Exploit Database
139,481 exploits tracked across all sources.
XWiki Platform <3.0-milestone-1 - Privilege Escalation
XWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to execute a script with the right of another user, provided the target user does not have programming right. The problem has been patched in XWiki 14.8-rc-1, 14.4.5, and 13.10.10. There are no known workarounds for this issue.
CVSS 5.4
Atera Agent <1.8.3.6 - Path Traversal
Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions.
CVSS 7.8
Atera Agent <1.8.4.4 - Privilege Escalation
Privilege escalation vulnerability was discovered in Atera Agent 1.8.4.4 and prior on Windows due to mishandling of privileged APIs.
CVSS 7.8
Deno <1.31.0 - DoS
Versions of the package deno before 1.31.0 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the upgradeWebSocket function, which contains regexes in the form of /s*,s*/, used for splitting the Connection/Upgrade header. A specially crafted Connection/Upgrade header can be used to significantly slow down a web socket server.
CVSS 5.3
Lite-Web-Server - DoS
All versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.
CVSS 7.5
SketchSVG - Code Injection
All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string.
CVSS 6.9
@nubosoftware/node-static - Path Traversal
All versions of the package @nubosoftware/node-static; all versions of the package node-static are vulnerable to Directory Traversal due to improper file path sanitization in the startsWith() method in the servePath function.
CVSS 7.5
collection.js <6.8.1 - Info Disclosure
Versions of the package collection.js before 6.8.1 are vulnerable to Prototype Pollution via the extend function in Collection.js/dist/node/iterators/extend.js.
CVSS 7.5
yhirose/cpp-httplib < 0.12.4 - CRLF Injection
Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors.
**Note:** This issue is present due to an incomplete fix for [CVE-2020-11709](https://security.snyk.io/vuln/SNYK-UNMANAGED-YHIROSECPPHTTPLIB-2366507).
CVSS 7.5
github.com/xyproto/algernon/engine and github.com/xyproto/algernon/...
All versions of the package github.com/xyproto/algernon/engine; all versions of the package github.com/xyproto/algernon/themes are vulnerable to Cross-site Scripting (XSS) via the themes.NoPage(filename, theme) function due to improper user input sanitization. Exploiting this vulnerability is possible when a file/resource is not found.
CVSS 5.4
Package dottie <2.0.4 - Info Disclosure
Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set() function and the current variable in the /dottie.js file.
CVSS 7.5
progressbar.js - Info Disclosure
All versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend() in the file utils.js.
CVSS 8.2
flatnest - Info Disclosure
All versions of the package flatnest are vulnerable to Prototype Pollution via the nest() function in the flatnest/nest.js file.
CVSS 7.3
Tough-Cookie <4.1.3 - Prototype Pollution
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
CVSS 6.5
sidekiq <7.1.3 - DoS
Versions of the package sidekiq before 7.1.3 are vulnerable to Denial of Service (DoS) due to insufficient checks in the dashboard-charts.js file. An attacker can exploit this vulnerability by manipulating the localStorage value which will cause excessive polling requests.
CVSS 7.5
sidekiq <7.1.3 - DoS
Versions of the package sidekiq before 7.1.3 are vulnerable to Denial of Service (DoS) due to insufficient checks in the dashboard-charts.js file. An attacker can exploit this vulnerability by manipulating the localStorage value which will cause excessive polling requests.
CVSS 7.5
blamer <1.0.4 - Command Injection
Versions of the package blamer before 1.0.4 are vulnerable to Arbitrary Argument Injection via the blameByFile() API. The library does not sanitize for user input or validate the given file path conforms to a specific schema, nor does it properly pass command-line flags to the git binary using the double-dash POSIX characters (--) to communicate the end of options.
CVSS 6.5
graphql <16.8.1 - DoS
Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This vulnerability allows an attacker to degrade system performance.
**Note:** It was not proven that this vulnerability can crash the process.
CVSS 5.3
pydash <6.0.0 - Command Injection
This affects versions of the package pydash before 6.0.0. A number of pydash methods such as pydash.objects.invoke() and pydash.collections.invoke_map() accept dotted paths (Deep Path Strings) to target a nested Python object, relative to the original source object. These paths can be used to target internal class attributes and dict items, to retrieve, modify or invoke nested Python objects.
**Note:**
The pydash.objects.invoke() method is vulnerable to Command Injection when the following prerequisites are satisfied:
1) The source object (argument 1) is not a built-in object such as list/dict (otherwise, the __init__.__globals__ path is not accessible)
2) The attacker has control over argument 2 (the path string) and argument 3 (the argument to pass to the invoked method)
The pydash.collections.invoke_map() method is also vulnerable, but is harder to exploit as the attacker does not have direct control over the argument to be passed to the invoked function.
CVSS 7.4
quill-mention <4.0.0 - XSS
Versions of the package quill-mention before 4.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization, via the renderList function.
**Note:**
If the mentions list is sourced from unsafe (user-sourced) data, this might allow an injection attack when a Quill user hits @.
CVSS 6.1
asyncua <0.9.96 - Improper Authentication
Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication.
**Note:**
This issue is a result of missing checks for services that require an active session.
CVSS 6.5
asyncua <0.9.96 - Improper Authentication
Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication.
**Note:**
This issue is a result of missing checks for services that require an active session.
CVSS 6.5
asyncua <0.9.96 - DoS
Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service (DoS) such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory.
CVSS 5.3
static-server - Path Traversal
All versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js.
CVSS 7.5
geokit-rails <2.5.0 - Command Injection
Versions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialisation of YAML within the 'geo_location' cookie. This issue can be exploited remotely via a malicious cookie value.
**Note:**
An attacker can use this vulnerability to execute commands on the host system.
CVSS 8.3
By Source