SQL Injection

egroupware/egroupware is vulnerable to Sql Injection. The vulnerability is due to improper handling of the ORDER BY clause in database queries, potentially leading to SQL injection. An attacker can exploit this vulnerability to manipulate database queries, leading to unauthorized data access or...

Cross-site Scripting (XSS)

TYPO3 is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to failing to properly encode information from external sources, which could allow attackers to inject malicious scripts into the Install Tool language pack interface...

Cross-site Scripting (XSS)

TYPO3 CMS is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to failing to properly encode user input in multiple areas of the CMS, allowing attackers to inject malicious scripts...

Broken Access Control

TYPO3 is vulnerable to Broken Access Control. The vulnerability is due to regular backend users having access to import functionality that is typically restricted to admin users or users with specific User TSconfig settings enabled options.impexp.enableImportForNonAdminUser...

Insecure Deserialization

TYPO3 is vulnerable to Insecure Deserialization. The vulnerability is due to failing to properly validate incoming data in the suggest wizard, which allows an attacker to exploit insecure unserialize operations. A valid backend user account is required to exploit this vulnerability...

Sensitive Information Disclosure

TYPO3 is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the element information component not properly checking the backend user's permissions for the list of references from or to a record...

Session Fixation

TYPO3 is vulnerable to Session Fixation. The vulnerability is due to existing sessions for a user account not being revoked when the user changes their password...

Arbitrary File Deletion

gogs.io/gogs is vulnerable to Arbitrary File Deletion. The vulnerability is due to insufficient access controls, allowing unauthorized users to delete internal files on the host...

Cross Site Scripting (XSS)

zendframework/zend-form is vulnerable to Cross Site Scripting XSS. The vulnerability is due to the use of the escapeHtml helper instead of escapeHtmlAttr, leading to improper escaping of HTML attributes. An attacker can exploit this by injecting malicious code through user data or JavaScript in...

Command Injection

gogs.io/gogs is vulnerable to Command Injection. The vulnerability is caused due to inadequate input validation during the previewing of changes, allowing an attacker to inject arbitrary commands...

Command Injection

gogs.io/gogs is vulnerable to Command Injection. The vulnerability is caused by improper input validation or sanitization during the tagging process of a new release. Attackers can exploit this issue by injecting malicious commands or additional arguments into the tagging command, which may be...

OS Command Execution

HFS is vulnerable to OS Command Execution. The vulnerability is due to using execSync instead of spawnSync in a childprocess to execute the df shell command, which allows an attacker to execute OS commands remotely via the file upload feature...

Remote Code Execution (RCE)

gogs.io/gogs is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of command-line arguments within the bundled ssh implementation internal/ssh/ssh.go. An attacker can exploit the vulnerability by sending a malicious --split-string env request through an SSH...

Command Injection

deeplake is vulnerable to Command Injection. The vulnerability is due to a lack of input sanitization within the ingestkaggle API when ingesting a remote Kaggle dataset, allowing an attacker to execute arbitrary commands on the server...

NULL Pointer Dereference

libzephyr.so is vulnerable to NULL Pointer Dereference. The vulnerability is due to a malicious BLE device sending a specific order of packet sequences to cause a DoS attack on the victim BLE device...

Improper Access Control

Mattermost is vulnerable to Improper Access Control. The vulnerability is due to a failure to prevent specifying a RemoteId when creating a new user, allowing attackers to create a user with a user-defined ID, which can cause broken functionality in User Management...

Parameter Injection

zend-mail is vulnerable to Parameter Injection. The vulnerability is due to unsanitized additional quote characters within an address in the file Sendmail.php, which allows an attacker to inject arbitrary parameters to the system sendmail program...

Denial Of Service (DoS)

org.apache.tomcat: tomcat-coyote is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of excessive HTTP headers in HTTP/2 streams, which leads to the miscounting of active streams resulting in an infinite connection timeout. This allows connections to remain open...

URL Rewrite

zendframework/zendframework is vulnerable to URL Rewrite. The vulnerability is due to the request URI marshaling logic that introspects HTTP request headers specific to server-side URL rewrite mechanisms. When these headers are present on systems not running the specific URL rewriting mechanism,...

Information Disclosure

github.com/mattermost/mattermost-server is vulnerable to Information Disclosure. The vulnerability is due to a failure to properly sanitize the recipients of a webhook event, allowing attackers monitoring webhook events to retrieve the channel IDs of archived or restored channels...

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is due to the createPost function not preventing users from specifying a RemoteId for their posts, allowing attackers to create posts with user-defined post IDs. Attackers can use this to cause...

Improper Authentication

Mattermost is vulnerable to Improper Authentication. The vulnerability is caused by the use of constant-time comparison for remote cluster tokens, possibly allowing an attacker to retrieve the token during comparison due to the timing discrepancy...

Sensitive Information Disclosure

ZITADEL is vulnerable to Sensitive Information Disclosure. The vulnerability is due to a missing check that incorrectly lists user sessions without specific information, potentially exposing other users' sessions...

Information Disclosure

github.com/mattermost/mattermost-server is vulnerable to Information Disclosure. The vulnerability is due to Mattermost failing to sanitize the RemoteClusterFrame payloads before audit logging them. Attackers with access to the audit logs can exploit this to read message contents...

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is due to improper validation of remote server requests in shared channels with multiple connected remote servers, allowing a malicious remote server to change the profile images of users belonging...

Improper Input Validation

github.com/google/nftables/ is vulnerable to Improper Input Validation. The vulnerability is due to IP addresses being encoded in the wrong byte order, resulting in a non-functional nftables configuration which might block or not block the desired addresses...

Authentication Bypass

github.com/ginuerzh/gost is vulnerable to Authentication Bypass. The vulnerability is due to improper validation of the HostKeyCallback function. An attacker can intercept communications by setting the HostKeyCallback function to ssh.InsecureIgnoreHostKey...

Denial Of Service

kibana is vulnerable to Denial Of Service. The vulnerability is due to the runsoon API allowing view-only users to execute alerting rules continuously, potentially impacting system availability if the alerting rules involve complex queries. An attacker can exploit this to degrade system performan...

SQL Injection

craftcms/cms is vulnerable to SQL Injection. The vulnerability is caused by insufficient sanitization and validation of user-supplied input within GraphQL queries, allowing attackers to manipulate these queries to execute arbitrary SQL commands...

Insertion Of Sensitive Information Into Log File.

com.phloc:phloc-webscopes is vulnerable to Insertion of Sensitive Information into Log File. The vulnerability is due to improper handling of logged HTTP requests within RequestWebScopeNoMultipart.java. This allows local attackers with access to the log files to view user passwords or other...

Denial Of Service

kibana is vulnerable to Denial Of Service. The vulnerability is due to the ability of a high-privileged user to affect the availability of Kibana by uploading a maliciously crafted osquery pack. An attacker can disrupt Kibana's availability by exploiting this flaw...

Regular Expression Denial Of Service (ReDoS)

rack is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is caused due to improper handling and parsing of HTTP Accept headers using regular expressions.This allows an attacker to send specially crafted Accept-Encoding or Accept-Language headers, causing the server to...

Cross-site Scripting (XSS)

coderberg/residence-cms is vulnerable to Cross-site Scripting. The vulnerability is due to allowing low-privilege users to create malicious property content with HTML, which acts as a stored XSS payload...

Insertion Of Sensitive Information Into Sent Data

github.com/pomerium/pomerium is vulnerable to Insertion of Sensitive Information Into Sent Data. The vulnerability is due to the inclusion of serialized OAuth2 access and ID tokens from the logged-in user's session in the user info page /.pomerium...

Supply Chain Attack

Fides is vulnerable to Supply Chain Attack. The vulnerability is due to mishandling of client-side script dependencies and the use of a compromised third-party domain like polyfill.io. The vulnerability allows an attacker to serve malicious scripts to users of legacy browsers when they load...

Cross Site Scripting(XSS)

Flowise is vulnerable to Cross Site ScriptingXSS. The vulnerability is caused due to improper handling of user input in the /api/v1/chatflows-streaming/id endpoint, which allows an attacker to craft a URL that injects Javascript into user sessions, potentially stealing information, creating false...

Memory Leak

libfreerdp.so is vulnerable to Memory Leak. The vulnerability is due to a supplied realloc pointer being reused for a realloc return value. An attacker can exploit this by causing the program to consume excessive memory, potentially leading to a denial of service...

Improper Authentication

libfreerdp.so is vulnerable to Improper Authentication. The vulnerability is due to invalid credentials being accepted if the server has configured an invalid SAM file path. The attacker can successfully authenticate with invalid credentials if the SAM file path is incorrect...

Cross Site Scripting

flowise is vulnerable to Cross Site Scripting. The vulnerability is due to the api/v1/chatflows/id endpoint reflecting the chatflow ID in the 404 page without proper sanitization. An attacker can craft a specially crafted URL that injects JavaScript into user sessions, potentially stealing...

Denial Of Service (DoS)

liblouis.so is vulnerable to a Denial Of Service DoS. The vulnerability is due to an out-of-bounds read caused by the matchCurrentInput function inside loutranslateString.c not checking the input string's length, allowing attackers to crash the application by crafting an input file with certain...

Cross-site Scripting (XSS)

xapian-core is vulnerable to Cross-site Scripting XSS. The vulnerability is caused due to improper handling of HTML escaping by Xapian::MSet::snippet in queryparser/termgeneratorinternal.cc. This allows an attacker to potentially execute arbitrary scripts in the context of a user's web browser wh...

Improper Access Control

aimeos/ai-admin-graphql is vulnerable to an Improper Access Control. The vulnerability is due to insufficient restrictions or checks on user roles and permissions, allowing an editor to modify and take over an admin account in the back end...

Improper Access Control

aimeos/ai-admin-graphql is vulnerable to Improper Access Control. The vulnerability is due to inadequate enforcement of access control policies within aimeos/ai-admin-graphql, allowing editors are able to manage their own services via the GraphQL API, bypassing the intended restrictions designed...

Improper Enforcement Of Behavioral Workflow

aimeos/ai-controller-frontend is vulnerable to Improper Enforcement of Behavioral Workflow. The vulnerability is due to not resetting the payment status of a user's basket after the user completes a purchase...

Code Injection

flowise is vulnerable to Code Injection. The vulnerability is due to a lack of sanitization of the fileName body parameter in the /api/v1/openai-assistants-file endpoint in index.ts. An attacker can exploit this to read arbitrary files on the server...

Unauthorized Access

aimeos/ai-admin-jsonadm is vulnerable to Unauthorized Access. The vulnerability is due to improper access control mechanisms within aimeos/ai-admin-jsonadm, allowing editors to improperly remove admin group and locale configurations in the Aimeos backend...

Origin Validation Error

flowise is vulnerable to a CORS misconfiguration. The vulnerability is due to the Access-Control-Allow-Origin header being set to allow all origins, permitting arbitrary origins to connect to the website. In the default unauthenticated configuration, attackers can exploit this to make requests to...

Regular Expression Denial Of Service (ReDoS)

async is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to the autoinject function, which allows an attacker to slowdown parsing with crafted whitespaces, resulting in Regular Expression Denial of Service ReDoS...

Cross-Site Scripting

flowise is vulnerable to reflected cross-site scripting XSS. The vulnerability is due to improper sanitization in the /api/v1/public-chatflows/id endpoint when a chatflow ID is not found, causing its value to be reflected in the 404 page with type text/html. Attackers can exploit this by crafting...

Cross-Site Scripting (XSS)

flowise is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input sanitization in the /api/v1/credentials/id endpoint, which reflects user input back in the 404 page as HTML. This allows attackers to craft a URL that injects JavaScript into user sessions, enabling...