Writeup Exploits
60,754 exploits tracked across all sources.
GitLab 10.0.0-14.6.5 - Environment Variable Exposure via Sendmail Email Address Injection
Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed an attacker to steal environment variables via specially crafted email addresses.
CVSS 5.8
libtiff 4.3.0 - Denial of Service via Crafted TIFF File
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045.
CVSS 5.5
libtiff 4.3.0 - Heap Buffer Overflow in ExtractImageSection Function
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
CVSS 6.1
libtiff 4.3.0 - Denial of Service via Crafted TIFF File
Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.
CVSS 5.5
libtiff < 4.3.0 - Denial of Service via memcpy() in TIFFFetchNormalTag
Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.
CVSS 7.7
libtiff < 4.3.0 - Denial of Service via memcpy() in TIFFFetchNormalTag
Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.
CVSS 7.7
libtiff 4.3.0 - Denial of Service via Crafted TIFF File
Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.
CVSS 5.5
libtiff 4.3.0 - Out-of-bounds Read in tiffcp via Crafted TIFF File
Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.
CVSS 5.5
libtiff 4.3.0 - Out-of-bounds Read in tiffcrop
Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd.
CVSS 5.5
LibTIFF 4.3.0 - Denial of Service via Malicious TIFF File
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used.
CVSS 4.3
mutt 0.94.13-2.2.3 - Buffer Overflow in uudecoder
Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line
CVSS 4.3
mutt 0.94.13-2.2.3 - Buffer Overflow in uudecoder
Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line
CVSS 4.3
libtiff < 4.4.0 - Denial of Service via Crafted TIFF File in TIFFReadRawDataStriped
A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.
CVSS 5.5
GitLab 1.0.2-14.8.5, 14.9.0-14.9.3, 14.10.0 - Insufficiently Protected Credentials via Integration Properties
Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 causes potentially sensitive integration properties to be disclosed in the web interface
CVSS 5.4
GitLab 1.0.2-14.8.5, 14.9.0-14.9.3, 14.10.0 - Stored Cross-Site Scripting in Pipeline Error Messages
Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows for rendering of attacker controlled HTML tags and CSS styling
CVSS 4.3
GitLab 1.0.2-14.8.5, 14.9.0-14.9.3, 14.10.0 - RCE via CI/CD Cache Poisoning
Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows a malicious actor with Developer privileges to perform cache poisoning leading to arbitrary code execution in protected branches
CVSS 7.1
libtiff - Out-of-bounds Read in LZWDecode
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
CVSS 5.5
libtiff - Out-of-bounds Read in LZWDecode
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
CVSS 5.5
libtiff - Out-of-bounds Read in LZWDecode
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
CVSS 5.5
libtiff - Out-of-bounds Read in LZWDecode
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
CVSS 5.5
GitLab CE/EE <14.9.5-15.0.1 - Privilege Escalation
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for malicious group maintainers to add new members to a project within their group, through the REST API, even after their group owner enabled a setting to prevent members from being added to projects within that group.
CVSS 2.7
GitLab CE/EE <14.9.5-15.0.1 - Info Disclosure
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for a subgroup member to access the members list of their parent group.
CVSS 4.3
GitLab EE 12.0-14.9.4, 14.10-14.10.3, 15.0 - Incorrect Authorization via Project Trigger Token Bypass
Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Trigger Token to misuse it from any location even when IP address restrictions were configured
CVSS 6.5
GitLab 12.0.0-14.9.4, 14.10.0-14.10.3, 15.0.0 - Incorrect Authorization via Project Deploy Token
Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Deploy Token to misuse it from any location even when IP address restrictions were configured
CVSS 6.5
GitLab 13.11-14.9.5, 14.10-14.10.4, 15.0-15.0.1 - Stored Cross-Site Scripting via Jira Integration
A Stored Cross-Site Scripting vulnerability in Jira integration in GitLab EE affecting all versions from 13.11 prior to 14.9.5, 14.10 prior to 14.10.4, and 15.0 prior to 15.0.1 allows an attacker to execute arbitrary JavaScript code in GitLab on a victim's behalf via specially crafted Jira Issues
CVSS 7.7
By Source