Writeup Exploits
60,918 exploits tracked across all sources.
mutt 0.94.13-2.2.3 - Buffer Overflow in uudecoder
Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line
CVSS 4.3
libtiff < 4.4.0 - Denial of Service via Crafted TIFF File in TIFFReadRawDataStriped
A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.
CVSS 5.5
GitLab 1.0.2-14.8.5, 14.9.0-14.9.3, 14.10.0 - Insufficiently Protected Credentials via Integration Properties
Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 causes potentially sensitive integration properties to be disclosed in the web interface
CVSS 5.4
GitLab 1.0.2-14.8.5, 14.9.0-14.9.3, 14.10.0 - Stored Cross-Site Scripting in Pipeline Error Messages
Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows for rendering of attacker controlled HTML tags and CSS styling
CVSS 4.3
GitLab 1.0.2-14.8.5, 14.9.0-14.9.3, 14.10.0 - RCE via CI/CD Cache Poisoning
Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows a malicious actor with Developer privileges to perform cache poisoning leading to arbitrary code execution in protected branches
CVSS 7.1
libtiff - Out-of-bounds Read in LZWDecode
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
CVSS 5.5
libtiff - Out-of-bounds Read in LZWDecode
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
CVSS 5.5
libtiff - Out-of-bounds Read in LZWDecode
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
CVSS 5.5
libtiff - Out-of-bounds Read in LZWDecode
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
CVSS 5.5
GitLab CE/EE <14.9.5-15.0.1 - Privilege Escalation
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for malicious group maintainers to add new members to a project within their group, through the REST API, even after their group owner enabled a setting to prevent members from being added to projects within that group.
CVSS 2.7
GitLab CE/EE <14.9.5-15.0.1 - Info Disclosure
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for a subgroup member to access the members list of their parent group.
CVSS 4.3
GitLab EE 12.0-14.9.4, 14.10-14.10.3, 15.0 - Incorrect Authorization via Project Trigger Token Bypass
Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Trigger Token to misuse it from any location even when IP address restrictions were configured
CVSS 6.5
GitLab 12.0.0-14.9.4, 14.10.0-14.10.3, 15.0.0 - Incorrect Authorization via Project Deploy Token
Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Deploy Token to misuse it from any location even when IP address restrictions were configured
CVSS 6.5
GitLab 13.11-14.9.5, 14.10-14.10.4, 15.0-15.0.1 - Stored Cross-Site Scripting via Jira Integration
A Stored Cross-Site Scripting vulnerability in Jira integration in GitLab EE affecting all versions from 13.11 prior to 14.9.5, 14.10 prior to 14.10.4, and 15.0 prior to 15.0.1 allows an attacker to execute arbitrary JavaScript code in GitLab on a victim's behalf via specially crafted Jira Issues
CVSS 7.7
GitLab CE/EE <14.9.5-15.0.1 - Privilege Escalation
When the feature is configured, improper authorization in the Interactive Web Terminal in GitLab CE/EE affecting all versions from 11.3 prior to 14.9.5, 14.10 prior to 14.10.4, and 15.0 prior to 15.0.1 allows users with the Developer role to open terminals on other Developers' running jobs
CVSS 5.4
libtiff 4.4.0 - Denial of Service via Crafted TIFF File
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
CVSS 5.5
libtiff 4.4.0 - Denial of Service via Divide By Zero in tiffcrop
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
CVSS 5.5
libtiff 4.4.0 - Denial of Service via Crafted TIFF File
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
CVSS 5.5
OpenSSL 1.0.2-1.0.2ze, 1.1.1-1.1.1o, 3.0.0-3.0.3 - OS Command Injection via c_rehash Script
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).
CVSS 7.3
Hutool < 5.7.19 - Improper Certificate Validation
Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation.
CVSS 9.8
Ovidentia CMS 6.0 - Authenticated Path Traversal in FileManager
An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal.
CVSS 7.5
GitLab < 15.1.6, 15.2-15.2.4, 15.3-15.3.2 - Server-Side Request Forgery via Jupyter Notebook Viewer
A crafted tag in the Jupyter Notebook viewer in GitLab EE/CE affecting all versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 allows an attacker to issue arbitrary HTTP requests
CVSS 6.4
GitLab 10.0.0-15.1.5, 15.2.0-15.2.3, 15.3.0-15.3.1 - Authenticated Resource Exhaustion via Malicious Project Import
A business logic issue in the handling of large repositories in all versions of GitLab CE/EE from 10.0 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2 allowed an authenticated and authorized user to exhaust server resources by importing a malicious project.
CVSS 6.5
GNU SASL < 2.0.1 - Authenticated Out-of-bounds Read via GSS-API Client
GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client
CVSS 3.8
GNU SASL < 2.0.1 - Authenticated Out-of-bounds Read via GSS-API Client
GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client
CVSS 3.8
By Source