Denial Of Service (DoS)

golang.org/x/net is vulnerable to Denial Of Service DoS. The vulnerability is due to the client mishandling cases where a server responds with a non-informational status, which leaves the client connection in an invalid state. Attackers can exploit this by sending "Expect: 100-continue" requests ...

Remote Code Execution (RCE)

torrentpier/torrentpier is vulnerable to Remote Code Execution RCE. The vulnerability is due to the unsafe handling of user-controlled data specifically cookies within the gettracks function in torrentpier/library/includes/functions.php, where unsafe usage of PHP's native serialization format...

Username Enumeration

web-auth/webauthn-framework and web-auth/webauthn-lib are vulnerable to Username Enumeration. The vulnerability is due to the ProfileBasedRequestOptionsBuilder method returning allowedCredentials without any credentials if no username was found. This allows an attacker to enumerate valid username...

Path Traversal

@jmondi/url-to-png is vulnerable to Path Traversal. The vulnerability is due to the lack of proper sanitization or validation of the ImageId input within extractqueryparams.ts, which allows an attacker to store an image in an arbitrary location that the server has permission to access...

JNDI Injection

org.apache.linkis: linkis-common is vulnerable to JNDI Injection. The vulnerability is due to insufficient filtering of db2 parameters, allowing an attacker with access to an authorized Linkis account to configure malicious parameters in the DataSource Manager Module which results in JNDI Injecti...

Information Disclosure

@jmondi/url-to-png is vulnerable to Information Disclosure. The vulnerability is caused due to a lack of a blocklist mechanism to restrict which URLs can be captured as screenshots. This allows an attacker to potentially capture screenshots of sensitive information from local web services...

Code Injection

langchain-experimental is vulnerable to Code Injection. The vulnerability is due to the use of 'eval' on all retrieved values from the database when the server is configured with VectorSQLDatabaseChain...

Information Disclosure

fastapi-opa is vulnerable to Information Disclosure. The vulnerability is due to lack of authentication enforcement for HTTP OPTIONS requests by OpaMiddleware, allowing an unauthenticated attacker to determine the existence of entities within the application based on the responses to these reques...

Arbitrary File Read

org.apache.linkis: linkis-common is vulnerable to Arbitrary File Read. The vulnerability is due to a lack of effective filtering of parameters, allowing an attacker with an authorized linkis account to configure malicious MySQL JDBC parameters in the DataSource Manager Module which results in...

Cross Site Scripting (XSS)

@udecode/plate-media is vulnerable to Cross Site Scripting XSS. The vulnerability is due to lack of proper URL sanitization in MediaEmbedElement and custom urlParsers and direct consumption of the url property, which allows an attacker to embed malicious URLs using javascript:, data:, or vbscript...

Remote Code Execution (RCE)

org.apache.linkis: linkis-datasource is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper deserialization of untrusted data in the data source management module when adding a MySQL data source. If an attacker obtains an authorized linkis account, they can exploit JRMP ...

Code Injection

setuptools is vulnerable to Code Injection. The vulnerability is due to the packageindex module's download function, which can execute arbitrary OS commands when exposed to user-controlled inputs such as package URLs...

Improper Restriction Of Excessive Authentication Attempts

xrdp is vulnerable to Improper Restriction of Excessive Authentication Attempts. The vulnerability is due to a configuration parameter MaxLoginRetry not effectively limiting the number of login attempts...

Remote Code Execution (RCE)

Microsoft.ChakraCore is vulnerable to Remote Code Execution RCE. The vulnerability is due to memory corruption bug triggered by a crafted web page, which can result in Remote Code Execution RCE...

Denial Of Service (DoS)

Envoy is vulnerable to Denial Of Service DoS. The vulnerability is due to how Envoy invoked the nlohmann JSON library via source/common/json/jsoninternal.cc, which could throw an uncaught exception from downstream data if incomplete UTF-8 strings were serialized. The vulnerability allows an...

Remote Code Execution (RCE)

org.apache.wicket: wicket-core is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe default XML parsing configuration, allowing attackers to inject malicious code that can execute arbitrary commands on the server through a crafted XSLT document...

SQL Injection

github.com/openclarity/kubeclarity is vulnerable to SQL Injection. The vulnerability is due to manipulating the packageID parameter in the /api/applicationResources endpoint, where the fmt.Sprintf function is used to build the SQL query string without validating the input. It allows an attacker t...

Remote Code Execution (RCE)

Microsoft.ChakraCore is vulnerable to Remote Code Execution RCE. The vulnerability is due to a memory corruption bug which results from a crafted website, allowing an attacker to execute arbitrary code or cause a Denial of Service DoS...

Local File Inclusion (LFI)

solara is vulnerable to Local File Inclusion LFI. The vulnerability is due to improper ../ validation within URI fragments when serving static files, which allows an attacker to manipulate the fragment part of the URI to read arbitrary files on the local file system, resulting in directory...

Cross-Site Scripting (XSS)

auth0/wordpress is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of the wle parameter, which could accept an arbitrary string and be improperly rendered on the login page, resulting in Cross-Site Scripting XSS...

Authentication Bypass

github.com/nats-io/nats-server is vulnerable to Authentication bypass. The vulnerability is due to a failure to enforce negative user permissions in one scenario. Attackers can exploit this by using a queue subscription on the wildcard to access denied subjects...

Regular Expression Denial Of Service (ReDoS)

Wagtail is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression handling in the parsequerystring process for long query strings without spaces, allowing attackers to submit crafted queries that consume excessive server resources and...

Arbitrary File Overwrite

aim is vulnerable to Arbitrary File Overwrite. The vulnerability is due to improper handling of the runhash and repo.path parameters in the backuprun-function, allowing any file on the host server to be overwritten and arbitrary data to be exfiltrated...

Incorrect Authorization

reddiscordbot is vulnerable to Incorrect Authorization. The vulnerability is due to the absence of a permission check in the commands.canmanagechannel command permission, allowing unauthorized users to execute commands intended for those with channel management permissions. Attackers can exploit...

Authorization Bypass

alextselegidis/easyappointments is vulnerable to Authorization Bypass. The vulnerability is due to insufficient access control checks on the POST /admins endpoint, allowing low privileged users to create high privileged users admins, resulting in privilege escalation...

Authorization Bypass

alextselegidis/easyappointments is vulnerable to Authorization Bypass. The vulnerability is due to insufficient access control checks on the GET, PUT, DELETE /admins/adminId endpoints, allowing low privileged users to fetch, modify, or delete high privileged users admins, resulting in unauthorize...

Authorization Bypass

alextselegidis/easyappointments is vulnerable to Authorization Bypass. The vulnerability is due to insufficient access control checks on the GET, PUT, DELETE /webhooks/webhookId endpoints, allowing low privileged users to fetch, modify, or delete webhooks of any user, resulting in unauthorized...

Authorization Bypass

alextselegidis/easyappointments is vulnerable to Authorization Bypass. The vulnerability is due to insufficient access control checks on the POST /customers endpoint, allowing low privileged users to create customer accounts, resulting in unauthorized data manipulation...

Authorization Bypass

alextselegidis/easyappointments is vulnerable to Authorization Bypass. The vulnerability is due to insufficient access control checks on the POST /services endpoint, allowing low privileged users to create services for any user including admin, resulting in unauthorized data manipulation...

Authorization Bypass

alextselegidis/easyappointments is vulnerable to Authorization Bypass. The vulnerability is due to insufficient access control checks on the POST /secretaries endpoint, allowing low privileged users to create other low privileged users secretaries, resulting in unauthorized data manipulation...

Authorization Bypass

alextselegidis/easyappointments is vulnerable to Authorization Bypass. The vulnerability is due to insufficient access control checks on the POST /providers endpoint, allowing low privileged users to create privileged users providers, resulting in privilege escalation...

Authorization Bypass

alextselegidis/easyappointments is vulnerable to Authorization Bypass. The vulnerability is due to insufficient access control checks on the GET, PUT, and DELETE endpoints for /customers/customerId, allowing low privileged users to fetch, modify, or delete other low privileged users customers...

Authorization Bypass

alextselegidis/easyappointments is vulnerable to Authorization Bypass. The vulnerability is due to insufficient access control checks on the GET, PUT, and DELETE endpoints for /settings/settingName, allowing low privileged users to fetch, modify, or delete settings of any user, including admin...

Denial Of Service (DoS)

Django is vulnerable to Denial of Service DoS. The vulnerability is caused by insufficient input validation when handling very long strings containing specific characters in the django.utils.translation.getsupportedlanguagevariant function. This allows an attacker to exploit the function,...

Authorization Bypass

alextselegidis/easyappointments is vulnerable to Authorization Bypass. The vulnerability is due to insufficient access control checks on the GET, PUT, and DELETE endpoints for /services/serviceId, allowing low privileged users to fetch, modify, or delete services of any user, including admin...

Path Traversal

Django is vulnerable to Path Traversal. The vulnerability is due to derived classes of the django.core.files.storage.Storage base class that override generatefilename without replicating the file-path validations from the parent class, potentially allowing path traversal via certain inputs during...

Cross Site Scripting

decidim-admin is vulnerable to Cross Site Scripting. The vulnerability is due to lack of input validation while modifying some records being uploaded to the server. An attacker can exploit this by altering records that get uploaded, leading to the execution of malicious scripts in the admin panel...

Denial Of Service (DoS)

images is vulnerable to Denial Of Service DoS. The vulnerability is due to unexpected input types provided to multiple functions, which can result in a process crash. The attacker can cause a Segmentation fault error by providing specific integer values to the size function...

Denial Of Service (DoS)

audify is vulnerable to Denial Of Service DoS. The vulnerability is due to frameSize not being checked for negative values when provided to the new OpusDecoder.decode or new OpusDecoder.decodeFloat functions, which can lead to a process crash...

Cross Site Scripting (XSS)

decidim is vulnerable to Cross Site Scripting XSS. The vulnerability is due to the pagination feature used in searches and filters, which is susceptible XSS through a malformed URL using the GET parameter perpage. An attacker can exploit this by crafting a malicious URL to execute arbitrary scrip...

Denial Of Service (DoS)

next is vulnerable to Denial of Service DoS. The vulnerability is due to an unspecified bug which can trigger an application crash, resulting in Denial of Service DoS...

Authorization Bypass

org.opensearch.plugin, opensearch-observability is vulnerable to Authorization Bypass. The vulnerability is due to improper verification of the resource author, allowing attackers to access private tenant resources such as notebooks...

Improper Access Control

ssddanbrown/bookstack is vulnerable to Improper Access Control. The vulnerability is due to the lack of proper validation in BookStack, that allowing attackers to confirm existing system users and perform targeted notification email DoS via public facing forms...

Improper Access Control

typo3/cms is vulnerable to Improper Access Control. The vulnerability is due to improper validation for requested controller/action combinations, allowing attackers to execute arbitrary Extbase actions by crafting a special request...

Authorization Bypass

PrivateBin is vulnerable to Authorization Bypass. The vulnerability is exists due to insufficient authorization controls in the implementation of the YOURLS server-side proxy mechanism, The vulnerability allows any user to shorten URLs pointing to the configured PrivateBin instance, bypassing the...

Out-of-bounds Read

node-stringbuilder is vulnerable to Out-of-bounds Read. The vulnerability is due to incorrect memory length calculation when calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. An attacker can return previously allocated memory by providing negativ...

Buffer Overflow

node-twain is vulnerable to a buffer overflow. The vulnerability is due to improper handling of exceptional conditions related to the length of source data while reading a new twain.TwainSDK object with certain properties of sufficient length = 34 characters. The vulnerability allows an attacker ...

Denial Of Service

speaker is vulnerable to Denial of Service DoS. The vulnerability is due to unexpected input types provided to the channels property of the Speaker object, which can trigger an assert macro and potentially crash the process...

Denial Of Service (DoS)

@discordjs/opus is vulnerable to Denial of Service DoS. The vulnerability is due to providing an input object with a property toString to several different functions, which can be exploited to cause a system crash...

Denial Of Service (DoS)

Django is vulnerable to Denial Of Service DoS. The vulnerability is caused when parsing inputs with a very large number of brackets with the urlize and urlizetrunc functions. The vulnerability allows the system to consume resources excessively and potentially lead to a denial of service condition...