system...

Bot Protection Bypass

Anubis is vulnerable to Bot Protection Bypass. The vulnerability is due to insufficient validation due to allowing attackers to specify a nonce and set the challenge difficulty to zero, effectively bypassing the bot protection mechanism...

Symbolic Link Attack

github.com/golang/glog is vulnerable to symbolic link attack. The vulnerability is due to improper log file handling, which allows logs to be written to a widely-writable directory and also allows an attacker to pre-create a symlink to a sensitive file, which a privileged process may then overwri...

Signature Forgery Attack

org.apache.hive, hive-llap-common is vulnerable to signature forgery attack. The vulnerability is due to the use of Arrays.equals for signature validation, which allows an attacker to forge a valid signature byte by byte due to its non-constant-time comparison...

SQL Injection

pimcore/customer-management-framework-bundle is vulnerable to SQL injection. The vulnerability is due to improper handling of the filterDefinition/filter argument in the file /admin/customermanagementframework/customers/list, which allows execution of SQL commands...

Cross-Site Scripting (XSS)

pimcore/pimcore is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of the Search Document component, allowing remote attackers to manipulate it and execute cross-site scripting attacks...

Deserialization Of Untrusted Data

vLLM is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to unsafe deserialization due to the torch.load function loading malicious pickle data with weightsonly set to False, allowing arbitrary code execution during unpickling...

Cross-site Scripting (XSS)

Dolibarr is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input sanitization due to a crafted payload injected into the Title parameter in the Product module, allowing attackers to execute arbitrary web scripts or HTML...

Privilege Escalation

org.apache.solr, solr-core is vulnerable to Privilege Escalation. The vulnerability is due to the use of the "FileSystemConfigSetService" component in "standalone" or "user-managed" mode without authentication or authorization, allowing attackers to replace trusted configset files with potentiall...

Relative Path Traversal

org.apache.solr, solr-core is vulnerable to Relative Path Traversal. The vulnerability is due to a lack of input sanitization in the "configset upload" API, which allows the arbitrary filepath write-access when processing ZIP files...

Cross-Site Scripting (XSS)

Dolibarr is vulnerable to cross-site scripting XSS. The vulnerability is due to improper input sanitization of user-supplied data in the Title parameter of the Events/Agenda module, allowing attackers to inject and execute arbitrary scripts...

Arbitrary Code Execution

ASTEVAL is vulnerable to Arbitrary Code Execution. The vulnerability is due to improper handling of FormattedValue AST nodes due to the use of Python's str.format method, allowing attackers to bypass restrictions and execute arbitrary code...

Server-Side Request Forgery (SSRF)

github.com/imgproxy/imgproxy is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper restriction of loopback addresses, allowing access to local services by not blocking the 0.0.0.0 address even when IMGPROXYALLOWLOOPBACKSOURCEADDRESSES is set to false...

XML External Entity

org.hl7.fhir.publisher:org.hl7.fhir.publisher.cli and org.hl7.fhir.publisher:org.hl7.fhir.publisher.core are vulnerable to XML External Entity XXE Injection. The vulnerability is due to improper XML parsing due to XSLT transforms allowing malicious XML with external entity references to access...

Cross-Origin Resource Sharing (CORS) Misconfiguration

Nuxt is vulnerable to Cross-Origin Resource Sharing CORS misconfiguration. The vulnerability is due to default CORS settings in Nuxt, which allowed any website to send requests to the development server and read the responses. It allows an attacker to send requests from a malicious website and...

Incorrect Usage Of Seeds

org.apache.cocoon, cocoon-forms-impl is vulnerable to Incorrect Usage of Seeds . The vulnerability is due to predictability in the random number generation process, as the PRNG was seeded with the startup time, allowing attackers to guess continuation identifiers and access unauthorized...

Script Injection

Nuxt is vulnerable to Script injection. The vulnerability is due to the lack of same-origin policy enforcement for script requests, allows attackers to inject malicious scripts into a victim's site via a script tag, bypassing security measures intended to prevent such cross-origin interactions...

Incorrect Default Permissions

org.jenkins-ci.plugins, oic-auth is vulnerable to Incorrect Default Permissions. The vulnerability is due to the Jenkins OpenId Connect Authentication Plugin improperly handling username case sensitivity, which allows attackers to bypass authentication mechanisms by submitting usernames that diff...

Authentication Bypass

Keycloak is vulnerable to Authentication Bypass. The vulnerability is due to the system updating passwords without performing an LDAP bind to validate the new credentials against Active Directory, allowing users with expired or disabled AD accounts to regain access and bypass AD restrictions...

Sensitive Data Exposure

github.com/cilium/cilium is vulnerable to Sensitive Data Exposure. The vulnerability is due to improper default configuration of the Access-Control-Allow-Origin header, which allows cross-origin requests from untrusted sources, potentially exposing sensitive information when accessing the Hubble ...

Sensitive Information Exposure

github.com/updatecli/updatecli is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper log sanitization due to private Maven repository credentials being exposed in logs when a retrieval operation fails...

Cross-site Scripting (XSS)

store2 is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input sanitization in the store.deep.js component, allowing a remote attacker to execute arbitrary code...

Denial Of Service (DoS)

github.com/cilium/cilium is vulnerable to Denial Of Service DoS. The vulnerability is due to a flaw in Cilium's handling of DNS traffic when configured to proxy it in a Kubernetes cluster, allowing an attacker to send a crafted DNS response to workloads outside the cluster, causing Cilium agents ...

Cross-site Scripting (XSS)

pscontactinfo is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of formatted addresses, which allows stored script execution when combined with third-party modules...

Cross-Site Scripting (XSS)

phpmyadmin/phpmyadmin is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper sanitization of user-supplied input in table or database names within the check tables feature, allowing an attacker to execute arbitrary JavaScript in the victim's browser...

Sandbox Escape

restrictedpython is vulnerable to Sandbox Escape. The vulnerability is due to a type confusion bug in CPython when using try/except, which allows an attacker to bypass the security restrictions in RestrictedPython...

Path Traversal

github.com/envoyproxy/gateway is vulnerable to a Path Traversal. The vulnerability is due to improper access control, allowing a user with access to the Kubernetes cluster to execute Envoy Admin interface commands on proxies managed by any version of Envoy Gateway...

Temporary File Retention

@fastify/multipart is vulnerable to Temporary File Retention. The vulnerability is due to the saveRequestFiles function failing to delete temporary uploaded files when a user cancels the request, allows an attacker to repeatedly initiate and cancel file uploads, leading to excessive disk space...

Remote Code Execution (RCE)

craftcms/cms is vulnerable to Remote Code Execution RCE. The vulnerability is due to compromised security keys, which allow attackers to execute arbitrary code on affected installations...

Privilege Escalation

Directus is vulnerable to Privilege Escalation. The vulnerability is due to improper access control in the sharing feature, which allows users to specify arbitrary roles, bypassing role-based restrictions and gaining access to fields that are normally restricted for certain roles...

Denial Of Service (DoS)

org.apache.wicket,wicket-core is vulnerable to Denial of Service DOS. The vulnerability is due to improper request handling in the core, which allows an attacker to flood the server with multiple requests to server resources, leading to a Denial of Service...

Reflected Cross Site Scripting (XSS)

silverstripe/framework is vulnerable to cross-site scripting XSS. The vulnerability is due to improper handling of error messages, which allows execution of a malicious payload included in a URL when the website is set to the "dev" environment mode...

Arbitrary Code Execution (ACE)

asteval is vulnerable to Arbitrary Code Execution ACE. The vulnerability is due to insufficient input validation, which allows attackers to bypass safety restrictions and execute arbitrary Python code within the application's context...

Cross-site Scripting (XSS)

Umbraco is vulnerable to cross-site scripting XSS. The vulnerability is due to improper sanitization in certain localized backoffice components, allowing authenticated users to inject malicious scripts when viewing these components...

Server-Side Request Forgery (SSRF)

Fedify is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper validation of the Webfinger mechanism, allowing attackers to perform GET requests to internal resources, cause denial of service via infinite loops, or execute blind SSRF attacks...

Denial Of Service (DoS)

org.apache.cxf, cxf-core is vulnerable to Denial of Service DoS. The vulnerability is due to CachedOutputStream instances not being closed in certain edge cases, potentially filling up the file system when backed by temporary files, allows an attacker to exhaust the file system...

Out Of Memory Error

org.elasticsearch, elasticsearch is vulnerable to Out of Memory Error. The vulnerability is due to unrestricted resource allocation in Elasticsearch, where there are no limits or throttling mechanisms in place to manage resource usage effectively. It allows malicious queries, such as those using...

Credential Disclosure

github.com/writefreely/writefreely is vulnerable to Credential Disclosure. The vulnerability is due to improper configuration management. Specifically, the sensitive information in the config.ini file is not adequately protected, allowing local users to access it and discover credentials when MyS...

Cross-Site Request Forgery (CSRF)

codechecker is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to improper authentication handling in CodeChecker, which allows an attacker to hijack the authentication of a logged-in user and perform actions with the same permissions...

Cross-site Scripting (XSS)

YesWiki is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper validation in the attach component, where a non-existing resource in the file attribute generates a file upload button, allowing authenticated users with edit or comment permissions to inject malicious scripts...

Relative Path Traversal

github.com/hashicorp/go-slug is vulnerable to Relative Path Traversal. The vulnerability is due to improper path validation when extracting user-provided paths from tar entries, allowing for directory traversal and potential overwriting of arbitrary files...

Cross-site Scripting (XSS)

YesWiki is vulnerable to a Cross-Site Scripting XSS. The vulnerability is due to improper sanitization of user input in the search by tag feature, allowing a malicious user to craft a link that triggers an XSS when clicked. This results in potential account takeover, stealing other accounts,...

Denial Of Service (DoS)

The compose-go library is vulnerable to a Denial of Service DoS. The vulnerability is due to excessive memory and CPU consumption when parsing malicious YAML payloads, which can be sent by an authorized user...

Predictable Boundary Selection

Undici is vulnerable to predictable boundary selection. The vulnerability is due to the use of Math.random to choose the boundary, which can be predicted if several of its values are known, potentially allowing an attacker to tamper with requests to backend APIs...

Cross-Site Scripting (XSS)

PhpSpreadsheet is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper sanitization or escaping of user input when converting XLSX files into HTML, allows malicious scripts to be embedded in the file content and executed in the context of the user's browser...

Arbitrary File Deletion

yeswiki/yeswiki is vulnerable to Arbitrary File Deletion. The vulnerability is due to improper file permission handling, where authenticated users can delete files owned by the FastCGI Process Manager FPM user, allowing them to arbitrarily remove critical files without any scope limitation...

Account Enumeration

umbraco.cms is vulnerable to Account Enumeration. The vulnerability is due to discrepancies in response codes and the timing of Umbraco management API responses, which allow attackers to infer the existence of specific accounts...

Cross-Site Scripting (XSS)

mathlive is vulnerable to Cross-site scripting XSS. The vulnerability is due to the lack of proper escaping of HTML content when using commands like \htmlData, which allows the injection and execution of malicious scripts...

Privilege Escalation

github.com/containers/buildah is vulnerable to Privilege Escalation. The vulnerability is due to improper use of the --mount flag in multi-stage builds, which exposes content from the build host to the command run in the RUN instruction. When the build process is performed with root privileges, i...