Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is caused due to a failure to properly enforce permissions which allows a team admin user without "Add Team Members" permission to disable the invite URL...

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is caused due to a failure to enforce permissions which allows a guest user with read access to upload files to a channel...

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is caused due to a failure to redact remote user's original email addresses stored in user props when email addresses are otherwise configured not to be visible in the local server...

Denial Of Service (DoS)

REXML is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of deeply nested XML elements with the same local name attribute when using the REXML library's tree parser API. An attacker can exploit this by send a specially crafted XML document and that causes the...

Cross-Site Request Forgery (CSRF)

Hono is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to the CSRF middleware's case sensitivity in MIME type matching, which allows bypassing protection with upper-case MIME types...

Authentication Bypass

mageai is vulnerable to Authentication Bypass. The vulnerability is due to insufficient authentication controls that allow remote unauthenticated access to the terminal server command history...

Cross-Origin Resource Sharing (CORS) Bypass

github.com/usememos/memos is vulnerable to Cross-Origin Resource Sharing CORS Bypass. The vulnerability is due to a CORS misconfiguration where an arbitrary origin is reflected with Access-Control-Allow-Credentials set to true, which may allow an attacker to perform cross-origin requests,...

Stack-based Buffer Overflow

github.com/cosmwasm/wasmd is vulnerable to Stack-based Buffer Overflow. The vulnerability is due to improper memory handling, which can lead to stack overflow conditions.This can potentially crash the program or allow attackers to execute arbitrary code...

Cross Site Scripting (XSS)

ckeditor4 is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to a flaw in the Code Snippet GeSHi plugin. An attacker could craft a malicious script that could be executed by sending a request to the GeSHi library hosted on a PHP web server...

Cross Site Scripting (XSS)

ckeditor4 is vulnerable to Cross Site Scripting XSS. The vulnerability is caused by a missing input validation and output sanitization while rendering the page on the browser. This can lead to compromising Confidentiality and Integrity of the system...

Server Side Request Forgery (SSRF)

ckan is vulnerable to Server Side Request Forgery SSRF. The vulnerability is caused due to CKAN plugins like XLoader, DataPusher, Resource proxy and ckanext-archiver not validating the resource URLs while making HTTP request to access the remote resources. This can lead to a malicious or unaware...

Improper Validation Of Non-deterministic Behavior

github.com/cosmwasm/wasmd is vulnerable to Improper validation of non-deterministic behavior. The vulnerability is due to the incorrect marking of the SmartContractState query as safe, which may cause non-deterministic outcomes across different nodes. Attackers can potentially exploit this...

Information Leakage

Undertow is vulnerable to Information Leakage. The vulnerability is due to the reuse of the same StringBuilder instance across multiple requests by the ProxyProtocolReadListener, which can allows to unintended data exposure between requests or responses...

Code Injection

SquirrellyJS is vulnerable to Code Injection. The vulnerability is due to improper handling of input in the options.varName component of SquirrellyJS, allowing an attacker to inject and execute arbitrary code...

Sensitive Information Disclosure

ckan is vulnerable to Sensitive Information Disclosure. The vulnerability is caused due to leaking of the internal Solr URL potentially including credentials in the packagesearch calls as part of the returned error message when there are connection issues. This leads to compromising Confidentiali...

Session Spoofing

org.apache.helix, helix is vulnerable to Session Spoofing. The vulnerability is due to a hard-coded secret in the Apache Helix Front UI, which allows an attacker to generate their own fake cookies...

Cross Site Scripting (XSS)

ckan is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to the Datatables view plugin did not properly escape record data coming from the DataStore. This can lead to compromising confidentiality of the system...

Cross-Site Request Forgery (CSRF)

github.com/openshift/console is vulnerable to a Cross-Site Request Forgery CSRF. The vulnerability is due to insufficient entropy in the OAuth2 protocol's state parameter, which allows an attacker to log into the victim’s current application account using a third-party account without any...

Cross Site Scripting(XSS)

apacheairflow is vulnerable to a Cross Site ScriptingXSS. The vulnerability is due to the ability of a malicious provider to execute a script when a user clicks on a provider documentation link in docs.py and provided the provider is installed on the web server, which allows an attacker to exploi...

Improper Access Control

github.com/grafana/grafana is vulnerable to Improper Access Control. The vulnerability is caused by an improper authorization in the access control for plugin data sources protected by the ReqActions json field of the plugin.json. This authorization can be bypassed if the user or service account ...

Uncontrolled Recursion

matrix-js-sdk is vulnerable to Uncontrolled Recursion. The vulnerability is caused due to an infinite recursion in getRoomUpgradeHistory function causing the code to hang. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle and also by calling...

Incorrect Authorization

github.com/projectcapsule/capsule is vulnerable to Incorrect Authorization. The vulnerability is caused due to the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant i.e., namespaces without the ownerReference field. This can lead to an attacker gaining contro...

SQL Injection

github.com/lf-edge/ekuiper is vulnerable to SQL Injection. The vulnerability is due to insufficient input validation in the Get method of sqlKvStore, which allows the execution of malicious SQL queries...

Authorization Bypass

com.ctrip.framework.apollo:apollo is vulnerable to an Authorization Bypass. The vulnerability is due to insufficient permission checks in the synchronization configuration feature, allowing an attacker to modify a namespace without the necessary permissions...

Improper Authorization

org.springframework.security, spring-security-core is vulnerable to Improper Authorization. The vulnerability is caused due to a missing Authorization when using @AuthorizeReturnObject. This allows attacker to render security annotations inaffective...

Unauthorized Access

Umbraco CMS is vulnerable to unauthorized access. The vulnerability is due to insufficient access control mechanisms that fail to properly restrict access to certain endpoints based on user permissions, which allows to gain unauthorized information or performing actions outside their intended...

Information Disclosure

umbraco.cms is vulnerable Information Disclosure. The vulnerability is due to improper handling of error responses in the Management API, which causes stack trace information to be returned even when Umbraco is not in debug mode. It allows an attacker to gain access to internal details of the...

Denial Of Service (DoS)

org.springframework, spring-expression is vulnerable to a Denial of Service DoS. The vulnerability is due to the evaluation of user-supplied Spring Expression Language SpEL expressions, which attackers can exploit by providing specially crafted expressions that can overload the system...

Improper Access Control

ghost and @tryghost/portal is vulnerable for Improper Access Control. The vulnerability is due to missing authentication checks on certain endpoints used for member actions, allowing attackers to perform member-only actions and read member information without proper authorization...

Improper Privilege Management

github.com/kanisterio/kanister is vulnerable to Improper Privilege Management. The vulnerability is due to the edit ClusterRole having overly permissive permissions, including create, patch, and update verbs for daemonset resources, create verb for serviceaccount/token resources. An attacker can...

Divide By Zero

libzephyr.so is vulnerable to Divide By Zero. The vulnerability is caused due to a function llcppdudecodeconnupdateind within subsys/bluetooth/controller/llsw/ullllcppdu.c not validating the content before using it. This can lead to a malicious BLE device crash BLE peripheral's BLE controller by...

Zip Slip

mobsf is vulnerable to Zip Slip. The vulnerability is caused due to a missing validation while extracting .a extension files. This allows an attacker to extract files to any desired location within the server running MobS...

Denial Of Service (DoS)

Fugit is vulnerable to Denial Of Service DoS. The vulnerability is due to the parser’s lack of input length validation, which allows it to accept and endlessly process input without timely completion...

Server-Side Request Forgery (SSRF)

TruffleHog is vulnerable to unauthorized request execution. The vulnerability is due to insufficient validation of the data being scanned by TruffleHog's detectors, which allows maliciously crafted data to trigger unauthorized requests to attacker-chosen endpoints...

Authorization Bypass

io.github.microcks, microcks is vulnerable to Authorization Bypass. The vulnerability is caused due to a missing validation around POST /api/import and POST /api/export endpoints. This leads to Authorization bypass...

Cross Site Scripting (XSS)

bootstrap is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to a missing sanitization in the href attribute of the tag while working with data-slide and data-slide-to attributes. This could enable an attacker to execute arbitrary JavaScript within the victim's browser...

Sensitive Information Exposure

github.com/cilium/cilium is vulnerable to Sensitive Information Exposure. The vulnerability is caused due to not propagating ReferenceGrant changes in Cilium's GatewayAPI controller. This can lead to Gateway resources being able to access secrets for longer than intended or to Routes having the...

SQL Injection

github.com/stashapp/stash is vulnerable to SQL Injection. The vulnerability is caused due to not validating the values provided in the sort parameter while executing SQL query. This can lead to attacker retrieving data from database or can change values in the database tables...

Cross-Site Scripting

gettext.js is vulnerable to Cross-Site Scripting. The vulnerability is due to improper input sanitization in the parsing of .po dictionary definition files, allowing malicious code injection. Attackers can craft malicious .po files containing JavaScript code, which, when loaded and processed by...

Race Condition

github.com/cilium/cilium is vulnerable to a Race Condition. The vulnerability is due to a timing issue in the Cilium agent's label processing logic, potentially causing it to overlook node labels. An attacker could potentially exploit this by crafting malicious network traffic that would normally...

Insecure Permissions

com.xuxueli, xxl-job-core is vulnerable to Insecure Permissions. The vulnerability is due to improper access control and validation in the Sub-Task ID component. This allowing attackers to manipulate it to execute arbitrary code by crafting malicious input...

Path Traversal

github.com/hashicorp/nomad is vulnerable to path traversal. The vulnerability is due to there is no proper validation / sanitization during archive unpacking, which allows attackers to craft malicious archives that can write files outside the intended allocation directory...

Security Bypass

github.com/cilium/cilium is vulnerable to Security Bypass. The vulnerability is due to improper implementation of match precedence in Gateway API HTTPRoutes and GRPCRoutes, where request headers are matched before request methods. It allows an attacker to exploit the incorrect request handling...

Cross Site Scripting (XSS)

ibexa/fieldtype-richtext is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient input validation due to a blacklist approach that can be circumvented by using uppercase characters. This allows attackers with content editing permissions to inject malicious scripts into...

Cross Site Scripting(XSS)

Trix editor is vulnerable to Cross Site Scripting. The vulnerability is due to improper handling of text/html content types in the dataTransfer object during paste events, allowing attackers to execute arbitrary JavaScript by tricking users into pasting malicious code...

Missing Cryptographic Equivocation

github.com/cosmos/gaia is vulnerable to Missing Cryptographic Equivocation. The vulnerability is caused due to an issue in the Interchain Security ICS module that could result in the slashing of a validator for an "old" equivocation...

Arbitrary File Write

webcrack is vulnerable to Arbitrary File Write. The vulnerability is due to improper handling of path traversal sequences in module names in within the file bundle.ts, which allows attackers to overwrite files on Windows systems when using the unpack bundles and saving features...

Open Redirect Attack

WebOb is vulnerable to Open Redirect Attack. The vulnerability is due to improper handling of URLs by the urlparse within the response.py, which interprets URLs starting with // as lacking a scheme, causing the urljoin to incorrectly replace the original hostname...

Authorization Bypass

directus is vulnerable to Authorization Bypass. The vulnerability is caused due to a missing validation for the user parameter in the PATCH requests for the end point /presets. This allows an authenticated external attacker to modify presets created by the same user to assign them to another user...

Cross Site Scripting (XSS)

directus is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to a missing input validation and output sanitization. This can lead to an application inject an attacker-controlled parameter that will be stored in the server and used by the client into an unsanitized DOM eleme...