Path Traversal

github.com/mattermost/mattermost-server is vulnerable to Path Traversal. The vulnerability is due to insufficient input sanitization in the frontend for user-provided redirection paths. This allows attackers to craft malicious links that trick unsuspecting users into clicking on them, leading to...

Unauthorized Session Creation And Password Reset

github.com/mattermost/mattermost-server is vulnerable to Unauthorized Session Creation And Password Reset. The vulnerability is due to a lack of proper validation for remote/synthetic users due to a shared channel configuration. This allows attackers to create munged email addresses using shared...

Path Traversal

github.com/mattermost/mattermost-server is vulnerable to Path Traversal. The vulnerability is due to improper input validation of the CA path file in the Elasticsearch configuration due to a lack of proper sanitization and validation. This allows an attacker to provide a malicious path, such as...

SQL Injection

Centreon Web is vulnerable to SQL Injection. The vulnerability is due to improper input validation in the Downtime component, which allows attackers to execute arbitrary SQL commands...

Sensitive Cookie In HTTPS Session Without "Secure" Attribute

taipy is vulnerable to Sensitive Cookie in HTTPS Session Without "Secure" Attribute. The vulnerability is due to the improper setting of security flags on session cookies. An attacker can intercept or tamper with the cookie over insecure connections by exploiting the lack of Secure and HttpOnly...

Uncontrolled Resource Consumption

github.com/CosmWasm/wasmvm is vulnerable to Uncontrolled Resource Consumption. The vulnerability is due to improper handling of specifically crafted Wasm files, leading to high memory usage, potential slowdowns, crashes, and lock poisoning in the VM and potentially leads to DoS...

Uncontrolled Recursion

@apollo/gateway and @apollo/query-planner are vulnerable to Uncontrolled Recursion. The vulnerability is due to the query planner potentially entering an infinite loop when processing sufficiently complex queries, leading to unbounded memory consumption and possible system crashes...

CORS Misconfiguration

github.com/casdoor/casdoor is vulnerable to CORS Misconfiguration. The vulnerability is due to improper origin header validation, which only checks for a prefix, allowing any domain with a valid subdomain prefix to make cross-domain requests to Casdoor as the logged-in user...

Authentication Bypass

flowise is vulnerable to Authentication Bypass. The vulnerability is due to inadequate authentication controls that fail to properly verify user credentials, allowing unauthenticated attackers to access administrator-level API endpoints...

Denial Of Service (DoS)

Flowise is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of user-supplied input to the /api/v1/get-upload-file API endpoint, which allows an attacker to crash the instance running the vulnerable version...

Request Smuggling

Apache Traffic Server is vulnerable to Request Smuggling. The vulnerability is caused due to the server sending malformed HTTP chunked trailer section to origin servers...

Unauthorized Access

aws-cdk is vulnerable to Unauthorized Access. The vulnerability is due to improper handling of authorization scopes when using the RestApi construct with CognitoUserPoolAuthorizer This flaw allows authenticated Amazon Cognito users to gain broader access than intended...

Cross Site Scripting(XSS)

Webpack is vulnerable to Cross Site ScriptingXSS. The vulnerability is due to improper handling and lack of sanitization of HTML elements and their attributes in Webpack's AutoPublicPathRuntimeModule, allowing attacker-controlled elements to execute malicious scripts...

Incorrect Input Validation

Apache Traffic Server is vulnerable to Incorrect Input Validation. The vulnerability is caused due to Invalid Accept-Encoding header. This can lead to fail cache lookup and force forwarding requests...

NULL Pointer Dereference

Fort is vulnerable to NULL Pointer Dereference. The vulnerability is caused due to a malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a null eContent field which Fort dereferences without sanitizing it first. Because...

NULL Pointer Dereference

Fort is vulnerable to NULL Pointer Dereference. The vulnerability is caused due a malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. When compiled wi...

Buffer Overflow

Fort is vulnerable to Buffer Overflow. The vulnerability is caused due to a malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a Key Usage extension composed of more than two bytes of data. Fort writes this string into...

Denial Of Service (DOS)

Fort is vulnerable to Denial Of Service DOS. The vulnerability is caused due to a malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a signed object containing an empty signedAttributes field which Fort accesses without sanitizing it first. Because For...

NULL Pointer Dereference

Fort is vulnerable to NULL Pointer Dereference. The vulnerability is caused due to a malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing an Authority Key Identifier extension that lacks the keyIdentifier field which For...

Denial Of Service (DOS)

Fort is vulnerable to Denial Of Service DOS. The vulnerability is caused due to a malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a signedAttrs encoded in non-canonical form which bypasses Fort's BER decoder. This...

Race Condition

k8s.io/kubernetes is vulnerable to Race Condition. The vulnerability is caused due to Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Services, Pods, Nodes, or StorageClass service providers. As part of this...

Improper Input Validation

github.com/imroc/req is vulnerable to Improper Input Validation. The vulnerability is caused due to a missing validation for the malformed URL when an unintended request is sent as cleanHost in http.go intentionally uses a "garbage in, garbage out" design...

Improper Input Validation

Google Snappy library is vulnerable to a Improper Input Validation. The vulnerability is due to an overlap in the memcpy parameters, which could result in a crash or unintended read from other parts of process memory...

Sensitive Information Disclosure

openstack-heat is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the stack abandon command with the hidden feature set to True by which an attacker can disclose sensitive information...

Improper File Path Handling

unzip-stream is vulnerable to Improper File Path Handling. The vulnerability is due to the Extract method allowing malicious zip files to write to unauthorized paths...

Denial Of Service (DOS)

github.com/mattermost/mattermost-plugin-channel-export is vulnerable to Denial Of Service DOS. The vulnerability is caused due to a failure to restrict concurrent runs of the /export command. The can allow an attacker to consume excessive resource by running the /export command multiple times at...

Code Injection

llamaindex is vulnerable to Code Injection. The vulnerability is caused due to a missing validation for the clsname variable used in the exec call in the download/integration.py script. An attacker can execute arbitrary code by injecting malicious input into the clsname variable used in the exec...

Cross Site Scripting(XSS)

fastapi-admin is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient validation of the Product Name parameter in the Config-Create function, allowing attackers to inject and execute arbitrary web scripts or HTML...

Cross Site Scripting

fastapi-admin is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient validation and sanitization of the Product Name parameter in the Create Product function, which allows attackers to inject and execute arbitrary web scripts or HTML...

Cross Site Scripting(XSS)

Khoj is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to insufficient sanitization of the q parameter in the /api/automation endpoint, which allows users to inject arbitrary HTML/JS into task instructions...

Unauthorized API Access

goauthentik.io is vulnerable to unauthorized API access. The vulnerability is due to a lack of proper authentication enforcement on specific API endpoints due to missing authorization checks. This allows unauthenticated users to access sensitive information such as private keys and certificates b...

Cross Site Scripting

github.com/casdoor/casdoor is vulnerable to Cross Site Scripting. The vulnerability is due to improper input validation in the successUrl parameter that redirects users after a successful purchase. Attacker can craft a Casdoor link with a malicious URL and trick users into making a payment...

Unauthorized Access

github.com/jpillora/chisel is vulnerable to Unauthorized Access. The vulnerability is due to the Chisel server not reading the documented AUTH environment variable, which allows unauthenticated users to connect even when credentials are set...

Improper Authorization

github.com/hyperledger/fabric is vulnerable to Improper Authorization. the vulnerability is due to the improper verification of timestamp authenticity within the request handling process. An attacker can manipulate the timestamp to bypass security controls by sending a crafted request with a...

Arbitrary File Read

org.apache.seatunnel, seatunnel-web is vulnerable to Arbitrary File Read. The vulnerability is caused due to a missing validation in the MySQL connection URL using parameters allowLoadLocalInfile, allowLoadLocalInfile , allowUrlInLocalInfile and allowLoadLocalInfileInPath. This can lead to an...

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is caused due to a failure to restrict which roles can promote a user as system admin which allows a System Role with edit access to the permissions section of system console to update their role...

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is caused due to a failure to enforce proper access controls which allows any authenticated user, including guests, to mark any channel inside any team as read for any user...

Improper Check For Unusual Or Exceptional Conditions

github.com/mattermost/mattermost-server is vulnerable to Improper Check For Unusual Or Exceptional Conditions. The vulnerability is caused due to a failure to restrict the input in POST /api/v4/users which allows a user to manipulate the creation date in POST /api/v4/users tricking the admin into...

Incorrect Default Permissions

RequestStore is vulnerable to Incorrect Default Permissions. The vulnerability is due to the files being published with world-writable permissions, This allowing attackers to execute arbitrary code...

Incorrect Input Validation

libfrr.so is vulnerable to Incorrect Input Validation. The vulnerability is caused due to an issue in function bgpattrencap within bgpd/bgpattr.c which does not check the actual remaining stream length before taking the TLV value...

Improper Verification Of Cryptographic Signature

org.springframework.boot:spring-boot-loader and org.springframework.boot:spring-boot-loader-classic are vulnerable to Improper Verification of Cryptographic Signature due to the signature verification process in nested jar files. An attacker can manipulate the signature to appear as if it was...

Cross-site Scripting (XSS)

pretix is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper user input sanitization in the placeholders like name or event. An attacker can inject HTML tags into email previews on the settings page by exploiting this vulnerability...

Cross-site Scripting (XSS)

automad/automad is vulnerable to Cross-site Scripting XSS. The vulnerability is due to insufficient input sanitization, allowing an attacker to inject malicious JavaScript code into the template body, which is then stored in the CMS and executed in the browser of any user visiting the forum...

Remote Code Execution (RCE)

org.apache.dolphinscheduler:dolphinscheduler-task-api is vulnerable to Remote Code Execution. The vulnerability is due to insufficient validation of user input within the HttpTaskDefinitionParser.java file, allowing attackers to execute arbitrary code on the affected system...

Arbitrary File Leakage

Mage AI is vulnerable to Arbitrary File Leakage. The vulnerability is due to improper validation and handling of file paths in the "File Content" request, which allows unauthorized users to access files outside of their intended scope...

Path Traversal

Mage AI is vulnerable to Path Traversal. The vulnerability is due to improper handling of file paths in the "Pipeline Interaction" request, which allows an attacker to leak arbitrary files from the Mage server...

Path Traversal

Mage AI is vulnerable to Path Traversal. The vulnerability is due to improper input validation, allowing remote users with the "Viewer" role to leak arbitrary files from the Mage server through the "Git Content" request...

Remote Code Execution (RCE)

mageai is vulnerable to Remote Code Execution RCE. The vulnerability is due to inadequate account management that fails to properly revoke privileges and sessions of guest users after their accounts are deleted and allows them to execute arbitrary code through the Mage AI terminal server...

Improper File Permissions

froxlor/froxlor is vulnerable to Improper File Permissions. The vulnerability is due to XML templates in certain branches of Froxlor setting chmod 644 for /etc/pure-ftpd/db/mysql.conf, which allows an attacker to expose the to all users with access to the system...

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is caused due to a failure to properly enforce permissions which allows a user with systems manager role with read-only access to teams to perform write operations on teams...