Server secret was included in static assets and served to clientsServer JWT signing secret was included in static assets and served to clients. | High | |
Redwood is vulnerable to account takeover via dbAuth "forgot-passwordThis is an API vulnerability in Redwood’s [dbAuth], specifically the dbAuth forgot password feature: only projects with the dbAuth “forgot password” feature are affected this... | High | |
Parse Server before v3.4.1 vulnerable to Denial of ServiceIf a POST request is made to /parse/classes/_Audience (or other volatile class), any subsuquent POST requests result in an internal server error (500). | High | CWE-444 |
Incorrect default cookie name and recommendationThe default cookie name (and documentation recommendation) was prefixed with Host__ instead of __Host-. The point of this prefix is for additional security, to ensure... | Low | |
Cross-Site Scripting in simditorVersions of simditor prior to 2.3.22 are vulnerable to Cross-Site Scripting. The package does not sanitize user input that is rendered with innerHTML, allowing attackers... | Medium | CWE-79 |
Cryptographically Weak PRNG in generate-passwordAffected versions of generate-password generate random values that are biased towards certain characters depending on the chosen character sets. This may result in guessable passwords.... | Medium | CWE-338 |
Path Traversal in angular-http-server (GHSA-vmhw-fhj6-m3g5)Versions of angular-http-server before 1.4.4 are vulnerable to path traversal. | High | CWE-22 |
Denial of Service in foremanAll versions of foreman are vulnerable to Regular Expression Denial of Service when requests to it are made with a specially crafted path. | High | CWE-400 |
Reflected Cross-Site Scripting in jquery.terminalVersions of jquery.terminal prior to 1.21.0 are vulnerable to Reflected Cross-Site Scripting. If the application has either of the options anyLinks or invokeMethods set to... | Medium | CWE-79 |
Cross-Site Scripting in react-svgVersions of react-svg before 2.2.18 are vulnerable to cross-site scripting (xss). This is due to the fact that scripts found in SVG files are run... | High | CWE-79 |
Cross-Site Scripting in shaveVersions of shave prior to 2.5.3 are vulnerable to Cross-Site Scripting. The shave package overwrites HTML elements and in doing so fails to properly encode... | Medium | CWE-79 |
Directory TraversalAffected versions of node-simple-router package (0.10.0 and before), are vulnerable to a directory traversal issue. | High | |
Cross-Site Scripting in bracket-templateAll versions of bracket-template are vulnerable to stored cross-site scripting (XSS). This is exploitable when a variable passed in via a GET parameter is used... | High | CWE-79 |
Prototype Pollution in deapVersions of deap before 1.0.1 are vulnerable to prototype pollution. | High | CWE-400 |
Regular Expression Denial of ServiceA flaw was found in nodejs-marked versions from 0.5.0 to before 0.6.1. Affected versions of this package are vulnerable to Regular Expression Denial of Service... | Medium | |
Insecure Default Configuration in redbirdVersions of redbird prior to 0.9.1 have a vulnerable default configuration of allowing TLS 1.0 connections on lib/proxy.js. The package does not provide an option... | Medium | CWE-20 |
Regular Expression Denial of Service (GHSA-6394-6h9h-cfjg)A Regular Expression vulnerability was found in nwmatcher before 1.4.4. The fix replacing multiple repeated instances of the “\s*” pattern. | Medium | CWE-400 |
SQL Injection in typeorm (GHSA-w7q7-vjp8-7jv4)Versions of typeorm before 0.1.15 are vulnerable to SQL Injection. Field names are not properly validated allowing attackers to inject SQL statements and execute arbitrary... | High | CWE-89 |
Insecure Default Configuration in tesseract.jsVersions of tesseract.js prior to 1.0.19 default to using a third-party proxy. Requests may be proxied through crossorigin.me which clearly states is not suitable for... | Medium | CWE-829 |
Regular Expression Denial of Service (GHSA-qx4v-6gc5-f2vv)A Regular Expression Denial of Service vulnerability was discovered in esm before 3.1.0. The issue is that esm’s find-indexes is using the unescaped identifiers in... | Medium | CWE-400 |
Cross-Site Scripting in markedVersions 0.3.7 and earlier of marked unescape only lowercase while owsers support both lowercase and uppercase x in hexadecimal form of HTML character entity | Medium | |
Cross-Site Scripting (XSS) in cloudcmdVersions of cloudcmd before 9.1.6 are vulnerable to cross-site scripting (XSS) when listing files in a directory. The attacker must control the name of a... | High | CWE-79 |
Content injection in markedVersions 0.3.7 and earlier of marked When mangling is disabled via option mangle don’t escape target href. This allow attacker to inject arbitrary html-event into... | Medium | |
Command Injection in dotAll versions of dot are vulnerable to Command Injection. The template compilation may execute arbitrary commands if an attacker can inject code in the template... | Medium | CWE-77 |
Reverse Tabnapping in swagger-uiVersions of swagger-ui prior to 3.18.0 are vulnerable to Reverse Tabnapping. The package uses target='_blank' in anchor tags, allowing attackers to access window.opener for the... | Medium | CWE-1022 |
Cross-Site Scripting in @nuxt/devalueVersions of @nuxt/devalue prior to 1.2.3 are vulnerable to Cross-Site Scripting. Due to insufficient input sanitization attacker may inject arbitrary JavaScript code through object keys.... | Medium | CWE-79 |
Cross-Site Scripting in cyberchefVersions of cyberchef prior to 8.31.3 are vulnerable to Cross-Site Scripting. In Text Encoding Brute Force the table rows are created by concatenating the value... | Medium | CWE-79 |
Cross-Site Scripting in status-boardAll versions of status-board are vulnerable to Cross-Site Scripting. The renderJsDashboard() function concatenates the safeDashboard variable to the HTTP response message with insufficient sanitization. If... | Medium | CWE-79 |
Message Signature Bypass in openpgpVersions of openpgp prior to 4.2.0 are vulnerable to Message Signature Bypass. The package fails to verify that a message signature is of type text.... | High | CWE-347 |
Prototype Pollution in deeplyVersions of deeply prior to 1.0.1 are vulnerable to Prototype Pollution. The package fails to validate which Object properties it updates. This allows attackers to... | High | CWE-400 |
Sensitive Data Exposure in senecaVersions of seneca prior to 3.9.0 are vulnerable to Sensitive Data Exposure. When a process using the package crashes all environment variables are printed. This... | Low | CWE-209 |
Cross-Site Scripting in iobroker.webVersions of iobroker.web prior to 2.4.10 are vulnerable to Cross-Site Scripting. The package fails to escape URL parameters that may be reflected in the server... | Medium | CWE-79 |
Remote Code Execution in Angular ExpressionsThe vulnerability, reported by GoSecure Inc, allows Remote Code Execution, if you call expressions.compile(userControlledInput) where userControlledInput is text that comes from user input. | High | CWE-74 |
Cross-Site Scripting in selectize-plugin-a11yVersions of selectize-plugin-a11y prior to 1.1.0 are vulnerable to Cross-Site Scripting. The accessibility.liveRegion.speak function does not sanitize the msg variable before rendering it as HTML.... | Medium | CWE-79 |
Denial of Service in rgb2hexAll versions of rgb2hex are vulnerable to Regular Expression Denial of Service (ReDoS) when an attacker can pass in a specially crafted invalid color value.... | Medium | CWE-400 |
Improper Key Verification in openpgpVersions of openpgp prior to 4.2.0 are vulnerable to Improper Key Verification. The OpenPGP standard allows signature packets to have subpackets which may be hashed... | High | CWE-347 |
Cross-Site Scripting in vantVersions of vant prior to 2.1.8 are vulnerable to Cross-Site Scripting. The text value of the Picker component column is not sanitized, which may allow... | High | CWE-79 |
Arbitrary File Write in iobroker.js-controllerVersions of iobroker.controller prior to 2.0.25 are vulnerable to Path Traversal. The package fails to restrict access to folders outside of the intended /adapter/<adapter-name> folder,... | High | CWE-22 |
Incorrect Account Used for SigningAnybody using this library to sign with a BIP44 account other than the first account may be affected. If a user is signing with the... | High | CWE-287 |
OS Command Injection in devcert-sanscachedevcert-sanscache before 0.4.7 allows remote attackers to execute arbitrary code or cause a Command Injection via the exec function. The variable commonName controlled by user... | High | CWE-78 |
Command Injection in hot-formula-parserVersions of hot-formula-parser prior to 3.0.1 are vulnerable to Command Injection. The package fails to sanitize values passed to the parse function and concatenates it... | High | CWE-94 |
False-negative validation results in MINT transactions with invalid batonUsers could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result... | High | CWE-697 |
discord-html not escaping HTML code blocks when lacking a language identifierAny website using discord-markdown with user-generated markdown is vulnerable to having code injected into the page where the markdown is displayed. | High | |
Validation Bypass in schema-inspectorIn schema-inspector before 1.6.9, a maliciously crafted JavaScript object can bypass the sanitize() and the validate() function used within schema-inspector. | High | CWE-668 |
Cross-Site Scripting in seeftlAll versions of seeftl are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize filenames, allowing attackers to execute arbitrary JavaScript in the victim’s... | High | CWE-79 |
Cross-Site Scripting in fileviewAll versions of fileview are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize filenames, allowing attackers to execute arbitrary JavaScript in the victim’s... | High | CWE-79 |
Cross-Site Scripting in sanitize-html (GHSA-3j7m-hmh3-9jmp)Affected versions of sanitize-html do not sanitize input recursively, which may allow an attacker to execute arbitrary Javascript. | Medium | CWE-79 |
Information disclosure through error object in auth0.jsBetween versions 8.0.0 and 9.13.1(inclusive), in the case of an (authentication) error, the error object returned by the library contains the original request of the... | High | CWE-522 |
Cross-Site Scripting (XSS) in VerdaccioWhat kind of vulnerability is it? Who is impacted? | Medium | CWE-79 |
Information disclosure in parse-serveryou can fetch all the users’ objects, by using regex in the NoSQL query.Using the NoSQL, you can use a regex on sessionToken ("_SessionToken":{"$regex":"r:027f"}} and... | High | CWE-285 |
CSRF and DNS Rebinding in OasisIf you’re running a vulnerable application on your computer and an attacker can trick you into visiting a malicious website, they could use DNS rebinding... | Medium | CWE-352 |
Downloads Resources over HTTP in alto-saxophoneAffected versions of alto-saxophone insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
Prototype Pollution Protection Bypass in qsAffected version of qs are vulnerable to Prototype Pollution because it is possible to bypass the protection. The qs.parse function fails to properly prevent an... | High | CWE-20 |
Github Token Leak in aegirAffected versions of aegir bundle and publish the current users github token to npm when aegir-release is executed. | High | CWE-200 |
Cross-Site Scripting in editor.mdAll versions of editor.md are vulnerable to Cross-Site Scripting. User input is insufficiently sanitized, allowing attackers to inject malicious code in payloads containing base64-encoded content.... | Medium | CWE-79 |
Cross Site Scripting (XSS) in plotly.jsAffected versions of plotly.js are vulnerable to cross-site scripting if an attacker can convince a user to visit a malicious plot on a site using... | Medium | CWE-79 |
Critical severity vulnerability that affects slpjsNo description available. | High | CWE-20 |
Moderate severity vulnerability that affects validator (GHSA-552w-rqg8-gxxm)The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via vectors related to UI redressing. | Medium | CWE-79 |
Regular Expression Denial of Service in ssriVersion of ssri prior to 5.2.2 are vulnerable to regular expression denial of service (ReDoS) when using strict mode. | Medium | CWE-400 |
DoS due to excessively large websocket message in wsAffected versions of ws do not appropriately limit the size of incoming websocket payloads, which may result in a denial of service condition when the... | High | CWE-400 |
Default Express middleware security check is ignored in productionNo description available. | High | |
Downloads Resources over HTTP in baryton-saxophoneAffected versions of baryton-saxophone insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
XSS Filter Bypass via Encoded URL in validatorVersions of validator prior to 2.0.0 contained an xss filter method that is affected by several filter bypasses. This may result in a cross-site scripting... | Medium | CWE-79 |
Cross-Site Scripting in nunjucksAffected versions of nunjucks do not properly escape specially structured user input in template vars when in auto-escape mode, resulting in a cross-site scripting vulnerability.... | Medium | CWE-79 |
Denial-of-Service Extended Event Loop Blocking in qsVersions prior to 1.0.0 of qs are affected by a denial of service vulnerability that results from excessive recursion in parsing a deeply nested JSON... | High | CWE-400 |
Denial of Service in mqtt (GHSA-h9mj-fghc-664w)Affected versions of mqtt do not properly handle PUBLISH packets returning from the server, leading to a Denial of Service condition. | Medium | CWE-674 |
Missing Origin Validation in webpack-dev-serverVersions of webpack-dev-server before 3.1.10 are missing origin validation on the websocket server. This vulnerability allows a remote attacker to steal a developer’s source code... | High | CWE-20 |
Arbitrary Code Injection in pouchdbAffected versions of pouchdb do not properly sandbox the code execution engine which executes the map/reduce functions for temporary views and design documents. Under certain... | High | CWE-94 |
High severity vulnerability that affects gunThe static file server module included with GUN had a serious vulnerability: | High | CWE-22 |
Sensitive Data Exposure in parse-serverVersions of parse-server prior to 3.6.0 could allow an account enumeration attack via account linking.ParseError.ACCOUNT_ALREADY_LINKED(208) was thrown BEFORE the AuthController checks the password and throws... | Medium | CWE-209 |
VBScript Content Injection in markedVersions 0.3.2 and earlier of marked are affected by a cross-site scripting vulnerability even when sanitize:true is set. | Medium | CWE-79 |
Moderate severity vulnerability that affects markedThis advisory has been withdrawn, per NVD: “This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue.” | Medium | |
Cross-Site Scripting in serialize-javascriptVersions of serialize-javascript prior to 2.1.1 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize serialized regular expressions. This vulnerability does not affect... | Medium | CWE-79 |
Privilege Escalation due to Blind NoSQL Injection in flintcmsVersions of flintcms before version 1.1.10 are vulnerable to account takeover due to blind MongoDB injection in the password reset. | High | CWE-89 |
Downloads Resources over HTTP in dalek-browser-chrome-canaryAffected versions of dalek-browser-chrome-canary insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
Downloads Resources over HTTP in strider-sauceAffected versions of strider-sauce insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
Prototype Pollution in extendVersions of extend prior to 3.0.2 (for 3.x) and 2.0.2 (for 2.x) are vulnerable to Prototype Pollution. The extend() function allows attackers to modify the... | Medium | CWE-400 |
No CSRF Validation in droppyAffected versions of droppy are vulnerable to cross-site socket forgery. The package does not perform verification for cross-domain websocket requests, and as a result, an... | High | CWE-352 |
Downloads Resources over HTTP in product-monitorAffected versions of product-monitor insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
Command Injection in macaddress (GHSA-pp57-mqmh-44h7)All versions of macaddress are vulnerable to command injection. For this vulnerability to be exploited an attacker needs to control the iface argument to the... | High | CWE-78 |
Multiple XSS Filter Bypasses in validatorVersions of validator prior to 1.1.0 are affected by several cross-site scripting vulnerabilities due to bypasses discovered in the blacklist-based filter. | Medium | CWE-79 |
Authentication Bypass in hapi-auth-jwt2Versions of hapi-auth-jwt2 prior to version 5.1.2 are affected by a complete authentication bypass vulnerability when in the try authentication mode. | High | CWE-287 |
Downloads Resources over HTTP in wasdkAffected versions of wasdk insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
Cross-Site Scripting in mustacheVersions of mustache prior to 2.2.1 are affected by a cross-site scripting vulnerability when attributes in mustache templates are not quoted. | High | CWE-79 |
Downloads Resources over HTTP in limbus-buildgenAffected versions of limbus-buildgen insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
Downloads Resources over HTTP in phantomjs-cheniuAffected versions of phantomjs-cheniu insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
Downloads Resources over HTTP in webdrvrAffected versions of webdrvr insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
ECDSA signature vulnerability of Minerva timing attack in jsrsasignECDSA side-channel attack named Minerava have been found and it was found that it affects to jsrsasign. | Medium | CWE-362 |
Storing Password in Local StorageThe setPassword method (http://parseplatform.org/Parse-SDK-JS/api/2.9.1/Parse.User.html#setPassword) stores the user’s password in localStorage as raw text making it vulnerable to anyone with access to your localStorage. We believe... | Medium | CWE-256 |
Unrestricted Upload of File with Dangerous Type in blueimp-file-uploadUnauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0 | High | CWE-434 |
False-positive validity for NFT1 genesis transactions in SLPJSIn the npm package named “slpjs”, versions prior to 0.27.4 are vulnerable to false-positive validation outcomes for the NFT1 Child Genesis transaction type. | High | CWE-697 |
Cross-Site Scripting in jqtreeAffected versions of jqtree are vulnerable to cross-site scripting in the drag and drop functionality for modifying tree data. | High | CWE-79 |
Cross-Site Scripting in swagger-ui (GHSA-p239-93f7-h6xf)Affected versions of swagger-ui contain a cross-site scripting vulnerability in the key names of a specific nested object in the JSON document. | High | CWE-79 |
Cross-Site Scripting (XSS) in pivottableAffected versions of pivottable are vulnerable to cross-site scripting, due to a new mechanism used to render JSON elements. | High | CWE-79 |
DOM-based XSS in auth0-lockVersions before and including 11.25.1 are using dangerouslySetInnerHTML to display an informational message when used with a Passwordless or Enterprise connection. | Low | CWE-79 |
Multiple Content Injection Vulnerabilities in markedVersions 0.3.0 and earlier of marked are affected by two cross-site scripting vulnerabilities, even when sanitize: true is set. | Medium | CWE-79 |
Authentication Bypass in console-ioAffected versions of the console-io package do not configure the underlying websocket library to require authentication, resulting in an authentication bypass vulnerability. As console-io allows... | High | CWE-287 |
Moderate severity vulnerability that affects validatorThe validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag. | Medium | CWE-79 |
Moderate severity vulnerability that affects validator (GHSA-rh6c-q938-3r9q)The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI. | Medium | CWE-79 |
Arbitrary Code Execution in mathjs (GHSA-vx5c-87qx-cv6c)math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary... | High | CWE-94 |
Auth0-js bypasses CSRF checksThe Auth0.js library has a vulnerability affecting versions below 9.3 that allows an attacker to bypass the CSRF check from the state parameter if it’s... | High | CWE-352 |
Command Injection in ungit (GHSA-vjfr-p6hp-jqqw)Versions of ungit prior to 0.9.0 are affected by a command injection vulnerability in the url parameter. | High | CWE-77 |
Cross-Site Scripting in swagger-ui (GHSA-7f59-x49p-v8mq)Affected versions of swagger-ui are vulnerable to cross-site scripting in both the consumes and produces parameters of the swagger JSON document for a given API.... | High | CWE-79 |
Denial of Service in mqttAffected versions of mqtt will cause the node process to crash when receiving specially crafted MQTT packets, making the application vulnerable to a denial of... | High | CWE-248 |
Cross-Site Scripting in mrk.jsVersions of mrk.js before 2.0.1 are vulnerable to cross-site scripting (XSS) when markdown is converted to HTML. | High | CWE-79 |
Arbitrary JavaScript Execution in typed-functionVersions of typed-function prior to 0.10.6 are vulnerable to Arbitrary JavaScript Execution. Function names are not properly sanitized and may allow an attacker to execute... | High | CWE-94 |
Command Injection in cocos-utilsAll versions of cocos-utils are vulnerable to Remote Code Execution. The unzip() function concatenates user input to exec() which may allow attackers to execute arbitrary... | High | CWE-77 |
HTML Injection in preactVersions of preact 10.x on prerelease tags alpha and beta prior to 10.0.0-beta.1 are vulnerable to HTML Injection. Due to insufficient input validation the package... | Medium | CWE-74 |
Cross-Site Scripting in cmmn-js-properties-panelVersions of cmmn-js-properties-panel prior to 0.8.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize input in specially configured diagrams, which may allow... | High | CWE-79 |
CSRF vulnerability in save-serverVersions prior to version v1.05 are affected by a CSRF vulnerability, as there is no CSRF mitigation (Tokens etc.). The fix introduced in version v1.05... | Medium | CWE-352 |
Directory traversal in rollup-plugin-server (GHSA-34gh-3cwv-wvp2)This affects all versions of package rollup-plugin-server. There is no path sanitization in readFile operation performed inside the readFileFromContentBase function. | High | CWE-22 |
Prototype Pollution in lodash.defaultsdeep (GHSA-h5mp-5q4p-ggf5)Versions of lodash.defaultsdeep before 4.6.1 are vulnerable to prototype pollution. The function mergeWith may allow a malicious user to modify the prototype of Object via... | High | CWE-1321 |
Command Injection in marsdbAll versions of marsdb are vulnerable to Command Injection. In the DocumentMatcher class, selectors on $where clauses are passed to a Function constructor unsanitized. This... | High | CWE-77 |
Cross-Site Scripting in fomantic-uiVersions of fomantic-ui are vulnerable to Cross-Site Scripting. Lack of output encoding on the selection dropdowns can lead to user input being executed instead of... | High | CWE-79 |
Directory Traversal in nhoustonAll versions of the static file server module nhouston are vulnerable to directory traversal. An attacker can provide input such as ../ to read files... | Medium | CWE-23 |
methodOverride Middleware Reflected Cross-Site Scripting in connectConnect is a stack of middleware that is executed in order in each request. | Low | CWE-79 |
XSS due to lack of CSRF validation for replying/publishingDue to lack of CSRF validation, a logged in user is potentially vulnerable to an XSS attack which could allow a third party to post... | Medium | CWE-352 |
Cross-Site Scripting in swagger-ui (GHSA-388g-jwpg-x6j4)Versions of swagger-ui prior to 3.0.13 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize YAML files imported from URLs or copied-pasted. This... | Medium | CWE-79 |
Cross-Site Scripting in swagger-ui (GHSA-vp93-gcx5-4w52)Versions of swagger-ui prior to 2.2.1 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize JSON schemas, allowing attackers to execute arbitrary JavaScript... | Medium | CWE-79 |
Cross-Site Scripting in swagger-ui (GHSA-w992-2gmj-9xxj)Versions of swagger-ui prior to 2.2.1 are vulnerable to Cross-Site Scripting (XSS). The package allows HTML code in the swagger.apiInfo.description value without proper sanitization, which... | Medium | CWE-79 |
Denial of Service in apostropheVersions of apostrophe prior to 2.97.1 are vulnerable to Denial of Service. The apostrophe-jobs module sets a callback for incoming jobs and doesn’t clear it... | Low | CWE-400 |
DOM-based XSS in gmail-jsAffected versions of gmail-js are vulnerable to cross-site scripting in the tools.parse_response, helper.get.visible_emails_post, and helper.get.email_data_post functions, which pass user input directly into the Function constructor.... | High | CWE-79 |
Open Redirect in apostropheVersions of apostrophe prior to 2.92.0 are vulnerable to Open Redirect. The package redirected requests to third-party websites if escaped URLs followed by a trailing... | Medium | CWE-601 |
Regular Expression Denial of Service in validatorVersions of validator prior to 3.22.1 are affected by a regular expression denial of service vulnerability in the isURL method. | High | CWE-400 |
Reverse Tabnabbing in quillVersions of quill prior to 1.3.7 are vulnerable to Reverse Tabnabbing. The package uses target='_blank' in anchor tags, allowing attackers to access window.opener for the... | Medium | CWE-1022 |
Sensitive Data Exposure in ibm_dbVersions of ibm_db prior to 2.6.0 are vulnerable to Sensitive Data Exposure. The package printed database credentials in plaintext in logs while in debug mode.... | Medium | |
User Impersonation in converse.jsVersions of converse.js prior to 1.0.7 for 1.x or 2.0.5 for 2.x are vulnerable to User Impersonation. The package provides an incorrect implementation of XEP-0280:... | Medium | CWE-346 |
XSS in client rendered block templates in rendrAffected versions of rendr are vulnerable to cross-site scripting when client side rendering is done inside a _block. | High | CWE-79 |
Cross-Site Scripting in bootstrap-select (GHSA-9r7h-6639-v5mw)Versions of bootstrap-select prior to 1.13.6 are vulnerable to Cross-Site Scripting (XSS). The package does not escape title values on <option> tags. This may allow... | High | CWE-79 |
Directory Traversal in @vivaxy/hereThe @vivaxy/here module is a small web server that serves files with the process’ working directory acting as the web root. | High | CWE-22 |
Reflected Cross-Site Scripting in redis-commanderAffected versions of redis-commander contain a cross-site scripting vulnerability in the highlighterId paramter of the clipboard.swf component on hosts serving Redis Commander. | Low | CWE-79 |
Cross-Site Scripting in mermaid (GHSA-w32g-5hqp-gg6q)Versions of mermaid prior to 8.2.3 are vulnerable to Cross-Site Scripting. If malicious input such as A["<img src=invalid onerror=alert('XSS')></img>"] is provided to the application, it... | High | CWE-79 |
Denial of Service in serialize-to-jsVersions of serialize-to-js prior to 2.0.0 are vulnerable to Denial of Service. User input is not properly validated, allowing attackers to provide inputs that lead... | High | |
Missing Origin Validation in browserify-hmrVersions of browserify-hmr prior to 0.4.0 are missing origin validation on the websocket server. | High | CWE-200 |
Prototype Pollution in smart-extendAll versions of smart-extend are vulnerable to Prototype Pollution. The deep() function allows attackers to modify the prototype of Object causing the addition or modification... | Medium | CWE-1321 |
Cross-Site Scripting in harpThis advisory has been withdrawn per request from the maintainer. Given harp is a static webserver, a XSS type of vulnerability is not appropriate. | Medium | |
Command Injection in soletta-dev-appAll versions of soletta-dev-app are vulnerable to Command Injection. The package does not validate user input on the /api/service/status API endpoint, passing contents of the... | High | CWE-77 |
Malicious Package in react-datepicker-plusVersions 2.4.3 and 2.4.2 of react-datepicker-plus contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms... | High | CWE-506 |
Malicious Package in vue-backboneVersion 0.1.2 of vue-backbone contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send... | High | CWE-506 |
Command Injection Vulnerability in systeminformation (GHSA-m57p-p67h-mq74)command injection vulnerability | Medium | CWE-78 |
Cross-Site Scripting in jquery.json-viewer (GHSA-v9wp-8r97-v6xg)Versions of jquery.json-viewer prior to 1.3.0 are vulnerable to Cross-Site Scripting (XSS). The package insufficiently sanitizes user input when creating links, and concatenates the user... | High | CWE-79 |
Cross-Site Scripting in dmn-js-properties-panelVersions of dmn-js-properties-panel prior to 0.8.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize input in specially configured diagrams, which may allow... | High | CWE-79 |
Cross-Site Scripting in Prism (GHSA-wvhm-4hhf-97x9)The easing preview of the Previewers plugin has an XSS vulnerability that allows attackers to execute arbitrary code in Safari and Internet Explorer. | High | CWE-79 |
Prototype Pollution in lodash.mergeVersions of lodash.merge before 4.6.1 are vulnerable to Prototype Pollution. The function ‘merge’ may allow a malicious user to modify the prototype of Object via... | High | CWE-1321 |
Cross-Site Scripting in snekserveAll versions of snekserve are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize filenames, allowing attackers to execute arbitrary JavaScript in the victim’s... | High | CWE-79 |
CSRF Vulnerability in jquery-ujsVersions 1.0.3 and earlier of jquery-ujs are vulnerable to an information leakage attack that may enable attackers to launch CSRF attacks, as it allows attackers... | Medium | CWE-352 |
Prototype Pollution in getsetdeepAll versions of getsetdeep are vulnerable to prototype pollution. The setDeep() function does not restrict the modification of an Object’s prototype, which may allow an... | High | CWE-1321 |
Command Injection in ascii-artVersions of ascii-art before 1.4.4 are vulnerable to command injection. This is exploitable when user input is passed into the argument of the ascii-art preview... | Low | CWE-77 |
Cross-Site Scripting in buefyVersions of buefy prior to 0.7.2 are vulnerable to Cross-Site Scripting, allowing attackers to manipulate the DOM and execute remote code. The autocomplete list renders... | High | CWE-79 |
Cross-Site Scripting in jingoVersions of jingo prior to 1.9.2 are vulnerable to Cross-Site Scripting (XSS). If malicious input such as <script>alert(1)</script> is placed in the content of a... | High | CWE-79 |
Cross-Site Scripting in markdown-it-katexAll versions of markdown-it-katex are vulnerable to Cross-Site Scripting (XSS). The package fails to properly escape error messages, which may allow attackers to execute arbitrary... | High | CWE-79 |
Cross-Site Scripting in md-data-tableAll versions of md-data-table are vulnerable to cross-site scripting (XSS). This vulnerability is exploitable if an attacker has control over data that is rendered by... | High | CWE-79 |
Out-of-bounds Read in njwtVersions of njwt prior to 1.0.0 are vulnerable to out-of-bounds reads when a number is passed into the base64urlEncode function. | Low | CWE-125 |
Cross-Site Scripting in htmrVersions of htmr prior to 0.8.7 are vulnerable to Cross-Site Scripting (XSS). The package uses innerHTML to unescape HTML entities. This may lead to DOM-based... | High | CWE-79 |
Cross-Site Request Forgery (CSRF) in Auth0CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled. | High | CWE-352 |
Cross-Site Scripting in swagger-ui (GHSA-22q9-hqm5-mhmc)Versions of swagger-ui prior to 2.2.1 are vulnerable to Cross-Site Scripting (XSS). The package fails to encode output in GET requests. | Medium | CWE-79 |
Prototype Pollution in lodash.defaultsdeepVersions of lodash.defaultsdeep before 4.6.1 are vulnerable to Prototype Pollution. The function ‘defaultsDeep’ may allow a malicious user to modify the prototype of Object via... | High | CWE-1321 |
Prototype Pollution in mithrilAffected versions of mithrilare vulnerable to prototype pollution. The function parseQueryString may allow a malicious user to modify the prototype of Object, causing the addition... | High | CWE-1321 |
Unauthorized File Access in atompmVersions of atompm prior to 0.8.2 are vulnerable to Unauthorized File Access. The package fails to sanitize relative paths in the URL for file downloads,... | High | CWE-200 |
Configuration Override in helmet-cspVersions of helmet-csp before to 2.9.1 are vulnerable to a Configuration Override affecting the application’s Content Security Policy (CSP). The package’s browser sniffing for Firefox... | Medium | |
Cross-Site Scripting in dompurify (GHSA-mjjq-c88q-qhr6)Versions of dompurify prior to 2.0.7 are vulnerable to Cross-Site Scripting (XSS). It is possible to bypass the package sanitization through Mutation XSS, which may... | High | CWE-79 |
Cross-Site Scripting in ecoAll versions of eco are vulnerable to Cross-Site Scripting (XSS). The package’s default __escape implementation fails to escape single quotes, which may allow attackers to... | High | CWE-79 |
Prototype Pollution in systeminformationcommand injection vulnerability by prototype pollution | Medium | CWE-78 |
ReDOS vulnerabities: multiple grammars (GHSA-7wwv-vh3v-89cq)oswasp: | Medium | CWE-400 |
ReDOS vulnerabities: multiple grammarsoswasp: | Medium | CWE-400 |
Unintended Require in larvitbase-wwwAll versions of larvitbase-www are vulnerable to an Unintended Require. The package exposes an API endpoint and passes a GET parameter unsanitized to an require()... | Medium | |
Client TLS credentials sent raw to server in npm package natsNats is a Node.js client for the NATS messaging system. | High | CWE-522 |
Cross-Site Scripting in ngx-mdVersions of ngx-md prior to 6.0.3 are vulnerable to Cross-Site Scripting. Links are not properly restricted to http/https and can contain JavaScript which may lead... | High | CWE-79 |
Potential XSS in jQuery dependency in MiradorMirador users less than v3.0.0 (alpha-rc) versions that have an unpatched jQuery. When adopters update jQuery they will find some of Mirador functionality to be... | Medium | CWE-79 |
Prototype Pollution in json-logic-jsVersions of json-logic-js prior to 2.0.0 are vulnerable to Prototype Pollution. The method operation allows a malicious user to modify the prototype of Object through... | High | CWE-471 |
Authentication Bypass in otpauthVersions of otpauth prior to 3.2.8 are vulnerable to Authentication Bypass. The package’s totp.validate() function may return positive values for single digit tokens even if... | High | CWE-287 |
Cross-Site Scripting in console-feedVersions of console-feed prior to 2.8.10 are vulnerable to Cross-Site Scripting (XSS). The package fails to properly escape the rendered output. If an application uses... | High | CWE-79 |
Prototype Pollution in lodash.merge (GHSA-h726-x36v-rx45)Versions of lodash.merge before 4.6.2 are vulnerable to prototype pollution. The function merge may allow a malicious user to modify the prototype of Object via... | High | CWE-1321 |
Prototype Pollution in lodash.mergewith (GHSA-5947-m4fg-xhqg)Versions of lodash.mergewith before 4.6.1 are vulnerable to Prototype Pollution. The function ‘mergeWith’ may allow a malicious user to modify the prototype of Object via... | High | CWE-1321 |
Prototype Pollution in lodash.mergewithVersions of lodash.mergewith before 4.6.2 are vulnerable to prototype pollution. The function mergeWith may allow a malicious user to modify the prototype of Object via... | High | CWE-1321 |
Cross-Site Scripting in mavon-editorAll versions of mavon-editor are vulnerable to Cross-Site Scripting. The package fails to sanitize entered input, allowing attackers to execute arbitrary JavaScript in a victim’s... | Medium | CWE-79 |
Cross-Site Scripting in markdown-to-jsx (GHSA-ccrp-c664-8p4j)Versions of markdown-to-jsx prior to 6.11.4 are vulnerable to Cross-Site Scripting. Due to insufficient input sanitization the package may render output containing malicious JavaScript. This... | High | CWE-79 |
Machine-In-The-Middle in airtableAffected versions of airtable are vulnerable to Machine-In-The-Middle. The package has SSL certificate validation disabled by default unintentionally. This may allow attackers in a privileged... | High | |
Regular Expression Denial of Service in markdownAll versions of markdown are vulnerable to Regular Expression Denial of Service (ReDoS). The markdown.toHTML() function has significantly degraded performance when parsing long strings containing... | Low | CWE-400 |
Improper Authorization in passport-cognitoAll versions of passport-cognito are vulnerable to Improper Authorization. The package fails to properly scope the variables containing authorization information, such as access token, refresh... | High | CWE-285 |
Signatures are mistakenly recognized to be valid in jsrsasignIn the jsrsasign package through 10.1.13 for Node.js, some invalid RSA PKCS#1 v1.5 signatures are mistakenly recognized to be valid. NOTE: there is no known... | Medium | CWE-347 |
Cross-Site Scripting in lazysizes (GHSA-w4vp-3mq7-7v82)Versions of lazysizes prior to 5.2.1-rc1 are vulnerable to Cross-Site Scripting. The video-embed plugin fails to sanitize the following attributes: data-vimeo, data-vimeoparams, data-youtube and data-ytparams.... | High | CWE-79 |
Server-Side Request Forgery in @uppy/companion (GHSA-mm7r-265w-jv6f)Versions of @uppy/companion prior to 1.9.3 are vulnerable to Server-Side Request Forgery (SSRF). The get route passes the user-controlled variable req.body.url to a GET request... | High | CWE-918 |
Code Injection in mquerylib/utils.js in mquery before 3.2.3 allows a pollution attack because a special property (e.g., proto) can be copied during a merge or clone operation. | Medium | CWE-94 |
Vulnerability allowing for reading internal HTTP resourcesThe vulnerability allows for reading and outputting files served by other services on the internal network in which the export server is hosted. If the... | High | CWE-552 |
Improper Verification of Cryptographic Signature (GHSA-7r96-8g3x-g36m)The verifyWithMessage method of tEnvoyNaClSigningKey always returns true for any signature of a SHA-512 hash matching the SHA-512 hash of the message even if the... | High | CWE-347 |
Incorrect version tags linked to external repositoryA security incident caused a number of incorrect version tags to be pushed to the Parse Server repository. These version tags linked to a personal... | High | |
Regular Expression Denial of Service in millisecondVersions of millisecond prior to 0.1.2 are affected by a regular expression denial of service vulnerability when extremely long version strings are parsed. | Medium | CWE-400 |
Prototype Pollution in node-forge debug API.The forge.debug API had a potential prototype pollution issue if called with untrusted input. The API was only used for internal debug purposes in a... | Low | CWE-1321 |
Prototype Pollution in node-forge util.setPath APIforge.util.setPath had a potential prototype pollution issue if called with untrusted keys. This API was not used by forge itself. | Low | |
Improper Privilege Management in shelljs (GHSA-64g7-mvw6-v9qj)Output from the synchronous version of shell.exec() may be visible to other users on the same system. You may be affected if you execute shell.exec()... | Medium | CWE-269 |
Server-Side Request Forgery in html-pdf-chromeThis package is working as intended. A Security section has been added since v0.6.1 to detail proper usage of this library. Npm has revoked their... | High | CWE-918 |
Inefficient Regular Expression Complexity in Validator.js (GHSA-xx4c-jj58-r7x6)Versions of validator prior to 13.7.0 are affected by an inefficient Regular Expression complexity when using the rtrim and trim sanitizers. | Medium | CWE-1333 |
Marked ReDoS due to email addresses being evaluated in quadratic timeVersions of marked from 0.3.14 until 0.6.2 are vulnerable to Regular Expression Denial of Service. Email addresses may be evaluated in quadratic time, allowing attackers... | Medium | CWE-400 |
fuelux vulnerable to Cross-Site Scripting in Pillbox featureAffected versions of fuelux contain a cross-site scripting vulnerability in the Pillbox feature. By supplying a script as a value for a new pillbox, it... | High | CWE-79 |
express-basic-auth Timing Attack due to native string comparison instead of constant time string comparisonVersions of express-basic-auth prior to 1.1.7 are vulnerable to Timing Attacks. The package uses native string comparison instead of a constant time string comparison, which... | Low | CWE-208 |
URL parsing in node-forge could lead to undesired behavior.The regex used for the forge.util.parseUrl API would not properly parse certain inputs resulting in a parsed data structure that could lead to undesired behavior.... | Low | CWE-601 |
Arbitrary Code Execution in require-nodeVersions of require-node prior to 1.3.4 for 1.x and 2.0.4 for 2.x are vulnerable to Arbitrary Code Execution. The package fails to sanitize requests to... | High | CWE-78 |
Regular Expression Denial of Service in slugAffected versions of slug are vulnerable to a regular expression denial of service when parsing untrusted user input. | Medium | CWE-400 |
d3-color vulnerable to ReDoSThe d3-color module provides representations for various color spaces in the browser. Versions prior to 3.1.0 are vulnerable to a Regular expression Denial of Service.... | High | CWE-400 |
uap-core Regular Expression Denial of Service issueAn issue was discovered in regex.yaml (aka regexes.yaml) in UA-Parser UAP-Core before 0.6.0. A Regular Expression Denial of Service (ReDoS) issue allows remote attackers to... | Medium | CWE-185 |
gatsby-transformer-remark has possible unsanitized JavaScript code injectionThe gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its... | High | CWE-79 |
RSSHub SSRF vulnerabilityRSSHub is vulnerable to Server-Side Request Forgery (SSRF) attacks. This vulnerability allows an attacker to send arbitrary HTTP requests from the server to other servers... | High | CWE-918 |
Prototype Pollution in chartkickAffected versions of @polymer/polymer are vulnerable to prototype pollution. The package fails to prevent modification of object prototypes through chart options containing a payload such... | High | |
Command injection in Parse Server through prototype pollutionThis is a Remote Code Execution (RCE) vulnerability in Parse Server. This vulnerability affects Parse Server in the default configuration with MongoDB. The main weakness... | High | CWE-74 |
Improper Input Validation in url-jsThe package url-js before 2.1.0 is vulnerable to Improper Input Validation due to improper parsing, which makes it is possible for the hostname to be... | Medium | CWE-20 |
Spoofing attack in swagger-ui-distThe swagger-ui-dist package before 4.1.3 for Node.js could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to... | Medium | CWE-1021 |
Sudden swap of user auth tokens in VoltoDue to the usage of an outdated version of the react-cookie library, under the circumstances of given a server high load, it is possible that... | Medium | CWE-287 |
Cross-site Scripting in vditor (GHSA-pq37-4c4g-v38c)vditor prior to version 3.8.11 is vulnerable to cross-site scripting. | Medium | CWE-79 |
Server-Side Request Forgery in FUXAA Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtaining of sensitive information from the server’s internal environment... | High | CWE-918 |
Command injection in launchpadAll versions of package launchpad are vulnerable to Command Injection via stop. | High | CWE-77 |
Regular Expression Denial-of-Service in npm schema-inspectorWhat kind of vulnerability is it? Who is impacted?Email address validation is vulnerable to a denial-of-service attack where some input (for example a@0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.) will freeze... | High | CWE-400 |
yargs-parser Vulnerable to Prototype PollutionAffected versions of yargs-parser are vulnerable to prototype pollution. Arguments are not properly sanitized, allowing an attacker to modify the prototype of Object, causing the... | Medium | CWE-915 |
parse-server new anonymous user session acts as if it's created with passwordDevelopers that use the REST API to signup users and also allow users to login anonymously. When an anonymous user is first signed up using... | Medium | CWE-863 |
Prototype Pollution in mathjsThe package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates. | High | CWE-915 |
Prototype Pollution in mout (GHSA-pc58-wgmc-hfjr)This affects all versions of package mout. The deepFillIn function can be used to ‘fill missing properties recursively’, while the deepMixIn ‘mixes objects into the... | High | CWE-1321 |
Failure to validate signature during handshake@chainsafe/libp2p-noise before 4.1.2 and 5.0.3 was not correctly validating signatures during the handshake process.This may allow a man-in-the-middle to pose as other peers and get... | High | CWE-347 |
modern-async's `forEachSeries` and `forEachLimit` functions do not limit the number of requestsThis is a bug affecting two of the functions in this library: forEachSeries and forEachLimit. They should limit the concurrency of some actions but, in... | High | CWE-770 |
Prototype polluation in just-safe-setPrototype pollution vulnerability in ‘just-safe-set’ versions 1.0.0 through 2.2.1 allows an attacker to cause a denial of service and may lead to remote code execution.... | High | CWE-915 |
Prototype Pollution in ts-nodashts-nodash before version 1.2.7 is vulnerable to Prototype Pollution via the Merge() function due to lack of validation input. | High | CWE-915 |
Improper Verification of Cryptographic Signature in `node-forge` (GHSA-2r2c-g63r-vccr)RSA PKCS#1 v1.5 signature verification code is not properly checking DigestInfo for a proper ASN.1 structure. This can lead to successful verification with signatures that... | Medium | CWE-347 |
Command Injection in ungitThe package ungit before 1.5.20 are vulnerable to Remote Code Execution (RCE) via argument injection. The issue occurs when calling the /api/fetch endpoint. User controlled... | High | CWE-77 |
URL Confusion When Scheme Not Supplied in medialize/uri.jsMedialize is a Javascript URL mutation library. When parsing a URL without a scheme and with excessive slashes, like ///www.example.com, URI.js will parse the hostname... | Medium | CWE-601 |
Cross-site Scripting in vditorCross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.13. | Medium | CWE-79 |
Cross-site Scripting in tableexport.jquery.pluginThere is a cross-site scripting vulnerability with default onCellHtmlData function in GitHub repository hhurz/tableexport.jquery.plugin prior to 1.25.0. This can result in transmitting cookies to third-party... | Medium | CWE-79 |
Prototype Pollution in fullpage.jsfullPage utils are available to developers using window.fp_utils. They can use these utils for their own use-case (other than fullPage) as well. However, one of... | High | CWE-1321 |
Cross-site Scripting in fullpage.jsusing fullpage.js you can create a anchor tag . But when put href in anchor then it does not sanitize the url which allow for... | Medium | CWE-79 |
Prototype Pollution in madlib-object-utilsThe package madlib-object-utils before version 0.1.8 is vulnerable to Prototype Pollution via the setValue method, as it allows an attacker to merge object prototypes into... | High | CWE-1321 |
Unrestricted Upload of File with Dangerous Type in ButterCMSAn arbitrary file upload vulnerability in the file upload component of ButterCMS v1.2.8 allows attackers to execute arbitrary code via a crafted SVG file. | High | CWE-434 |
Incorrect Authorization in cross-fetchWhen fetching a remote url with Cookie if it get Location response header then it will follow that url and try to fetch that url... | Medium | CWE-863 |
Unrestricted Upload of File with Dangerous Type in PayloadAn arbitrary file upload vulnerability in the file upload module of PayloadCMS v0.15.0 allows attackers to execute arbitrary code via a crafted SVG file. | High | CWE-434 |
Improper handling of multiline messages in node-irc affects matrix-appservice-ircmatrix-appservice-irc provides an IRC bridge for Matrix. The vulnerability in node-irc allows an attacker to manipulate a Matrix user into executing IRC commands by having... | High | CWE-74 |
Cross-site Scripting in Auth0 LockIn versions before and including 11.32.2, when the “additional signup fields” feature is configured, a malicious actor can inject invalidated HTML code into these additional... | Medium | CWE-79 |
undici before v5.8.0 vulnerable to CRLF injection in request headersIt is possible to inject CRLF sequences into request headers in Undici. | Medium | CWE-93 |
Exposure of Sensitive Information to an Unauthorized Actor in nanoidThe package nanoid from 3.0.0, before 3.1.31, are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated. | Medium | CWE-200 |
Improper Neutralization of Input During Web Page Generation in swagger-uiswagger-ui has XSS in key names | Medium | CWE-79 |
Improper Control of Generation of Code in doTThe dot package v1.1.2 uses Function() to compile templates. This can be exploited by the attacker if they can control the given template or if... | High | CWE-94 |
Improper Neutralization of Input During Web Page Generation in Select2In Select2 through 4.0.5, as used in Snipe-IT and other products, rich selectlists allow XSS. This affects use cases with Ajax remote data loading when... | Medium | CWE-79 |
Improper Removal of Sensitive Information Before Storage or Transfer in Strapi (GHSA-f6fm-r26q-p747)An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, for other... | High | CWE-212 |
Improper Removal of Sensitive Information Before Storage or Transfer in StrapiAn authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, for API... | High | CWE-212 |
Improper Input Validation in DeapThe utilities function in all versions < 1.0.1 of the deap node module can be tricked into modifying the prototype of Object when the attacker... | High | CWE-20 |
Any logged in user could edit any other logged in user.Everyone who is running a12n-server. | High | CWE-863 |
react-dev-utils OS Command Injection in function `getProcessForPort`react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. This function is typically... | Medium | CWE-78 |
react-dev-utils on Windows vulnerable to Remote Code Executionreact-dev-utils on Windows is vulnerable to remote code execution. | High | CWE-78 |
cruddl vulnerable to ArangoDB Query Language (AQL) injection through flexSearchIf a vunerable version of cruddl is used to generate a schema that uses @flexSearchFulltext, users of that schema may be able to inject arbitrary... | High | CWE-74 |
OpenPGP 1.2.0 and earlier decrypts arbitrary messagess2k.js in OpenPGP.js will decrypt arbitrary messages regardless of passphrase for crafted PGP keys which allows remote attackers to bypass authentication if message decryption is... | High | |
SQL Injection and Cross-site Scripting in class-validatorIn TypeStack class-validator, validate() input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name. | High | CWE-89 |
Missing Cryptographic Step in cassprojectCaSS Library, (npm:cassproject) has a missing cryptographic step when storing cryptographic keys that can allow a server administrator access to an account’s cryptographic keys. This... | Medium | CWE-325 |
Unsanitized JavaScript code injection possible in gatsby-plugin-mdxThe gatsby-plugin-mdx plugin prior to versions 3.15.2 and 2.14.1 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its... | High | CWE-502 |
Command injection in google-itGoogle-it is a Node.js package which allows its users to send search queries to Google and receive the results in a JSON format. When using... | High | CWE-78 |
Infinite loop in jpeg-jsThe package jpeg-js before 0.4.4 is vulnerable to Denial of Service (DoS) where a particular piece of input will cause the program to enter an... | High | CWE-835 |
ProxyAgent vulnerable to MITMUndici.ProxyAgent never verifies the remote server’s certificate, and always exposes all request & response data to the proxy. This unexpectedly means that proxies can MitM... | High | CWE-295 |
Authentication bypass vulnerability in Apple Game Center auth adapterThe certificate in Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake certificate accessible via... | High | CWE-295 |
Improper handling of CSS at-rules in lettersanitizerAll versions of lettersanitizer below 1.0.2 are affected by a denial of service issue when processing a CSS at-rule @keyframes. | High | CWE-754 |
jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 methodSummary | High | CWE-1333 |
Invalid file request can crash serverCertain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a... | High | CWE-252 |
JWS and JWT signature validation vulnerability with special charactersJsrsasign supports JWS(JSON Web Signatures) and JWT(JSON Web Token) validation. However JWS or JWT signature with non Base64URL encoding special characters or number escaped characters... | High | CWE-347 |
Server-Side Request Forgery in link-preview-jsThe package link-preview-js before 2.1.17 are vulnerable to Server-side Request Forgery (SSRF) which allows attackers to send arbitrary requests to the local network and read... | Medium | CWE-918 |
parse-server auth adapter app ID validation can be circumventedValidation of the authentication adapter app ID for Facebook and Spotify may be circumvented. | Low | CWE-287 |
Oils JS vulnerable to Open RedirectA vulnerability was found in oils-js. This vulnerability affects unknown code of the file core/Web.js. The manipulation leads to open redirect and the attack can... | Medium | CWE-601 |
parse-server's session object properties can be updated by foreign user if object ID is knownA foreign user can write to the session object of another user if the session object ID is known. For example, a foreign user can... | Medium | CWE-669 |
Improperly Controlled Modification of Dynamically-Determined Object Attributes in vega-utilvega-util prior to 1.13.1 allows manipulation of object prototype. The 'vega.mergeConfig' method within vega-util could be tricked into adding or modifying properties of the Object.prototype.... | Medium | CWE-915 |
Prototype pollution in class-transformerclass-transformer through 0.2.3 is vulnerable to Prototype Pollution. The ‘classToPlainFromExist’ function could be tricked into adding or modifying properties of ‘Object.prototype’ using a ‘proto’ payload.... | Medium | CWE-915 |
Prototype Pollution in madlib-object-utils (GHSA-jvf5-q4h5-2jmj)madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution via setValue. | High | CWE-915 |
Cross-Site Scripting in min-http-serverAll versions of min-http-server are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize filenames, allowing attackers to execute arbitrary JavaScript in the victim’s... | Medium | CWE-79 |
Prototype pollution in chart.jsThis affects the package chart.js before 2.9.4. The options parameter is not properly sanitized when it is processed. When the options are processed, the existing... | High | CWE-915 |
RSA-PSS signature validation vulnerability by prepending zeros in jsrsasignJsrsasign can verify RSA-PSS signature which value can expressed as BigInteger. When there is a valid RSA-PSS signature value, this vulnerability is also accept value... | High | CWE-119 |
Code injection in electermAn issue was discovered in Electerm 1.3.22, allows attackers to execute arbitrary code via unverified request to electerms service. | High | CWE-94 |
Cross site scripting in mobiledoc-kitCross-site Scripting (XSS) - Reflected in GitHub repository bustle/mobiledoc-kit prior to 0.14.2. | Medium | CWE-79 |
Uncontrolled Resource Consumption in node-opcuaThe package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per... | High | CWE-400 |
Matrix-appservice-irc vulnerable to sql injection via roomIds argumentA vulnerability was found in matrix-appservice-irc up to 0.35.1. This vulnerability affects the file src/datastore/postgres/PgDataStore.ts. The manipulation of the argument roomIds leads to sql injection.... | Medium | CWE-89 |
@cubejs-backend/api-gateway row level security bypassAll authenticated Cube clients could bypass row-level security and run arbitrary SQL via the newly introduced /v1/sql-runner endpoint. | High | CWE-89 |
dustjs-linkedin vulnerable to Prototype PollutionA vulnerability was found in LinkedIn dustjs prior to version 3.0.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation... | High | CWE-94 |
Jodit Editor vulnerable to Cross-site Scripting (GHSA-42hx-vrxx-5r6v)Jodit Editor is a WYSIWYG editor written in pure TypeScript without the use of additional libraries. Jodit Editor is vulnerable to XSS attacks when pasting... | Medium | CWE-79 |
secp256k1-js implements ECDSA without required r and s validation, leading to signature forgeryThe secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery. | High | CWE-347 |
matrix-appservice-irc vulnerable to IRC mode parameter confusionIRC allows you to specify multiple modes in a single mode command. Due to a bug in the underlying matrix-org/node-irc library, affected versions of matrix-appservice-irc... | Medium | CWE-269 |
Parsing issue in matrix-org/node-irc leading to room takeoversAttackers can specify a specific string of characters, which would confuse the bridge into combining an attacker-owned channel and an existing channel, allowing them to... | High | CWE-269 |
Cross-site Scripting in JoplinAn XSS issue in Joplin desktop allows arbitrary code execution via a malicious HTML embed tag. | Medium | CWE-79 |
Node-Redis potential exponential regex in monitor modeWhen a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could... | High | CWE-400 |
cumulative-distribution-function Infinite Loop vulnerabilityA flaw enabling an infinite-loop was discovered in the code for evaluating the cumulative-distribution-functionof input data. Although the documentation explains that numeric data is required,... | High | CWE-835 |
prismjs Regular Expression Denial of Service vulnerabilityPrism is a syntax highlighting library. The prismjs package is vulnerable to ReDoS (regular expression denial of service). An attacker that is able to provide... | Medium | CWE-400 |
a12nserver vulnerable to potential SQL Injections via Knex dependencyUsers of a12nserver that use MySQL might be vulnerable to SQL injection bugs. | Medium | CWE-89 |
DOM-based cross-site scripting in Froala EditorFroala WYSIWYG HTML Editor is a lightweight WYSIWYG HTML Editor written in JavaScript that enables rich text editing capabilities for web applications. A DOM-based cross-site... | Medium | CWE-79 |
Options structure open to Cross-site Scripting if passed unfilteredIn Highcharts versions 8 and earlier, the chart options structure was not systematically filtered for XSS vectors. The potential impact was that content from untrusted... | High | CWE-79 |
Prototype poisoningThe issue is as follows: when msgpack5 decodes a map containing a key "__proto__", it assigns the decoded value to __proto__. As you are no... | Medium | CWE-915 |
Remote code execution in Eclipse TheiaIn Eclipse Theia 0.3.9 to 1.8.1, the “mini-browser” extension allows a user to preview HTML files in an iframe inside the IDE. But with the... | High | CWE-942 |
Joplin is vulnerable to arbitrary code executionJoplin v2.8.8 allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles. | High | CWE-79 |
node-opcua DoS vulnerability via message with memory allocation that exceeds v8's memory limitThe package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) by sending a specifically crafted OPC UA message with a special OPC UA... | High | CWE-770 |
node-opcua DoS when bypassing limitations for excessive memory consumptionThe package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests... | High | CWE-400 |
matrix-js-sdk subject to user impersonation due to key/device identifier confusion in SAS verificationAn attacker cooperating with a malicious homeserver could interfere with the verification flow between two users, injecting its own cross-signing user identity in place of... | High | CWE-322 |
steal vulnerable to Prototype Pollution via optionName variablePrototype pollution vulnerability in stealjs steal 2.2.4 via the optionName variable in main.js. | High | CWE-1321 |
Inefficient Regular Expression Complexity in vuelidatevuelidate is a simple, lightweight model-based validation for Vue.js 2.x & 3.0. A ReDoS (regular expression denial of service) flaw was found in the @vuelidate/validators... | High | CWE-697 |
TypeORM vulnerable to MAID and Prototype PollutionPrototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or... | High | CWE-471 |
Parse Server vulnerable to brute force guessing of user sensitive data via search patternsInternal fields (keys used internally by Parse Server, prefixed by _) and protected fields (user defined) can be used as query constraints. Internal and protected... | High | CWE-200 |
Improper beacon events in matrix-js-sdk can result in availability issuesImproperly formed beacon events (from MSC3488) can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer’s ability to process data safely. Note... | Medium | CWE-20 |
steal vulnerable to Prototype Pollution via key variable in babel.jsPrototype pollution vulnerability in function extend in babel.js in stealjs steal via the key variable in babel.js. | High | CWE-1321 |
steal vulnerable to Prototype Pollution via requestedVersion variablePrototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal via the requestedVersion variable in the npm-convert.js file. | High | CWE-1321 |
matrix-js-sdk subject to impersonated messages due to permissive key forwardingAn attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey... | High | CWE-287 |
matrix-js-sdk subject to user spoofing via Olm/Megolm protocol confusionAn attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a... | High | CWE-322 |
ejs template injection vulnerabilityThe ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName]. This is parsed as an internal option, and... | High | CWE-74 |
Parse Server crashes with query parameterParse Server crashes when if a query request contains an invalid value for the explain option. This is due to a bug in the MongoDB... | High | CWE-755 |
@dependencytrack/frontend vulnerable to Persistent Cross-Site-Scripting via Vulnerability DetailsDue to the common practice of providing vulnerability details in markdown format, the Dependency-Track frontend renders them using the JavaScript library Showdown. Showdown does not... | Medium | CWE-79 |
jsx-slack insufficient patch for CVE-2021-43838 ReDoSWe found the patch for CVE-2021-43838 in jsx-slack v4.5.1 is insufficient to save from Regular Expression Denial of Service (ReDoS) attack. | Medium | CWE-400 |
jquery.terminal self XSS on user inputThis is low impact and limited XSS, because code for XSS payload is always visible, but attacker can use other techniques to hide the code... | Low | CWE-80 |
Prototype Pollution in moutThis affects all versions of package mout. The deepFillIn function can be used to ‘fill missing properties recursively’, while the deepMixIn mixes objects into the... | High | CWE-1321 |
tagify can pass a malicious placeholder to initiate the cross-site scripting (XSS) payloadThis affects the package @yaireo/tagify before 4.9.8. The package is used for rendering UI components inside the input or text fields, and an attacker can... | Medium | CWE-79 |
React Editable Json Tree vulnerable to arbitrary code execution via function parsingOur library allows strings to be parsed as functions and stored as a specialized component, JsonFunctionValue. To do this, Javascript’s eval function was used to... | High | CWE-95 |
undici before v5.8.0 vulnerable to uncleared cookies on cross-host / cross-origin redirectAuthorization headers are already cleared on cross-origin redirect inhttps://github.com/nodejs/undici/blob/main/lib/handler/redirect.js#L189, based on https://github.com/nodejs/undici/issues/872. | Low | CWE-93 |
Cross-site Scripting (XSS) in serve-liteAll versions of the package serve-lite are vulnerable to Cross-site Scripting (XSS) because when it detects a request to a directory, it renders a file... | Medium | CWE-79 |
Directory Traversal vulnerability in serve-liteAll versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url... | High | CWE-22 |
TaffyDB can allow access to any data items in the DBTaffyDB allows attackers to forge adding additional properties into user-input processed by taffy which can allow access to any data items in the DB. Taffy... | High | CWE-668 |
RSA PKCS#1 decryption vulnerability with prepending zeros in jsrsasignJsrsasign supports RSA PKCS#1 v1.5 (i.e. RSAES-PKCS1-v1_5) and RSA-OAEP encryption and decryption. Its encrypted message is represented as BigInteger. When there is a valid encrypted... | High | CWE-119 |
ECDSA signature validation vulnerability by accepting wrong ASN.1 encoding in jsrsasignJsrsasign supports ECDSA signature validation which signature value is represented by ASN.1 DER encoding. This vulnerablity may accept a wrong ASN.1 DER encoded ECDSA signature... | High | CWE-347 |
Path Traversal in html-pagesVersions of html-pages before 2.1.0 are vulnerable to path traversal. | High | CWE-35 |
Stored Cross-Site Scripting in simplehttpserverSimplehttpserver prior to version 0.1.0 are vulnerable to stored cross-site scripting (XSS). To be exploited an attacker needs to control the filename of a file... | Medium | CWE-79 |
metascraper before v5.2.0 vulnerable to stored cross-site scriptingVersions of metascraper prior to 5.2.0 are vulnerable to stored cross-site scripting (XSS). | Medium | CWE-79 |
Cross-site Scripting (XSS) - Stored in crud-file-serverVersions of crud-file-server before 0.8.0 are vulnerable to stored cross-site scripting (XSS). This is due to insufficient santiziation of filenames when directory index is served... | Medium | CWE-79 |
Regular Expression Denial of Service in sshpkVersions of sshpk before 1.13.2 or 1.14.1 are vulnerable to regular expression denial of service when parsing crafted invalid public keys. | High | CWE-770 |
Raneto v0.17.0 employs weak password complexity requirementsRaneto v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks. Version 0.17.1 contains security mitigations for this and other... | High | CWE-521 |
Raneto Denial of Service via crafted payload injected into `Search` parameterAn issue in Renato v0.17.0 allows attackers to cause a Denial of Service (DoS) via a crafted payload injected into the Search parameter. | High | CWE-287 |
Nadesiko3 OS Command Injection vulnerabilityOS command injection vulnerability in Nadesiko3 (PC Version) v3.3.68 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and... | High | CWE-78 |
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3editNako3edit is the editor component of Nadeshiko 3, a programming language developed based on Japanese. Improper check or handling of exceptional conditions in Nako3edit v3.3.74... | Medium | CWE-755 |
nadesiko3 vulnerable to OS Command InjectionOS command injection vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to obtain appkey of the product... | High | CWE-78 |
steal vulnerable to Prototype PollutionPrototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js. | High | CWE-1321 |
Toast UI Grid vulnerable to Cross-site ScriptingToast UI Grid is a component to display and edit data. Versions prior to 4.21.3 are vulnerable to cross-site scripting attacks when pasting specially crafted... | Medium | CWE-79 |
steal vulnerable to Prototype Pollution via alias variablePrototype pollution vulnerability in stealjs steal via the alias variable in babel.js. | High | CWE-1321 |
Regular Expression Denial of Service in ua-parser-jsThe package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA.... | High | CWE-400 |
materialize-css vulnerable to cross-site Scripting (XSS) due to improper escape of user inputAll versions of package materialize-css are vulnerable to Cross-site Scripting (XSS) due to improper escape of user input (such as <not-a-tag />) that is being... | Medium | CWE-79 |
Privilege Issues in jailedAll versions of package jailed are vulnerable to Sandbox Bypass via an exported alert() method which can access the main application. Exported methods are stored... | High | |
Prototype Pollution in DexieDexie is a minimalistic wrapper for IndexedDB. The package dexie before 3.2.2, from 4.0.0-alpha.1 and before 4.0.0-alpha.3 are vulnerable to Prototype Pollution in the Dexie.setByKeyPath(obj,... | High | CWE-1321 |
Insecure password handling vulnerability in StrapiStoring passwords in a recoverable format in the DOCUMENTATION plugin component of Strapi before 3.6.9 and 4.x before 4.1.5 allows an attacker to access a... | High | CWE-922 |
Cross-site Scripting in video.jsThis affects the package video.js before 7.14.3. The src attribute of track tag allows to bypass HTML escaping and execute arbitrary code. | Medium | CWE-79 |
Cross-site Scripting in jquery.json-viewerThe jquery.json-viewer library before version 1.5.0 for Node.js does not properly escape characters such as < in a JSON object, as demonstrated by a SCRIPT... | Medium | CWE-79 |
Authentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapterWeak validation of the Apple certificate URL in the Apple Game Center authentication adapter allows to bypass authentication and makes the server vulnerable to DoS... | High | CWE-295 |
tiny-csrf has openly visible CSRF tokensWeak encryption on CSRF so tokens can be read by malicious attackers. | High | CWE-319 |
Cross-site Scripting in pandao editor.mdpandao Editor.md 1.5.0 allows XSS via the Javascript: string. | Medium | CWE-79 |
Invalid Curve Attack in openpgpVersions of openpgp prior to 4.3.0 are vulnerable to an Invalid Curve Attack. The package’s implementation of ECDH fails to verify the validity of the... | Medium | CWE-327 |
Cross-site Scripting in pandaopandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR or SUP element. | Medium | CWE-79 |
XSS in knockoutThere is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its... | Medium | CWE-79 |
Denial of Service and Content Injection in i18n-node-angularVersions of i18n-node-angular prior to 1.4.0 are affected by denial of service and cross-site scripting vulnerabilities. The vulnerabilities exist in a REST endpoint that was... | High | CWE-74 |
Cross-Site Scripting in @novnc/novncVersions of @novnc/novnc prior to 0.6.2 are vulnerable to Cross-Site Scripting (XSS). The package fails to validate input from the remote VNC server such as... | Medium | CWE-79 |
Cross-site Scripting in Joplin (GHSA-6r7x-hc8m-985r)Joplin through 1.0.184 allows Arbitrary File Read via Cross-site Scripting (XSS). | Medium | CWE-79 |
receiving subscription objects with deleted sessionOriginal Message:Hi, | Medium | CWE-672 |
Unprotected dynamically loaded chunksAll dynamically loaded chunks receive an invalid integrity hash that is ignored by the browser, and therefore the browser cannot validate their integrity. This removes... | Low | CWE-345 |
Prototype Pollution in highlight.jsAffected versions of this package are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of... | Medium | CWE-471 |
Axios vulnerable to Server-Side Request ForgeryAxios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that... | Medium | CWE-918 |
Command Injection in systeminformationcommand injection vulnerability | Medium | CWE-78 |
regular expression denial of service (ReDoS) (GHSA-r92x-f52r-x54g)date-and-time is an npm package for manipulating date and time. In date-and-time before version 0.14.2, there a regular expression involved in parsing which can be... | High | CWE-400 |
Regular Expression Denial of Service (REDoS) in MarkedRegular expression Denial of Service | Medium | CWE-400 |
SSRF in RendertronRendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery (SSRF) attack. An attacker can use a specially crafted webpage to force... | Medium | CWE-918 |
Cross-site Scripting in dompurify (GHSA-63q7-h895-m982)Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can... | Medium | CWE-79 |
Angular Expressions - Remote Code ExecutionThe vulnerability, reported by GoSecure Inc, allows Remote Code Execution, if you call expressions.compile(userControlledInput) where userControlledInput is text that comes from user input. | High | CWE-94 |
Cross-site Scripting in vis-timelineThis affects the package vis-timeline before 7.4.4. An attacker with the ability to control the items of a Timeline element can inject additional script code... | Medium | CWE-79 |
Improper Validation and Sanitization in url-parseInsufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks. | Medium | CWE-20 |
Cross-site Scripting (XSS) in Eclipse TheiaIn Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code. | High | CWE-79 |
[thi.ng/egf] Potential arbitrary code execution of `#gpg`-tagged property valuesPotential for arbitrary code execution in #gpg-tagged property values (only if decrypt: true option is enabled) | Medium | CWE-78 |
Command Injection Vulnerability in systeminformationcommand injection vulnerability | High | CWE-78 |
Hostname spoofing via backslashes in URLIf using affected versions to determine a URL’s hostname, the hostname can be spoofed by using a backslash (\) character followed by an at (@)... | Medium | CWE-20 |
Improper Neutralization of Input in Theia consoleIn Eclipse Theia versions up to and including 1.8.0, in the debug console there is no HTML escaping, so arbitrary Javascript code can be injected.... | Medium | CWE-79 |
Parse Server stores password in plain textParse Server is an open source backend that can be deployed to any infrastructure that can run Node.js.In Parse Server before version 4.5.0, user passwords... | Low | CWE-312 |
XSS in VegaVega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Vega in an npm package.In Vega before version 5.17.3... | Low | CWE-79 |
Cross-site scripting in SocksJS-nodehtmlfile in lib/transport/htmlfile.js in SockJS before 0.3.0 is vulnerable to Reflected XSS via the /htmlfile c (aka callback) parameter. | Medium | CWE-79 |
Regular Expression Denial of Service (ReDoS) in ua-parser-jsua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header,... | High | CWE-400 |
Arbitrary code execution in djvThis affects the package djv before 2.1.4. By controlling the schema file, an attacker can run arbitrary JavaScript code on the victim machine. | High | CWE-94 |
Improper Input Validation in sanitize-html (GHSA-mjxr-4v3x-q3m4)Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the “allowedIframeHostnames” option when the “allowIframeRelativeUrls” is set to true, which allows... | Medium | CWE-20 |
Insufficient Verification of Data Authenticity in Eclipse TheiaIn Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is “Mini-Browser”, published as “@theia/mini-browser” on npmjs.com. | High | CWE-345 |
Misuse of `Reference` and other transferable APIs may lead to access to nodejs isolateVersions of isolated-vm before v4.0.0, and especially before v3.0.0, have API pitfalls which may make it easy for implementers to expose supposed secure isolates to... | High | CWE-913 |
Improper Input Validation in SocksJS-NodeIncorrect handling of Upgrade header with the value websocket leads in crashing of containers hosting sockjs apps. This affects the package sockjs before 0.3.20. | Medium | CWE-20 |
Padding Oracle Attack due to Observable Timing Discrepancy in josejose is an npm library providing a number of cryptographic operations. | Medium | CWE-696 |
Cross-site Scripting in reveal.js (GHSA-6vwx-mwp8-fh44)Insufficient validation in cross-origin communication (postMessage) in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks. | Medium | CWE-79 |
OS Command Injection in systeminformationThis affects the package systeminformation before 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands.... | High | CWE-78 |
Prototype pollution in pathvalA prototype pollution vulnerability affects all versions of package pathval under 1.1.1. | High | CWE-20 |
Regular Expression Denial of Service in dat.guiAll versions of package dat.gui are vulnerable to Regular Expression Denial of Service (ReDoS) via specifically crafted rgb and rgba values. | High | CWE-400 |
Prototype Pollution in node-oojsAll versions of package node-oojs up to and including version 1.4.0 are vulnerable to Prototype Pollution via the setPath function. | High | CWE-1321 |
Prototype Pollution in simpl-schemaThis affects the package simpl-schema before 1.10.2. Attacker controlled input into a schema could result in remote code execution within the scope of the surrounding... | High | CWE-1321 |
Path traversal in rollup-plugin-servePath traversal in npm package rollup-plugin-serve before version 1.0.2. There is no path sanitization in readFile operation. | High | CWE-22 |
Insecure template handling in haml-coffeehaml-coffee is a JavaScript templating solution. haml-coffee mixes pure template data with engine configuration options through the Express render API. More specifically, haml-coffee supports overriding... | High | CWE-79 |
Path Traversal in droppyThis affects all versions of package droppy. It is possible to traverse directories to fetch configuration files from a droopy server. | Medium | CWE-22 |
Regular Expression Denial of Service in postcss (GHSA-hwj9-h5mp-3pm3)The npm package postcss from 7.0.0 and before versions 7.0.36 and 8.2.10 is vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.... | Medium | CWE-400 |
Cross-site scripting in Joplin (GHSA-q26w-wjj2-22vv)Joplin allows XSS via a LINK element in a note. | Medium | CWE-79 |
Cross-site Scripting in lightning-serverThis affects all versions of package lightning-server. It is possible to inject malicious JavaScript code as part of a session controller. | Medium | CWE-79 |
Cross-site Scripting in aurelia-frameworkThe HTMLSanitizer class in html-sanitizer.ts in all released versions of the Aurelia framework 1.x repository is vulnerable to XSS. The sanitizer only attempts to filter... | Medium | CWE-79 |
Command Injection in @theia/messagesIn Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run. | Medium | CWE-829 |
ua-parser-js Regular Expression Denial of Service vulnerabilityThe package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info). | High | CWE-400 |
Injection and Command Injection in devcertA command injection vulnerability in the devcert module may lead to remote code execution when users of the module pass untrusted input to the certificateFor... | High | CWE-78 |
Injection in op-browserop-browser through 1.0.9 is vulnerable to Command Injection. It allows execution of arbitrary commands via the url function. | High | CWE-78 |
Uncontrolled Resource Consumption in firebaseThis affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided,... | Medium | CWE-400 |
Code Injection in cd-messengercd-messenger through 2.7.26 is vulnerable to Arbitrary Code Execution. User input provided to the color argument executed by the eval function resulting in code execution.... | High | CWE-94 |
Code Injection in moscmosc through 1.0.0 is vulnerable to Arbitrary Code Execution. User input provided to properties argument is executed by the eval function, resulting in code execution.... | High | CWE-94 |
Code Injection in node-rulesnode-rules including 3.0.0 and prior to 5.0.0 allows injection of arbitrary commands. The argument rules of function “fromJSON()” can be controlled by users without any... | High | CWE-94 |
Cross-site scripting in react-bootstrap-tableAll versions of package react-bootstrap-table are vulnerable to Cross-site Scripting (XSS) via the dataFormat parameter. The problem is triggered when an invalid React element is... | Medium | CWE-79 |
Regular Expression Denial of Service (ReDoS) in PrismSome languages before 1.24.0 are vulnerable to Regular Expression Denial of Service (ReDoS). | High | CWE-400 |
Directory Traversal in isomorphic-gitisomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository. | Medium | CWE-22 |
Reflected XSS from the callback handler's error query parameterVersions before and including 1.4.1 are vulnerable to reflected XSS. An attacker can execute arbitrary code by providing an XSS payload in the error query... | High | CWE-79 |
Improper Verification of Cryptographic SignaturetEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser (hashing, random, encryption, decryption, signatures, conversions), used by TogaTech.org. In versions prior to... | High | CWE-347 |
Reflected XSS when using flashMessages or languageDictionaryVersions before and including 11.30.0 are vulnerable to reflected XSS. An attacker can execute arbitrary code when the library’s flashMessage feature is utilized and user... | High | CWE-79 |
Passing in a non-string 'html' argument can lead to unsanitized outputA type-confusion vulnerability can cause striptags to concatenate unsanitized strings when an array-like object is passed in as the html parameter. This can be abused... | Medium | CWE-843 |
Cross-site Scripting in curly-bracket-parserThis affects all versions of package curly-bracket-parser. When used as a template library, it does not properly sanitize the user input. | Medium | CWE-79 |
Prototype Pollution in mootoolsThis affects all versions of package mootools. This is due to the ability to pass untrusted input to Object.merge() | Medium | CWE-1321 |
Cross-site Scripting in file-upload-with-previewThis affects the package file-upload-with-preview before 4.2.0. A file containing malicious JavaScript code in the name can be uploaded (a user needs to be tricked... | Medium | CWE-79 |
XSS in svg2png (NPM package)svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an SVG document. | Medium | CWE-79 |
Directory Traversal in startserverAll versions of package startserver are vulnerable to Directory Traversal due to missing sanitization. | High | CWE-22 |
Remote Command Execution in reg-keygen-git-hash-pluginreg-keygen-git-hash-plugin through 0.10.15 allow remote attackers to execute of arbitrary commands. | High | CWE-94 |
Cross-site Scripting in jsoneditorStored XSS was discovered in the tree mode of jsoneditor before 9.0.2 through injecting and executing JavaScript. | Medium | CWE-79 |
Basic-auth app bundle credential exposure in gatsby-source-wordpressThe gatsby-source-wordpress plugin prior to versions 4.0.8 and 5.9.2 leaks .htaccess HTTP Basic Authentication variables into the app.js bundle during build-time. Users who are not... | High | CWE-522 |
Cross-site Scripting in MermaidMermaid before 8.11.0 allows XSS when the antiscript feature is used. | Medium | CWE-79 |
Prototype pollution in aurelia-pathThe vulnerability exposes Aurelia application that uses aurelia-path package to parse a string. The majority of this will be Aurelia applications that employ the aurelia-router... | High | CWE-915 |
XSS vulnerability allowing arbitrary JavaScript executionToday we are releasing Grafana 8.2.3. This patch release includes an important security fix for an issue that affects all Grafana versions from 8.0.0-beta1. | Medium | CWE-79 |
Cross-site Scripting in Froala Editor (GHSA-cq6w-w5rj-p9x8)Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS). Under certain conditions, a base64 crafted string leads to persistent Cross-site scripting (XSS) vulnerability within... | Medium | CWE-79 |
GraphiQL introspection schema template injection attackThis is a security advisory for an XSS vulnerability in graphiql. | High | CWE-79 |
LiveQuery publishes user session tokens in parse-serverFor regular (non-LiveQuery) queries, the session token is removed from the response, but for LiveQuery payloads it is currently not. If a user has a... | High | CWE-200 |
Cross-site Request Forgery (CSRF) in joplinThe package joplin before 2.3.2 are vulnerable to Cross-site Request Forgery (CSRF) due to missing CSRF checks in various forms. | Medium | CWE-352 |
Clipboard-based XSSXSS against the user. | High | CWE-79 |
Improper Verification of Communication Channel in @theia/plugin-extIn versions of the @theia/plugin-ext component of Eclipse Theia prior to 1.18.0, Webview contents can be hijacked via postMessage(). | Medium | CWE-940 |
Risk of code injectionSome routes use eval or Function constructor, which may be injected by the target site with unsafe code, causing server-side security issues | High | CWE-74 |
Insecure random number generation in keypairA bug in the pseudo-random number generator used by keypair versions up to and including 1.0.3 could allow for weak RSA key generation. This could... | High | CWE-335 |
Cross-site Scripting in apostropheApostrophe CMS versions between 2.63.0 to 3.3.1 are vulnerable to Stored XSS where an editor uploads an SVG file that contains malicious JavaScript onto the... | Medium | CWE-79 |
Cross-site Scripting in pekeuploadThis affects all versions of package pekeupload. If an attacker induces a user to upload a file whose name contains javascript code, the javascript code... | Medium | CWE-79 |
Prototype Pollution in @fabiocaccamo/utils.jsutils.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’). | High | CWE-1321 |
Open redirect in @auth0/nextjs-auth0Versions <=1.6.1 do not filter out certain returnTo parameter values from the login url, which expose the application to an open redirect vulnerability. | Medium | CWE-601 |
Cross-Site Scripting in http-file-serverAll versions of http-file-server are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize filenames, allowing attackers to execute arbitrary JavaScript in the victim’s... | Medium | CWE-79 |
Strapi mishandles hidden attributes within admin API responsesStrapi before 3.6.10 and 4.x before 4.1.10 mishandles hidden attributes within admin API responses. | High | CWE-89 |
Twitter-Post-Fetcher vulnerable to Use of Web Link to Untrusted Target with window.opener AccessA vulnerability classified as problematic has been found in Twitter-Post-Fetcher up to 17.x. This affects an unknown part of the file js/twitterFetcher.js of the component... | Medium | CWE-1022 |
liquidjs may leak properties of a prototypeThe package liquidjs before 10.0.0 is vulnerable to Information Exposure when ownPropertyOnly parameter is set to False, which results in leaking properties of a prototype.... | Medium | CWE-200 |
Expo on iOS is insecure due incorrect security attribute applicationsecure-store in Expo through 9.1.0 on iOS provides the insecure kSecAttrAccessibleAlwaysThisDeviceOnly policy when WHEN_UNLOCKED_THIS_DEVICE_ONLY is used. | Medium | |
Cross-site Scripting in Bootstrap-3-TypeaheadBootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute... | Medium | CWE-79 |
markdown-it vulnerable to Inefficient Regular Expression ComplexityA vulnerability was found in markdown-it up to 2.x. It has been classified as problematic. Affected is an unknown function of the file lib/common/html_re.js. The... | High | CWE-1333 |
string-kit Inefficient Regular Expression Complexity vulnerabilityA vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation... | High | CWE-1333 |
Json2html vulnerable to cross-site scriptingJson2html is a client side javascript HTML templating library with wrappers for both jQuery and Node.js. A vulnerability was found in moappi Json2html up to... | Medium | CWE-79 |
Regular Expression Denial of Service in moment (GHSA-87vv-r9j6-g5qv)Versions of moment prior to 2.11.2 are affected by a regular expression denial of service vulnerability. The vulnerability is triggered when arbitrary user input is... | Medium | CWE-400 |
ReDoS in Sec-Websocket-Protocol headerA specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server. | Medium | CWE-400 |
Prototype Pollution in js-data (GHSA-c6h4-gc3f-hgjq)All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn and the set functions. This is an incomplete fix of CVE-2020-28442. | High | CWE-1321 |
uppy's companion module is vulnerable to Server-Side Request Forgery (SSRF)uppy’s companion module is vulnerable to Server-Side Request Forgery (SSRF) via IPv4-mapped IPv6 addresses. | High | CWE-918 |
Incorrect sanitisation function leads to `XSS` in mermaidMalicious diagrams can contain javascript code that can be run at diagram readers machines. | High | CWE-79 |
`undici.request` vulnerable to SSRF using absolute URL on `pathname`undici is vulnerable to SSRF (Server-side Request Forgery) when an application takes in user input into the path/pathname option of undici.request. | Medium | CWE-918 |
Nodejs ‘undici’ vulnerable to CRLF Injection via Content-Type=< [email protected] users are vulnerable to CRLF Injection on headers when using unsanitized input as request headers, more specifically, inside the content-type header. | Medium | CWE-93 |
Apostrophe CMS Insufficient Session Expiration vulnerabilityApostrophe CMS versions between 2.63.0 to 3.3.1 affected by an insufficient session expiration vulnerability, which allows unauthenticated remote attackers to hijack recently logged-in users’ sessions.... | High | CWE-613 |
Server side request forgery in @isomorphic-git/cors-proxyThe package @isomorphic-git/cors-proxy before 2.7.1 is vulnerable to Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js. | High | CWE-918 |
Cross site scripting in three.jsVersions of three.js prior to 0.137.0 load untrusted iframes and allow for attackers to inject arbitrary javascript into a users browser. | High | CWE-79 |
Exposure of Sensitive Information in simple-getIn versions of simple-get prior to 4.0.1, 3.1.1, and 2.8.2, when fetching a remote url with a cookie location response, headers will be followed, potentially... | High | CWE-200 |
Cross-site Scripting in karmakarma prior to version 6.3.14 contains a cross-site scripting vulnerability. | Medium | CWE-79 |
Server-Side Request Forgery in @peertube/embed-api@peertube/embed-api version 4.0.0 and prior is vulnerable to server-side request forgery. | Medium | CWE-918 |
Open redirect in karmaKarma before 6.3.16 is vulnerable to Open Redirect due to missing validation of the return_url query parameter. | Medium | CWE-601 |
Authorization Bypass Through User-Controlled Key in urijsAttacker can use case-insensitive protocol schemes like HTTP, htTP, HTtp etc. in order to bypass the patch for CVE-2021-3647. | Medium | CWE-639 |
Prototype Pollution in litespeed.js and appwrite/server-ceThis affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl... | High | CWE-1321 |
Leading white space bypasses protocol validationWhitespace characters are not removed from the beginning of the protocol, so URLs are not parsed properly and protocol validation mechanisms may fail. | Medium | CWE-20 |
Cross-site Scripting in PrismPrism’s Command line plugin can be used by attackers to achieve an XSS attack. The Command line plugin did not properly escape its output, leading... | High | CWE-79 |
Cross site scripting in reveal.jsThe onmessage event listener in /plugin/notes/speaker-view.html does not check the origin of postMessage before adding the content to the webpage. | Medium | CWE-79 |
OS Command Injection in GenieACSIn GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument (lib/ui/api.ts and lib/ping.ts). The... | High | CWE-78 |
Open Redirect in urijsurijs prior to version 1.19.10 is vulnerable to open redirect. This is the result of a bypass for the fix to CVE-2022-0613. | Medium | CWE-601 |
Path Traversal in http-file-serverAll versions of http-file-server are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the served... | Medium | CWE-22 |
Parse Server option `masterKeyIps` vulnerability to IP spoofingParse Server uses the request header x-forwarded-for to determine the client IP address. If Parse Server doesn’t run behind a proxy server, then a client... | High | CWE-290 |
@okta/oidc-middlewareOpen Redirect vulnerabilityAn open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an attacker to redirect a user to an arbitrary URL. | Medium | CWE-601 |
Eta vulnerable to Code Injection via templates rendered with user-defined dataVersions of the package eta before 2.0.0 are vulnerable to Remote Code Execution (RCE) by overwriting template engine configuration variables with view options received from... | High | CWE-94 |
Joplin Desktop App vulnerable to Cross-site ScriptingCross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows attacker to execute arbitrary code via improper santization. | Medium | CWE-79 |
XSS Attack with Express APIXSS attack - anyone using the Express API is impacted | High | CWE-79 |
Cross site scripting in froala-editorA cross site scripting (XSS) vulnerability in the Insert Video function of Froala WYSIWYG Editor allows attackers to execute arbitrary web scripts or HTML. | Medium | CWE-79 |
jSuites subect to Cross-site ScriptingVersions of the package jsuites before 5.0.1 are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization in the Editor() function. | Medium | CWE-79 |
Regular Expression Denial of Service in HeadersThe Headers.set() and Headers.append() methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is... | High | CWE-1333 |
Improper calculations in ECC implementation can trigger a Denial-of-Service (DoS)When using the non-default “fallback” crypto back-end, ECC operations in node-jose can trigger a Denial-of-Service (DoS) condition, due to a possible infinite loop in an... | High | CWE-835 |
Vditor Cross-site Scripting vulnerabilityVditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim... | Medium | CWE-79 |
textAngular Cross-site Scripting vulnerabilitytextAngular is a text editor for Angular.js. Version 1.5.16 and prior are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the... | Medium | CWE-79 |
Cross-Site-Scripting attack on `<RichTextField>` (GHSA-5jcr-82fh-339v)All React applications built with react-admin and using the <RichTextField> are affected. | Medium | CWE-79 |
Cross-Site-Scripting attack on `<RichTextField>`All React applications built with react-admin and using the <RichTextField> are affected. | Medium | CWE-79 |
Authorization bypass in url-parseAuthorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6. | Medium | CWE-639 |
Path traversal in url-parseurl-parse before 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path. | Medium | CWE-23 |
Open redirect in url-parse (GHSA-hh27-ffr2-f2jc)Affected versions of npm url-parse are vulnerable to URL Redirection to Untrusted Site. | Medium | CWE-601 |
CRLF Injection in Nodejs ‘undici’ via hostundici library does not protect host HTTP header from CRLF injection vulnerabilities. | Medium | CWE-93 |
Path Traversal in crud-file-serverVersions of crud-file-server prior to 0.9.0 are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of... | High | CWE-22 |
Path Traversal in angular-http-serverAffected versions of angular-http-server are vulnerable to path traversal allowing a remote attacker to read files from the server that uses angular-http-server. | Medium | CWE-22 |
Cross-site Scripting in jspreadsheetThe dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting (XSS). | Medium | CWE-79 |
generator-hottowel Cross-site Scripting vulnerabilityA vulnerability, which was classified as problematic, was found in generator-hottowel 0.0.11. Affected is an unknown function of the file app/templates/src/server/_app.js of the component 404... | Medium | CWE-79 |
Vega vulnerable to arbitrary code execution when clicking href linksVega is vulnerable to arbitrary code execution when clicking href links. Versions 5.4.1 and 4.5.1 contain a patch. | Medium | |
rangy vulnerable to Prototype PollutionAll versions of the package rangy are vulnerable to Prototype Pollution when using the extend() function in file rangy-core.js.The function uses recursive merge which can... | High | CWE-1321 |
Vega Expression Language `scale` expression function Cross Site Scripting (GHSA-4vq7-882g-wcg4)The Vega scale expression function has the ability to call arbitrary functions with a single controlled argument. This can be exploited to escape the Vega... | Medium | CWE-79 |
Vega Expression Language `scale` expression function Cross Site ScriptingThe Vega scale expression function has the ability to call arbitrary functions with a single controlled argument. This can be exploited to escape the Vega... | Medium | CWE-79 |
Vega has Cross-site Scripting vulnerability in `lassoAppend` function (GHSA-w5m3-xh75-mp55)Vega’s lassoAppend function: lassoAppend accepts 3 arguments and internally invokes push function on the 1st argument specifying array consisting of 2nd and 3rd arguments as... | Medium | CWE-79 |
Vega has Cross-site Scripting vulnerability in `lassoAppend` functionVega’s lassoAppend function: lassoAppend accepts 3 arguments and internally invokes push function on the 1st argument specifying array consisting of 2nd and 3rd arguments as... | Medium | CWE-79 |
rsshub vulnerable to Cross-site Scripting via unvalidated URL parametersWhen the URL parameters contain certain special characters, it returns an error page that does not properly handle XSS vulnerabilities, allowing for the execution of... | Medium | CWE-79 |
Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-esm-runtimeAES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed JWEDecryptionFailed would be thrown. | Medium | CWE-696 |
Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtimeAES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed JWEDecryptionFailed would be thrown. | Medium | CWE-696 |
Denial of Service in wsAffected versions of ws can crash when a specially crafted Sec-WebSocket-Extensions header containing Object.prototype property names as extension or parameter names is sent. | High | CWE-400 |
angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backendangular-server-side-configuration detects used environment variables in TypeScript (.ts) files during build time of an Angular CLI project. The detected environment variables are written to a... | High | CWE-538 |
Padding Oracle Attack due to Observable Timing Discrepancy in jose-browser-runtimeAES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed JWEDecryptionFailed would be thrown. | Medium | CWE-203 |
matrix-js-sdk Prototype Pollution vulnerabilityEvents sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer’s ability to process... | High | CWE-1321 |
Status Board vulnerable to Cross-Site Scripting before v1.1.82Versions of status-board prior to 1.1.82 are vulnerable to Cross-Site Scripting. The renderDashboard() function concatenates the safeDashboard variable to the printed error message with insufficient... | Medium | CWE-79 |
Cross-Site Scripting in swagger-ui (GHSA-g336-c7wv-8hp3)Affected versions of swagger-ui are vulnerable to cross-site scripting via the url query string parameter. | High | CWE-79 |
Cross-Site Scripting in @toast-ui/editorVersions of @toast-ui/editor prior to 2.2.0 are vulnerable to Cross-Site Scripting (XSS). There are multiple bypasses to the package’s built-in XSS sanitization. This may allow... | High | CWE-79 |
Cross-Site Scripting in webtorrentVersions of webtorrent prior to 0.107.6 are vulnerable to Cross-Site Scripting. webtorrent servers started with torrent.createServer() lists a torrent’s title and files in the index... | Medium | CWE-79 |
Cross-Site Scripting in c3Affected versions of c3 are vulnerable to cross-site scripting via improper sanitization of HTML in rendered tooltips. | Medium | CWE-79 |
Reverse Tabnabbing in showdownVersions of showdown prior to 1.9.1 are vulnerable to Reverse Tabnabbing. The package uses target='_blank' in anchor tags, allowing attackers to access window.opener for the... | Low | CWE-1022 |
SvelteKit vulnerable to Cross-Site Request ForgeryThe SvelteKit framework offers developers an option to create simple REST APIs. This is done by defining a +server.js file, containing endpoint handlers for different... | High | CWE-352 |
Pandao Editor.md vulnerable to cross-site scripting (XSS) in editor parameterCross-site Scripting vulnerability found in Pandao Editor.md v.1.5.0 allows a remote attacker to execute arbitrary code via a crafted script to the editor parameter. | Medium | CWE-79 |
Pandao Editor.md vulnerable to cross-site scripting (XSS) in iframe src parameterCross-site Scripting vulnerability found in Pandao Editor.md v.1.5.0 allows a remote attacker to execute arbitrary code via a crafted script in the <iframe> src parameter.... | Medium | CWE-79 |
Regular Expression Denial of Service in uglify-jsVersions of uglify-js prior to 2.6.0 are affected by a regular expression denial of service vulnerability when malicious inputs are passed into the parse() method.... | High | CWE-1333 |
Regular Expression Denial of Service in highcharts (GHSA-xmc8-cjfr-phx3)Versions of highcharts prior to 6.1.0 are vulnerable to Regular Expression Denial of Service (ReDoS). Untrusted input may cause catastrophic backtracking while matching regular expressions.... | High | CWE-1333 |
Denial-of-Service Memory Exhaustion in qsVersions prior to 1.0 of qs are affected by a denial of service condition. This condition is triggered by parsing a crafted string that deserializes... | High | CWE-400 |
ReDoS via long string of semicolons in tough-cookieAffected versions of tough-cookie may be vulnerable to regular expression denial of service when long strings of semicolons exist in the Set-Cookie header. | Medium | CWE-1333 |
Denial of Service in protobufjs (GHSA-762f-c2wg-m8c8)Versions of protobufjs before 5.0.3 and 6.8.6 are vulnerable to a regular expression denial of service when parsing crafted invalid *.proto files. | Medium | CWE-1333 |
Regular Expression Denial of Service in clean-cssVersion of clean-css prior to 4.1.11 are vulnerable to Regular Expression Denial of Service (ReDoS). Untrusted input may cause catastrophic backtracking while matching regular expressions.... | Low | CWE-1333 |
Regular Expression Denial of Service in marked (GHSA-ch52-vgq2-943f)Affected versions of marked are vulnerable to Regular Expression Denial of Service (ReDoS). The _label subrule may significantly degrade parsing performance of malformed input. | Low | CWE-1333 |
Terser insecure use of regular expressions leads to ReDoSThe package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular... | High | CWE-1333 |
Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-jsVersions of uglify-js prior to 2.4.24 are affected by a vulnerability which may cause crafted JavaScript to have altered functionality after minification. | High | CWE-670 |
Cross-Site Scripting in webpack-bundle-analyzerVersions of webpack-bundle-analyzer prior to 3.3.2 are vulnerable to Cross-Site Scripting. The package uses JSON.stringify() without properly escaping input which may lead to Cross-Site Scripting.... | Medium | CWE-79 |
Regular Expression Denial of Service in momentAffected versions of moment are vulnerable to a low severity regular expression denial of service when parsing dates as strings. | High | CWE-400 |
Denial of Service in axiosVersions of axios prior to 0.18.1 are vulnerable to Denial of Service. If a request exceeds the maxContentLength property, the package prints an error but... | High | CWE-755 |
SvelteKit framework has Insufficient CSRF protection for CORS requestsThe SvelteKit framework offers developers an option to create simple REST APIs. This is done by defining a +server.js file, containing endpoint handlers for different... | High | CWE-918 |
Insecure Cryptography Algorithm in simple-crypto-jsVersions of simple-crypto-js prior to 2.3.0 use AES-CBC with PKCS#7 padding, which is vulnerable to padding oracle attacks. This may allow attackers to break the... | Medium | CWE-327 |
Authentication Bypass in @strapi/plugin-users-permissionsStrapi through 4.5.6 does not verify the access or ID tokens issued during the OAuth flow when the AWS Cognito login provider is used for... | High | |
Improper Input Validation in sanitize-htmlApostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by... | Medium | CWE-20 |
matrix-js-sdk vulnerable to invisible eavesdropping in group callsAn attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk,... | Medium | CWE-862 |
Prototype pollution in matrix-js-sdk (part 2)In certain configurations, data sent by remote servers containing special strings in key locations could cause modifications of the Object.prototype, disrupting matrix-js-sdk functionality, causing denial... | High | CWE-1321 |
Cross-Site Scripting in connectconnect node module before 2.14.0 suffers from a Cross-Site Scripting (XSS) vulnerability due to a lack of validation of file in directory.js middleware. | Medium | CWE-79 |
Server side request forgery in SwaggerUI (GHSA-qrmm-w75w-3wpx) 2SwaggerUI supports displaying remote OpenAPI definitions through the ?url parameter. This enables robust demonstration capabilities on sites like petstore.swagger.io, editor.swagger.io, and similar sites, where users... | Medium | CWE-918 |
Server side request forgery in SwaggerUI (GHSA-qrmm-w75w-3wpx)SwaggerUI supports displaying remote OpenAPI definitions through the ?url parameter. This enables robust demonstration capabilities on sites like petstore.swagger.io, editor.swagger.io, and similar sites, where users... | Medium | CWE-918 |
Server side request forgery in SwaggerUISwaggerUI supports displaying remote OpenAPI definitions through the ?url parameter. This enables robust demonstration capabilities on sites like petstore.swagger.io, editor.swagger.io, and similar sites, where users... | Medium | CWE-918 |
Deserialization of Untrusted Data in bson (GHSA-4jwp-vfvf-657p)Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure. | Medium | CWE-502 |
ReDoS Vulnerability in ua-parser-js versionA regular expression denial of service (ReDoS) vulnerability has been discovered in ua-parser-js. | High | CWE-400 |
Incorrect Authorization in @uppy/companion@uppy/companion prior to version 3.3.1 is vulnerable to incorrect authorization. A user with URL upload access could enumerate internal companion server networks, send local webservers... | High | CWE-918 |
Leaking of user information on Cross-Domain communication in sysendUsers that use Cross-Origin communication and send sensitive information make it possible for this data to be intercepted.This is not a big impact because it... | Medium | CWE-346 |
is_js vulnerable to Regular Expression Denial of Serviceis.js is a general-purpose check library. Versions 0.9.0 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service... | High | CWE-400 |
Cross-Site Scripting in jquery (GHSA-2pqj-h3vj-pqgw)Affected versions of jquery are vulnerable to cross-site scripting. This occurs because the main jquery function uses a regular expression to differentiate between HTML and... | Medium | CWE-79 |
node-fetch Inefficient Regular Expression Complexitynode-fetch is a light-weight module that brings window.fetch to node.js. | Medium | CWE-400 |
jquery-plugin-query-object contains prototype pollution vulnerabilityImproperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’) in jquery-plugin-query-object 2.2.3 allows a malicious user to inject properties into Object.prototype. | High | CWE-1321 |
Validation bypass in frourioNo description available. | High | CWE-20 |
Validation bypass in frourio-expressNo description available. | High | CWE-20 |
libp2p DoS vulnerability from lack of resource managementVersions older than v0.38.0 of js-libp2p are vulnerable to targeted resource exhaustion attacks. These attacks target libp2p’s connection, stream, peer, and memory management. An attacker... | High | CWE-770 |
Regular Expression Denial of Service (ReDoS) in jsx-slackjsx-slack v4.5.1 and earlier versions are vulnerable to a regular expression denial-of-service (ReDoS) attack. | Low | CWE-400 |
Exposure of Sensitive Information to an Unauthorized Actor in follow-redirectsExposure of Sensitive Information to an Unauthorized Actor in NPM follow-redirects prior to 1.14.8. | Medium | CWE-212 |
Possible inject arbitrary `CSS` into the generated graph affecting the container HTMLAn attacker is able to inject arbitrary CSS into the generated graph allowing them to change the styling of elements outside of the generated graph,... | Medium | CWE-79 |
JOSE vulnerable to resource exhaustion via specifically crafted JWE (GHSA-jv3g-j58f-9mq9) 2The PBKDF2-based JWE key management algorithms expect a JOSE Header Parameter named p2c (PBES2 Count), which determines how many PBKDF2 iterations must be executed in... | Medium | CWE-834 |
JOSE vulnerable to resource exhaustion via specifically crafted JWE (GHSA-jv3g-j58f-9mq9) 3The PBKDF2-based JWE key management algorithms expect a JOSE Header Parameter named p2c (PBES2 Count), which determines how many PBKDF2 iterations must be executed in... | Medium | CWE-834 |
JOSE vulnerable to resource exhaustion via specifically crafted JWE (GHSA-jv3g-j58f-9mq9)The PBKDF2-based JWE key management algorithms expect a JOSE Header Parameter named p2c (PBES2 Count), which determines how many PBKDF2 iterations must be executed in... | Medium | CWE-834 |
JOSE vulnerable to resource exhaustion via specifically crafted JWEThe PBKDF2-based JWE key management algorithms expect a JOSE Header Parameter named p2c (PBES2 Count), which determines how many PBKDF2 iterations must be executed in... | Medium | CWE-834 |
Uncontrolled Resource Consumption in markdown-itSpecial patterns with length > 50K chars can slow down parser significantly. | Medium | CWE-400 |
Protected fields exposed via LiveQueryParse Server LiveQuery does not remove protected fields in classes, passing them to the client. | High | CWE-212 |
Denial of Service (DoS) vulnerability in RSSHubPassing some special values to the filter and filterout parameters can cause an abnormally high CPU. Impact on the performance of the servers and RSSHub... | Medium | CWE-400 |
Malicious Package in leaflet-gpxVersion 1.0.1 of leaflet-gpx contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send... | High | |
Malicious Package in coffee-projectVersion 1.7.5 of coffee-project contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the... | High | |
Malicious Package in angular-location-updateVersion 0.0.3 of angular-location-update contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send... | High | |
Malicious Package in ngx-picaVersion 1.1.5 of ngx-pica contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send... | High | |
Embedded malware in ua-parser-jsThe npm package ua-parser-js had three versions published with malicious code. Users of affected versions (0.7.29, 0.8.0, 1.0.0) should upgrade as soon as possible and... | High | CWE-912 |
Budibase Improper Access Control vulnerabilityImproper Access Control in GitHub repository budibase/budibase prior to 1.3.20. | Medium | CWE-913 |
matrix-js-sdk can be tricked into disclosing E2EE room keys to a participating homeserverA logic error in the room key sharing functionality of matrix-js-sdk before 12.4.1 allows a malicious Matrix homeserver† participating in an encrypted room to steal... | Medium | CWE-327 |
@excalidraw/excalidraw Cross-site Scripting vulnerabilityXSS vulnerability due to improperly sanitizing URLs of links that can be attached on canvas elements. This affects users of the npm package @excalidraw/excalidraw provided... | Medium | CWE-79 |
Prototype Pollution in nedbThis affects all versions of package nedb. The library could be tricked into adding or modifying properties of Object.prototype using a proto or constructor.prototype payload.... | High | CWE-1321 |
Regular Expression Denial of Service in browserslistThe package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries. | Medium | CWE-400 |
steal vulnerable to Regular Expression Denial of Service via source and sourceWithCommentsA Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal via the source and sourceWithComments variable in main.js. | High | CWE-1333 |
steal Inefficient Regular Expression Complexity vulnerability via string variableA Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the string variable in babel.js. | High | CWE-1333 |
Node Connect Reflected Cross-Site Scripting in Sencha Labs Connect middlewarenode-connect before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370) | Medium | CWE-79 |
Unsanitized user controlled input in module generationThe import-in-the-middle loader used by @opentelemetry/instrumentation works by generating a wrapper module on the fly. The wrapper uses the module specifier to load the original... | High | |
Parse Server vulnerable to Prototype Pollution via Cloud Code Webhooks or Cloud Code TriggersKeywords that are specified in the Parse Server option requestKeywordDenylist can be injected via Cloud Code Webhooks or Triggers. This will result in the keyword... | High | CWE-1321 |
Parse Server is vulnerable to Prototype Pollution via Cloud Code WebhooksA compromised Parse Server Cloud Code Webhook target endpoint allows an attacker to use prototype pollution to bypass the Parse Server requestKeywordDenylist option. | High | CWE-1321 |
Remote code execution via MongoDB BSON parser through prototype pollutionAn attacker can use this prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser. | High | CWE-1321 |
DLL Injection in kerberosVersion of kerberos prior to 1.0.0 are vulnerable to DLL Injection. The package loads DLLs without specifying a full path. This may allow attackers to... | High | CWE-427 |
isolated-vm has vulnerable CachedDataOptions in APIIf the untrusted v8 cached data is passed to the API through CachedDataOptions, the attackers can bypass the sandbox and run arbitrary code in the... | High | CWE-693 |
Materialize-css vulnerable to Improper Neutralization of Input During Web Page Generation (GHSA-rg3q-jxmp-pvjj)In Materialize through 1.0.0, XSS is possible via the Toast feature. | Medium | CWE-79 |
Materialize-css vulnerable to Improper Neutralization of Input During Web Page GenerationIn Materialize through 1.0.0, XSS is possible via the Toast feature. | Medium | CWE-79 |
Materialize-css vulnerable to Cross-site Scripting in tooltip component (GHSA-98f7-p5rc-jx67)All versions of materialize-css are vulnerable to Cross-Site Scripting. The tooltip component does not sufficiently sanitize user input, allowing an attacker to execute arbitrary JavaScript... | Medium | CWE-79 |
Materialize-css vulnerable to Cross-site Scripting in tooltip componentAll versions of materialize-css are vulnerable to Cross-Site Scripting. The tooltip component does not sufficiently sanitize user input, allowing an attacker to execute arbitrary JavaScript... | Medium | CWE-79 |
Materialize-css vulnerable to Cross-site Scripting in autocomplete component (GHSA-7752-f4gf-94gc)All versions of materialize-css are vulnerable to Cross-Site Scripting. The autocomplete component does not sufficiently sanitize user input, allowing an attacker to execute arbitrary JavaScript... | Medium | CWE-79 |
Materialize-css vulnerable to Cross-site Scripting in autocomplete componentAll versions of materialize-css are vulnerable to Cross-Site Scripting. The autocomplete component does not sufficiently sanitize user input, allowing an attacker to execute arbitrary JavaScript... | Medium | CWE-79 |
Regular Expression Denial of Service in jquery-validationThe GitHub Security Lab team has identified potential security vulnerabilities in jquery.validation. | High | CWE-400 |
Cross-site scripting in lazysizeslazysizes through 5.2.0 allows execution of malicious JavaScript. The following attributes are not sanitized by the video-embed plugin: data-vimeo, data-vimeoparams, data-youtube and data-ytparams which can... | Medium | CWE-79 |
Prototype Pollution in js-dataAll versions of package js-data prior to 3.0.10 are vulnerable to Prototype Pollution via the deepFillIn function. | High | CWE-1321 |
Denial of service in prismjsThe package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components. | High | CWE-400 |
js-bson vulnerable to REDoSThe MongoDB bson JavaScript module (also known as js-bson) versions 0.5.0 to 1.0.x before 1.0.5 is vulnerable to a Regular Expression Denial of Service (ReDoS)... | High | CWE-400 |
Incorrect Authorization in serverless-offlineServerless Offline 8.0.0 returns a 403 HTTP status code for a route that has a trailing / character, which might cause a developer to implement... | High | CWE-863 |
Inefficient Regular Expression Complexity in handsontableThe package handsontable from 0 and before 10.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) in Handsontable.helper.isNumeric function. | High | CWE-1333 |
Directory traversal in rollup-plugin-serverThis affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function. | High | CWE-22 |
rendertron can remotely shut down Chrome instanceRendertron 1.0.0 includes an _ah/stop route to shutdown the Chrome instance responsible for serving render requests to all users. Visiting this route with a GET... | High | CWE-284 |
dalek-browser-chrome Downloads Resources over HTTPAffected versions of dalek-browser-chrome insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
rendertron LFI vulnerabilityRendertron 1.0.0 allows for alternative protocols such as ‘file://’ introducing a Local File Inclusion (LFI) bug where arbitrary files can be read by a remote... | High | CWE-22 |
rendertron XSS vulnerabilityError reporting within Rendertron 1.0.0 allows reflected Cross Site Scripting (XSS) from invalid URLs. | Medium | CWE-79 |
ReDoS via long UserAgent header in useragentAffected versions of useragent are vulnerable to regular expression denial of service when an arbitrarily long User-Agent header is parsed. | High | CWE-400 |
chrome-launcher subject to OS Command Injectionchrome-launcher prior to 0.13.2 is subject to OS Command Injection via the $HOME environment variable in Linux operating systems. This issue is patched in version... | High | CWE-78 |
Invalid Curve Attack in node-joseAffected versions of node-jose are vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key... | Medium | CWE-200 |
Elliptic Uses a Broken or Risky Cryptographic AlgorithmThe npm package elliptic before version 6.5.4 are vulnerable to Cryptographic Issues via the secp256k1 implementation in elliptic/ec/key.js. There is no check to confirm that... | Medium | CWE-327 |
systeminformation command injection vulnerabilitycommand injection vulnerability | High | CWE-78 |
Rendertron discloses absolute paths of filesInstalled packages are exposed by node_modules in Rendertron 1.0.0, allowing remote attackers to read absolute paths on the server by examining the “_where” attribute of... | High | CWE-200 |
Prototype Pollution in just-extendVersions of just-extend before 4.0.0 are vulnerable to prototype pollution. Provided certain input just-extend can add or modify properties of the Object prototype. These properties... | High | CWE-400 |
Command injection in github-todosnaholyr github-todos 3.1.0 is vulnerable to command injection. The range argument for the _hook subcommand is concatenated without any validation, and is directly used by... | High | CWE-78 |
steal vulnerable to Regular Expression Denial of Service via input variableA Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal via the input variable in main.js. | High | CWE-1333 |
dalek-browser-ie downloads Resources over HTTPAffected versions of dalek-browser-ie insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
URIjs Vulnerable to Hostname spoofing via backslashes in URLIf using affected versions to determine a URL’s hostname, the hostname can be spoofed by using a combination of backslash (\) and slash (/) characters... | Medium | CWE-601 |
Template Injection in jsrenderAffected versions of jsrender are susceptible to a remote code execution vulnerability when used with server delivered client-side tempates which dynamically embed user input. | Medium | CWE-94 |
Unauthorized File Access in harp (GHSA-6fmm-47qc-p4m4)All versions of harp are vulnerable to Unauthorized File Access. If a symlink in the project’s base directory points to a file outside of the... | Medium | CWE-22 |
Unauthorized File Access in harpAffected versions of harp are vulnerable to Unauthorized File Access. The package states that it ignores files and directories with names that start with an... | Medium | CWE-548 |
Regular Expression Denial of Service in marked (GHSA-x5pg-88wf-qq4p)Affected versions of marked are vulnerable to a regular expression denial of service. | High | CWE-400 |
Sanitization bypass using HTML Entities in markedAffected versions of marked are susceptible to a cross-site scripting vulnerability in link components when sanitize:true is configured. | Medium | CWE-79 |
Path Traversal in general-file-serverAll versions of general-file-server are vulnerable to path traversal. | High | CWE-22 |
Arbitrary File Read in phantom-html-to-pdfThis affects the package phantom-html-to-pdf before 0.6.1. | High | CWE-22 |
Path Traversal in node-red-contrib-huemagicnode-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file. | High | CWE-22 |
openssl.js is malwareThe openssl.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. | High | CWE-506 |
Marked vulnerable to XSS from data URIsmarked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser. | Medium | CWE-79 |
Cross-site scripting in jspdf (GHSA-vh59-v9r5-4mh4)Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It’s possible to inject JavaScript code via the html method. | Medium | CWE-79 |
Cross-site scripting in jspdfIt’s possible to use nested script tags in order to bypass the filtering regex. | Medium | CWE-79 |
Regular Expression Denial of Service in postcssThe package postcss versions before 7.0.36 or between 8.0.0 and 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in... | Medium | CWE-400 |
Pandao editor.md vulnerable to DOM XSSpandao Editor.md 1.5.0 has DOM XSS via input starting with a << substring, which is mishandled during construction of an A element. | Medium | CWE-79 |
Pandao editor.md vulnerable to XSS in IMG attributesPandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element. | Medium | CWE-79 |
jspdf vulnerable to Regular Expression Denial of Service (ReDoS)This affects the package jspdf before 2.3.1. ReDoS is possible via the addImage function. | High | CWE-400 |
ejs is vulnerable to remote code execution due to weak input validationnodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function | High | CWE-20 |
ejs vulnerable to DoS due to weak input validationnodejs ejs version older than 2.5.5 is vulnerable to a denial-of-service due to weak input validation in ejs.renderFile() | High | CWE-20 |
Prototype Pollution in seyAll versions of package sey are vulnerable to Prototype Pollution via the deepmerge() function. | Medium | CWE-1321 |
node-browser downloads Resources over HTTPAffected versions of node-browser insecurely downloads resources over HTTP. | High | CWE-311 |
mde ejs vulnerable to XSSnodejs ejs version older than 2.5.5 is vulnerable to a Cross-site-scripting in the ejs.renderFile() resulting in code injection | Medium | CWE-79 |
Uncontrolled resource consumption in jpeg-jsUncontrolled resource consumption in jpeg-js before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image. | Medium | CWE-400 |
Cross-Site Scripting in sanitize-html (GHSA-xc6g-ggrc-qq4r)Affected versions of sanitize-html are vulnerable to cross-site scripting when allowedTags includes at least one nonTextTag. | Medium | CWE-79 |
Cross-Site Scripting in sanitize-htmlAffected versions of sanitize-html are vulnerable to cross-site scripting. | Medium | CWE-79 |
karma-mojo enables OS Command Injectionkarma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument. | High | CWE-78 |
superagent vulnerable to zip bomb attacksAffected versions of superagent do not check the post-decompression size of ZIP compressed HTTP responses prior to decompressing. This results in the package being vulnerable... | Medium | CWE-409 |
Cross-Site Scripting in i18next (GHSA-cmh5-qc8w-xvcq)Affected versions of i18next may fail to sanitize user input when certain configuration options are used. When using the .init method, passing interpolation options without... | Medium | CWE-79 |
Cross-Site Scripting in i18nextAffected versions of i18next allow untrusted user input to be injected into dictionary key names, resulting in a cross-site scripting vulnerability. | Medium | CWE-79 |
Macro in MathJax running untrusted Javascript within a web browserMathJax version prior to version 2.7.4 contains a Cross Site Scripting (XSS) vulnerability in the \unicode{} macro that can result in Potentially untrusted Javascript running... | Medium | CWE-79 |
Passport vulnerable to session regeneration when a users logs in or outThis affects the package passport before 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed. | Medium | CWE-384 |
Cross-site Scripting in vmdvmd through 1.34.0 allows div class="markdown-body" XSS, as demonstrated by Electron remote code execution via require('child_process').execSync('calc.exe') on Windows and a similar attack on macOS. | Medium | CWE-79 |
Insecure template handling in SquirrellySquirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options... | High | CWE-200 |
Denial of service in threeThis affects the package three before 0.125.0. This can happen when handling rgb or hsl colors. | High | CWE-400 |
auth0-lock vulnerable to XSS via unsanitized placeholder propertyAuth0 Lock version 11.20.4 and earlier did not properly sanitize the generated HTML code. Customers using the additionalSignUpFields customization option to add a checkbox to... | Medium | CWE-79 |
pym.js CSRF VulnerabilityNPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a Cross Site Request Forgery (CSRF) vulnerability in Pym.js _onNavigateToMessage function. | High | CWE-352 |
d3.js is malwareThe d3.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. | High | CWE-506 |
method-override ReDoS when untrusted user input passed into X-HTTP-Method-Override headerAffected versions of method-override are vulnerable to a regular expression denial of service vulnerability when untrusted user input is passed into the X-HTTP-Method-Override header. | High | CWE-400 |
dalek-browser-ie-canary downloads Resources over HTTPAffected versions of dalek-browser-ie-canary insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
Unintended Require in larvitbase-apiVersions of larvitbase-api prior to 0.5.4 are vulnerable to an Unintended Require. The package exposes an API endpoint and passes a GET parameter unsanitized to... | High | CWE-829 |
RSA signature validation vulnerability on maleable encoded message in jsrsasignVulnerable jsrsasign will accept RSA signature with improper PKCS#1.5 padding.Decoded RSA signature value consists following form:01(ff...(8 or more ffs)...ff)00[ASN.1 OF DigestInfo]Its byte length must be... | High | CWE-347 |
Sensitive data exposure in NATS (GHSA-82rf-q3pr-4f6p)Preview versions of two NPM packages and one Deno package from the NATS project contain an information disclosure flaw, leaking options to the NATS server;... | High | CWE-522 |
Sensitive data exposure in NATSPreview versions of two NPM packages and one Deno package from the NATS project contain an information disclosure flaw, leaking options to the NATS server;... | High | CWE-522 |
Open Redirect in url-parseVersions of url-parse before 1.4.3 returns the wrong hostname which could lead to Open Redirect, Server Side Request Forgery (SSRF), or Bypass Authentication Protocol vulnerabilities.... | High | CWE-425 |
bracket-template vulnerable to reflected XSSbracket-template suffers from reflected XSS possible when variable passed via GET parameter is used in template | Medium | CWE-79 |
Regular Expression Denial of Service in jadedownThe jadedown package is affected by a regular expression denial of service vulnerability when certain types of user input are passed in. | Low | CWE-400 |
Path Traversal in http-server-nodeAll versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is. | High | CWE-22 |
Open Redirect in node-forgeparseUrl functionality in node-forge mishandles certain uses of backslash such as https:/\/\/\ and interprets the URI as a relative path. | Medium | CWE-601 |
url-parse Incorrectly parses URLs that include an '@A specially crafted URL with an ‘@’ sign but empty user info and no hostname, when parsed with url-parse, url-parse will return the incorrect href.... | Medium | CWE-639 |
url-parse incorrectly parses hostname / protocol due to unstripped leading control characters.Leading control characters in a URL are not stripped when passed into url-parse. This can cause input URLs to be mistakenly be interpreted as a... | Medium | CWE-639 |
Raneto vulnerable to Cross-site ScriptingRenato v0.17.0 was discovered to contain a cross-site scripting (XSS) vulnerability. This issue is fixed in version 0.17.1. | Medium | CWE-79 |
Code Injection in jsenThis affects all versions of package jsen. If an attacker can control the schema file, it could run arbitrary JavaScript code on the victim machine.... | High | CWE-94 |
Regular Expression Denial of Service in djvalidatorAll versions of package djvalidator are vulnerable to Regular Expression Denial of Service (ReDoS) by sending crafted invalid emails - for example, --@------------------------------------------------------------------------------------------------------------------------!. | High | CWE-400 |
Directory Traversal in rtcmulticonnection-clientAffected versions of rtcmulticonnection-client resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside... | High | CWE-22 |
Directory Traversal in node-simple-routerAffected versions of node-simple-router resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside... | High | CWE-22 |
XSS in hello.jsThis affects the package hello.js before 1.18.6. The code get the param oauth_redirect from url and pass it to location.assign without any check and sanitisation.... | High | CWE-79 |
Credential leak in react-native-fast-imageThis affects all versions before version 8.3.0 of package react-native-fast-image. When an image with source= is loaded, all other subsequent images will use the same... | Medium | CWE-200 |
Remote Code Execution in scratch-vmMIT Lifelong Kindergarten Scratch scratch-vm before 0.2.0-prerelease.20200714185213 loads extension URLs from untrusted project.json files with certain _ characters, resulting in remote code execution because the... | High | CWE-502 |
Code Injection in cryoAll versions of cryo are vulnerable to code injection due to an Insecure implementation of deserialization. | High | CWE-94 |
Arbitrary Code Execution in mathjsmath.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object. | High | CWE-88 |
appium-chromedriver downloads Resources over HTTPAffected versions of appium-chromedriver insecurely download resources over HTTP. | High | CWE-311 |
vditor Vulnerable to Cross-site Scripting in SVG eventsvditor does not filter user input in SVG events, leading to XSS | Medium | CWE-79 |
Cross-Site Scripting in html-pagesAll versions of html-pages are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize folder names, allowing attackers to execute arbitrary JavaScript in the... | Medium | CWE-79 |
Bypassing Sanitization using DOM clobbering in html-janitorAll versions of html-janitor are vulnerable to cross-site scripting (XSS). | Medium | CWE-642 |
Regular Expression Denial of Service in string packageAffected versions of string are vulnerable to regular expression denial of service when specifically crafted untrusted user input is passed into the underscore or unescapeHTML... | High | CWE-400 |
simplehttpserver allows directory traversal and file listingPath traversal in simplehttpserver <v0.2.1 allows listing any file on the server. | High | CWE-22 |
html-parse-stringify and html-parse-stringify2 vulnerable to Regular expression denial of service (ReDoS) (GHSA-545q-3fg6-48m7)This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used... | Medium | CWE-400 |
html-parse-stringify and html-parse-stringify2 vulnerable to Regular expression denial of service (ReDoS)This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used... | Medium | CWE-400 |
XSS in apexchartsThe package apexcharts before 3.24.0 are vulnerable to Cross-site Scripting (XSS) via lack of sanitization of graph legend fields. | Medium | CWE-79 |
Prototype pollution in gsapThere is a prototype pollution vulnerability in gsap which affects all versions before 3.6.0. | High | CWE-400 |
Cross-Site Scripting in html-janitorVersions of html-janitor prior to 2.0.2 (all current versions) are vulnerable to cross-site scripting (XSS). | Medium | CWE-79 |
Path Traversal in simplehttpserverAll versions of simplehttpserver are vulnerable to Path Traversal. | Medium | CWE-22 |
Directory Traversal in hostrAffected versions of hostr are vulnerable to directory traversal which allows attackers to read files outside the current directory by sending ../ in the url... | High | CWE-22 |
Directory Traversal in fbr-clientAffected versions of fbr-client resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside... | High | CWE-22 |
Cross-Site Scripting in exceljsVersions of exceljs before 1.6.0 are vulnerable to cross-site scripting. | Medium | CWE-79 |
Cross-Site Scripting in dompurifyVersions of dompurify prior to 2.0.3 are vulnerable to Cross-Site Scripting (XSS). The package has an XSS filter bypass due to Mutation XSS in both... | Medium | CWE-79 |
jdf-sass downloads Resources over HTTPAffected versions of jdf-sass insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
slimerjs-edge downloads Resources over HTTPAffected versions of slimerjs-edge insecurely download an executable over an unencrypted HTTP connection. | High | CWE-311 |
Server-Side Request Forgery in @uppy/companionThe @uppy/companion npm package before versions 1.13.2 and 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local... | High | CWE-918 |
Regular Expression Denial of Service in timespanAffected versions of timespan are vulnerable to a regular expression denial of service when parsing dates. | High | CWE-400 |
auth0-js Privilege Escalation VulnerabilityA cross-origin vulnerability has been discovered in the Auth0 auth0.js library affecting versions < 8.12. This vulnerability allows an attacker to acquire authenticated users’ tokens... | High | CWE-200 |
Directory Traversal in datachannel-clientAffected versions of datachannel-client resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside... | High | CWE-22 |
ibm_db downloads Resources over HTTPAffected versions of ibm_db insecurely download resources over HTTP. | High | CWE-311 |
parse-server crashes when receiving file download request with invalid byte rangeParse Server crashes when a file download request is received with an invalid byte range. | High | CWE-20 |
Remote Memory Disclosure in wsVersions of ws prior to 1.0.1 are affected by a remote memory disclosure vulnerability. | Low | CWE-201 |
Prototype Pollution in asciitable.jsThe package asciitable.js before 1.0.3 is vulnerable to Prototype Pollution via the main function. | High | CWE-400 |
Cross-site Scripting in epubjsmanagers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS. | Medium | CWE-79 |
Regular Expression Denial of Service (ReDoS) (GHSA-vx3p-948g-6vhq)npm ssri 5.2.2-6.0.1 and 7.0.0-8.0.0, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely... | High | CWE-400 |
Cross-Site Scripting (XSS) in jqueryAffected versions of jquery interpret text/javascript responses from cross-origin ajax requests, and automatically execute the contents in jQuery.globalEval, even when the ajax request doesn’t contain... | Medium | CWE-79 |
jQuery-UI vulnerable to Cross-site Scripting in dialog closeTextAffected versions of jquery-ui are vulnerable to a cross-site scripting vulnerability when arbitrary user input is supplied as the value of the closeText parameter in... | Medium | CWE-79 |
XSS in `*Text` options of the Datepicker widget in jquery-uiAccepting the value of various *Text options of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the... | Medium | CWE-79 |
jQuery vulnerable to Cross-Site Scripting (XSS)Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via... | Medium | CWE-79 |
bson-objectid contains Improper input validationAn issue was discovered in the BSON ObjectID (aka bson-objectid) package 1.3.0 for Node.js. ObjectID() allows an attacker to generate a malformed objectid by inserting... | High | CWE-670 |
XSS in the `altField` option of the Datepicker widget in jquery-uiAccepting the value of the altField option of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the... | Medium | CWE-79 |
Cross-Site Scripting in swagger-ui (GHSA-4f9m-pxwh-68hg)Versions of swagger-ui prior to 3.20.9 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize URLs used in the OAuth auth flow, which... | Medium | CWE-79 |
Cross-site scripting in TileServer GLAn issue was discovered in server.js in TileServer GL through 3.0.0. The content of the key GET parameter is reflected unsanitized in an HTTP response... | Medium | CWE-79 |
Cross-Site Scripting in diagram-jsVersions of diagram-js prior to 3.3.1 (for 3.x) and 2.6.2 (for 2.x) are vulnerable to Cross-Site Scripting. The package fails to escape output of user-controlled... | Medium | CWE-79 |
Zod denial of service vulnerability during email validationAPI servers running express-zod-api having: | High | CWE-1333 |
XSS in the `of` option of the `.position()` util in jquery-uiAccepting the value of the of option of the .position() util from untrusted sources may execute untrusted code. For example, invoking the following code: | Medium | CWE-79 |
Etherpad Lite Access Restriction Bypassnode/hooks/express/apicalls.js in Etherpad Lite before v1.6.3 mishandles JSONP, which allows remote attackers to bypass intended access restrictions. | High | CWE-20 |
Converse.js Exposure of Sensitive InformationConverse.js and Inverse.js through 3.3 allow remote attackers to obtain sensitive information because it is too difficult to determine whether safe publication of private data... | Medium | CWE-200 |
Simditor XSS VulnerabilitySimditor v2.3.11 allows XSS via crafted use of svg/onload=alert in a TEXTAREA element, as demonstrated by Firefox 54.0.1. | Medium | CWE-79 |
Command Injection in node-rulesVersions of node-rules prior to 5.0.0 are vulnerable to Command Injection. The package fails to sanitize input rules and passes it directly to an eval... | High | CWE-78 |
Exposure of Sensitive Information to an Unauthorized Actor in AEgiraegir publish and aegir build may leak secrets from environmental variables in the browser bundle published to npm. | High | CWE-200 |
Cross-Site Scripting in swagger-ui (GHSA-mrx7-8hxf-f853)Affected versions of swagger-ui are vulnerable to cross-site scripting. This vulnerability exists because swagger-ui automatically executes external Javascript that is loaded in via the url... | High | CWE-79 |
Cisco node-jose improper validation of JWT signatureA vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is... | High | CWE-347 |
Auth0 angular-jwt misinterprets allowlist as regexAuth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypass the domain allowlist... | Medium | CWE-20 |
Grunt-karma vulnerable to prototype pollutionPrototype pollution vulnerability in karma-runner grunt-karma 4.0.1 via the key variable in grunt-karma.js. | High | CWE-1321 |
MJML vulnerable to path traversalMJML prior to 4.6.3 contains a path traversal vulnerability when processing the mj-include directive within an MJML document. | High | CWE-22 |
Vercel ms Inefficient Regular Expression Complexity vulnerabilityA vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file... | Medium | CWE-1333 |
rgb2hex vulnerable to inefficient regular expression complexityA vulnerability was found in rgb2hex up to 0.1.5. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to... | High | CWE-1333 |
Baobab vulnerable to Prototype PollutionA vulnerability was found in Yomguithereal Baobab up to 2.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The... | High | CWE-1321 |
debug Inefficient Regular Expression Complexity vulnerabilityA vulnerability classified as problematic has been found in debug-js debug up to 3.0.x. This affects the function useColors of the file src/node.js. The manipulation... | High | CWE-1333 |
GraphQL: Security breach on Viewer queryAn authenticated user using the viewer GraphQL query can bypass all read security on his User object and can also bypass all objects linked via... | Medium | CWE-863 |
Cross-realm object access in Webpack 5Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted... | High | |
Improper Input Validation in vriteio/vriteImproper Input Validation in GitHub repository vriteio/vrite prior to 0.3.0. | Medium | CWE-20 |
Server-Side Request Forgery (SSRF) in vriteio/vriteServer-Side Request Forgery (SSRF) in GitHub repository vriteio/vrite prior to 0.3.0. | High | CWE-918 |
webmention.js Cross-site Scripting vulnerabilitywebmention.js prior to 0.5.5 is vulnerable to cross-site scripting. | High | CWE-79 |
Leaking sensitive user information still possible by filtering on private with prefix fields (GHSA-9xg4-3qfm-9w8f)Still able to leak private fields if using the t(number) prefix | High | CWE-200 |
Leaking sensitive user information still possible by filtering on private with prefix fieldsStill able to leak private fields if using the t(number) prefix | High | CWE-200 |
systeminformation SSID Command Injection VulnerabilitySSID Command Injection Vulnerability | High | CWE-77 |
Jodit Editor vulnerable to cross-site scriptingCross Site Scripting vulnerability in xdsoft.net Jodit Editor v.4.0.0-beta.86 allows a remote attacker to obtain sensitive information via the rich text editor component. | Medium | CWE-79 |
Path traversal vulnerability in gatsby-plugin-sharpThe gatsby-plugin-sharp plugin prior to versions 5.8.1 and 4.25.1 contains a path traversal vulnerability exposed when running the Gatsby develop server (gatsby develop). | Medium | CWE-22 |
Making all attributes on a content-type public without noticing it (GHSA-chmr-rg2f-9jmf) 2Anyone (Strapi developers, users, plugins) can make every attribute of a Content-Type public without knowing it. | Medium | CWE-200 |
Making all attributes on a content-type public without noticing it (GHSA-chmr-rg2f-9jmf)Anyone (Strapi developers, users, plugins) can make every attribute of a Content-Type public without knowing it. | Medium | CWE-200 |
Making all attributes on a content-type public without noticing itAnyone (Strapi developers, users, plugins) can make every attribute of a Content-Type public without knowing it. | Medium | CWE-200 |
layui vulnerable to cross-site scriptingA vulnerability, which was classified as problematic, was found in layui up to v2.8.0-rc.16. This affects an unknown part of the component HTML Attribute Handler.... | Medium | CWE-79 |
Trigger `beforeFind` not invoked in internal query pipeline when fetching pointerA Parse Pointer can be used to access internal Parse Server classes. It can also be used to circumvent the beforeFind query trigger which can... | High | CWE-670 |
Phishing attack vulnerability by uploading malicious HTML filePhishing attack vulnerability by uploading malicious files. A malicious user could upload a HTML file to Parse Server via its public API. That HTML file... | Medium | CWE-434 |
PostCSS line return parsing errorAn issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets (CSS). There may be \r discrepancies,... | Medium | CWE-74 |
Cleartext Signed Message Signature Spoofing in openpgpOpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools: | Medium | CWE-347 |
Chaijs/get-func-name vulnerable to ReDoSThe current regex implementation for parsing values in the module is susceptible to excessive backtracking, leading to potential DoS attacks. | High | CWE-400 |
Parse Server vulnerable to remote code execution via MongoDB BSON parser through prototype pollutionAn attacker can use this prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser. | High | CWE-1321 |
Snowflake NodeJS Driver vulnerable to Command InjectionSnowflake was informed via our bug bounty program of a command injection vulnerability in the Snowflake NodeJS driver via SSO browser URL authentication. | High | CWE-77 |
tarteaucitron.js vulnerable to Cross-site ScriptingCross-site Scripting (XSS) - Stored in GitHub repository amauric/tarteaucitron.js prior to v1.13.1. | Medium | CWE-79 |
Cross-Site Scripting in serialize-to-jsVersions of serialize-to-js prior to 3.0.1 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize serialized regular expressions. This vulnerability does not affect... | Low | CWE-79 |
Unauthorized Access to Private Fields in User Registration API (GHSA-gc7p-j5xm-xxh2)| Name | Value ||———-|————————|| OS | Windows 11 || Version | 4.11.1 (node v16.14.2) || Database | mysql | | High | CWE-287 |
Unauthorized Access to Private Fields in User Registration API| Name | Value ||———-|————————|| OS | Windows 11 || Version | 4.11.1 (node v16.14.2) || Database | mysql | | High | CWE-287 |
Feathers socket handler allows abusing implicit toString (GHSA-hhr9-rh25-hvf9)Feathers socket handler did not catch invalid string conversion errors like: | High | CWE-754 |
Feathers socket handler allows abusing implicit toStringFeathers socket handler did not catch invalid string conversion errors like: | High | CWE-754 |
FUXA SQL Injection vulnerability (GHSA-p46g-8c3q-89p2)FUXA <= 1.1.12 is vulnerable to SQL Injection via /api/signin. | High | CWE-89 |
FUXA SQL Injection vulnerabilityA SQL Injection attack in FUXA <= 1.1.12 allows exfiltration of confidential information from the database. | High | CWE-89 |
editor.md vulnerable to Cross-site ScriptingCross Site Scripting (XSS) vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text. | Medium | CWE-79 |
Strapi leaking sensitive user information by filtering on private fieldsStrapi through 4.7.1 allows unauthenticated attackers to discover sensitive user details for Strapi administrators and API users. | High | CWE-312 |
Strapi plugins vulnerable to Server-Side Template Injection and Remote Code Execution in the Users-Permissions Plugin (GHSA-2h87-4q2w-v4hf)Strapi through 4.5.5 allows authenticated Server-Side Template Injection (SSTI) that can be exploited to execute arbitrary code on the server. | High | CWE-74 |
Strapi plugins vulnerable to Server-Side Template Injection and Remote Code Execution in the Users-Permissions PluginStrapi through 4.5.5 allows authenticated Server-Side Template Injection (SSTI) that can be exploited to execute arbitrary code on the server. | High | CWE-74 |
appium-desktop OS Command Injection vulnerabilityappium-desktop v1.14.1 and prior is vulnerable to OS Command Injection. | High | CWE-78 |
Cloudera HUE Account EnumerationCloudera HUE 3.9.0 and earlier allows remote attackers to enumerate user accounts via a request to desktop/api/users/autocomplete. | Medium | CWE-200 |
external-svg-loader Cross-site Scripting vulnerabilityAccording to the docs, svg-loader will strip all JS code before injecting the SVG file for security reasons but the input sanitization logic is not... | High | CWE-79 |
Allocation of Resources Without Limits or Throttling in vriteio/vriteAllocation of Resources Without Limits or Throttling in GitHub repository vriteio/vrite prior to 0.3.0. | Medium | CWE-770 |
html inputs of type password recorded in plaintext when converted to text inputsHighlight may record passwords on customer deployments when a password html input is switched to type="text" via a javascript “Show Password” button. This differs from... | Medium | CWE-319 |
Svelecte item names vulnerable to execution of arbitrary JavaScriptSvelecte item names are rendered as raw HTML with no escaping. This allows the injection of arbitrary HTML into the Svelecte dropdown. This can be... | Medium | CWE-79 |
Strapi does not verify the access or ID tokens issued during the OAuth flowStrapi 3.2.1 until 4.6.0 does not verify the access or ID tokens issued during the OAuth flow when the AWS Cognito login provider is used... | Medium | |
crypto-es PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standardNo description available. | High | CWE-916 |
When setting EntityOptions.apiPrefilter to a function, the filter is not applied to API requests for a resource by IdIf you used the apiPrefilter option of the @Entity decorator, by setting it to a function that returns a filter that prevents unauthorized access to... | Medium | CWE-284 |
jquery-ui Tooltip widget vulnerable to XSSCross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject... | Medium | CWE-79 |
MrSwitch hello.js vulnerable to prototype pollutionA prototype pollution vulnerability in MrSwitch hello.js prior to version 1.18.8 allows remote attackers to execute arbitrary code via hello.utils.extend function. | High | CWE-1321 |
Uncaught Exception in yamlUncaught Exception in GitHub repository eemeli/yaml starting at version 2.0.0-5 and prior to 2.2.2. | High | CWE-248 |
@fastify/oauth2 vulnerable to Cross Site Request Forgery due to reused Oauth2 stateAll versions of @fastify/oauth2 used a statically generated state parameter at startup time and were used across all requests for all users.The purpose of the... | High | CWE-352 |
Joplin Cross-site Scripting vulnerability (GHSA-7grw-xfx6-qhx6)Joplin before 2.11.5 allows XSS via a USE element in an SVG document. | Medium | CWE-79 |
Joplin Cross-site Scripting vulnerabilityJoplin before 2.11.5 allows XSS via an AREA element of an image map. | Medium | CWE-79 |
Cross-Site Scripting in highchartsVersions of highcharts prior to 7.2.2 or 8.1.1 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize href values and does not restrict... | High | CWE-79 |
A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXAA remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request. | High | CWE-94 |
Strapi Improper Rate Limiting vulnerability (GHSA-24q2-59hm-rh9r)There is a rate limit on the login function of Strapi’s admin screen, but it is possible to circumvent it. | High | CWE-770 |
Strapi Improper Rate Limiting vulnerabilityThere is a rate limit on the login function of Strapi’s admin screen, but it is possible to circumvent it. | High | CWE-770 |
Strapi may leak sensitive user information, user reset password, tokens via content-manager views (GHSA-v8gg-4mq2-88q4) 2I can get access to user reset password tokens if I have the configure view permissions | Medium | CWE-200 |
Strapi may leak sensitive user information, user reset password, tokens via content-manager views (GHSA-v8gg-4mq2-88q4)I can get access to user reset password tokens if I have the configure view permissions | Medium | CWE-200 |
Strapi may leak sensitive user information, user reset password, tokens via content-manager viewsI can get access to user reset password tokens if I have the configure view permissions | Medium | CWE-200 |
angular-ui-notification Cross-site Scripting vulnerabilityangular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting (XSS) vulnerability. | Medium | CWE-79 |
Hidden fields can be leaked on readable collections in PayloadIf a user has access to documents that contain hidden fields or fields they do not have access to, the user could reverse-engineer those values... | High | CWE-200 |
Parse Server may crash when uploading file without extensionParse Server crashes when uploading a file without extension. | High | CWE-23 |
Use-After-Free in puppeteerVersions of puppeteer prior to 1.13.0 are vulnerable to the Use-After-Free vulnerability in Chromium (CVE-2019-5786). The Chromium FileReader API is vulnerable to Use-After-Free which may... | Medium | CWE-416 |
Prototype Pollution in NASA Open MCTIn NASA Open MCT (aka openmct) before commit 545a177 is subject to a prototype pollution which can occur via an import action. | High | CWE-1321 |
Gatsby develop server has Local File Inclusion vulnerabilityThe Gatsby framework prior to versions 4.25.7 and 5.9.1 contain a Local File Inclusion vulnerability in the __file-code-frame and __original-stack-frame paths, exposed when running the... | Medium | CWE-22 |
Margox Braft-Editor Cross-site Scripting VulnerabilityCross Site Scripting (XSS) vulnerability in margox braft-editor version 2.3.8, allows remote attackers to execute arbitrary code via the embed media feature. | Medium | CWE-79 |
Potential for cross-site scripting in PostHog-jsPotential for cross-site scripting in posthog-js. | Medium | CWE-79 |
matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged roomsIt was possible to craft an event such that it would leak part of a targeted message event from another bridged room. This required knowing... | Low | CWE-200 |
graphql Uncontrolled Resource Consumption vulnerabilityVersions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file... | Medium | CWE-400 |
DOMPurify Open Redirect vulnerabilityDOMPurify before 1.0.11 allows reverse tabnabbing in demos/hooks-target-blank-demo.html because links lack a ‘rel=”noopener noreferrer”’ attribute. | Medium | CWE-601 |
Sentry Next.js vulnerable to SSRF via Next.js SDK tunnel endpointAn unsanitized input of Next.js SDK tunnel endpoint allows sending HTTP requests to arbitrary URLs and reflecting the response back to the user. | Medium | CWE-918 |
chromedriver Command Injection vulnerabilityVersions of the package chromedriver before 119.0.1 are vulnerable to Command Injection when setting the chromedriver.path to an arbitrary system binary. This could lead to... | Medium | CWE-78 |
NASA Open MCT Cross Site Scripting vulnerabilityCross Site Scripting (XSS) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to run arbitrary code via the new component feature in... | Medium | CWE-79 |
NASA Open MCT Cross Site Request Forgery (CSRF) vulnerabilityCross Site Request Forgery (CSRF) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to view sensitive information via the flexibleLayout plugin. | Medium | CWE-352 |
google-translate-api-browser Server-Side Request Forgery (SSRF) VulnerabilityA Server-Side Request Forgery (SSRF) Vulnerability is present in applications utilizing the google-translate-api-browser package and exposing the translateOptions to the end user. An attacker can... | Low | CWE-918 |
Exposure of Sensitive Information in eventsourceWhen fetching an url with a link to an external site (Redirect), the users Cookies & Autorisation headers are leaked to the third party application.... | High | CWE-212 |
Collection.js vulnerable to Prototype PollutionVersions of the package collection.js before 6.8.1 are vulnerable to Prototype Pollution via the extend function in Collection.js/dist/node/iterators/extend.js. | High | CWE-1321 |
Regular expression denial of service in devcertAn exponential ReDoS (Regular Expression Denial of Service) can be triggered in the devcert npm package, when an attacker is able to supply arbitrary input... | High | CWE-1333 |
fast-xml-parser regex vulnerability patch could be improved from a safety perspectiveThis is a comment on https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-6w63-h3fj-q4vw and the patches fixing it. | Low | |
Validation Bypass in kind-ofVersions of kind-of 6.x prior to 6.0.3 are vulnerable to a Validation Bypass. A maliciously crafted object can alter the result of the type check,... | High | CWE-668 |
Inefficient Regular Expression Complexity in marked (GHSA-5v2h-r2cx-5xgj)Denial of service. | High | CWE-1333 |
Inefficient Regular Expression Complexity in markedDenial of service. | High | CWE-400 |
Moment.js vulnerable to Inefficient Regular Expression ComplexityNo description available. | High | CWE-400 |
Path Traversal: 'dir/../../filename' in moment.localeThis vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale. | High | CWE-27 |
node-fetch forwards secure headers to untrusted sitesnode-fetch forwards secure headers such as authorization, www-authenticate, cookie, & cookie2 when redirecting to a untrusted site. | High | CWE-601 |
Prototype pollution in Plist before 3.0.5 can cause denial of servicePrototype pollution vulnerability via .parse() in Plist allows attackers to cause a Denial of Service (DoS) and may lead to remote code execution. | High | CWE-1321 |
Prototype Pollution in protobufjsThe package protobufjs is vulnerable to Prototype Pollution, which can allow an attacker to add/modify properties of the Object.prototype. Versions after and including 6.10.0 until... | High | CWE-1321 |
Prototype Pollution in querystringifyA vulnerability was found in querystringify before 2.0.0. It’s possible to override built-in properties of the resulting query string object if a malicious string is... | High | CWE-1321 |
Code Execution Through IIFE in serialize-to-jsAffected versions of serialize-to-js may be vulnerable to arbitrary code execution through an Immediately Invoked Function Expression (IIFE). | High | CWE-502 |
Insecure serialization leading to RCE in serialize-javascriptserialize-javascript prior to 3.1.0 allows remote attackers to inject arbitrary code via the function “deleteFunctions” within “index.js”. | High | CWE-502 |
Improper Privilege Management in shelljsshelljs is vulnerable to Improper Privilege Management | High | CWE-269 |
Regular Expression Denial of Service in tough-cookieAffected versions of tough-cookie are susceptible to a regular expression denial of service. | High | CWE-400 |
underscore-keypath vulnerable to Prototype PollutionVersions of the package underscore-keypath from 0.0.11 are vulnerable to Prototype Pollution via the name argument of the setProperty() function. Exploiting this vulnerability is possible... | High | CWE-1321 |
Incorrect protocol extraction via \r, \n and \t characters\r, \n and \t characters in user-input URLs can potentially lead to incorrect protocol extraction when using npm package urijs prior to version 1.19.11. | High | CWE-20 |
Authorization Bypass Through User-Controlled Key in url-parseurl-parse prior to version 1.5.8 is vulnerable to Authorization Bypass Through User-Controlled Key. | High | CWE-639 |
Prototype Pollution in vConsolevConsole was discovered to contain a prototype pollution due to incorrect key and value resolution in setOptions in core.ts. | High | CWE-1321 |
Inefficient Regular Expression Complexity in validator.jsvalidator.js prior to 13.7.0 is vulnerable to Inefficient Regular Expression Complexity | Medium | CWE-1333 |
Improper Certificate Validation in xmlhttprequest-sslThe xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to... | High | CWE-295 |
xmlhttprequest and xmlhttprequest-ssl vulnerable to Arbitrary Code Injection (GHSA-h4j5-c7cj-74xg)This affects the package xmlhttprequest before 1.7.0; all versions of package xmlhttprequest-ssl. Provided requests are sent synchronously (async=False on xhr.open), malicious user input flowing into... | High | CWE-94 |
xmlhttprequest and xmlhttprequest-ssl vulnerable to Arbitrary Code InjectionThis affects the package xmlhttprequest before 1.7.0; all versions of package xmlhttprequest-ssl. Provided requests are sent synchronously (async=False on xhr.open), malicious user input flowing into... | High | CWE-94 |
Vite XSS vulnerability in `server.transformIndexHtml` via URL payloadWhen Vite’s HTML transformation is invoked manually via server.transformIndexHtml, the original request URL is passed in unmodified, and the html being transformed contains inline module... | Medium | CWE-79 |
Improper Key Verification in ipnsVersions 0.1.1 or 0.1.2 of ipns are vulnerable to improper key validation. This is due to the public key verification was not being performed properly,... | High | CWE-287 |
Denial of Service in ipfs-bitswapVersions of ipfs-bitswap prior to 0.24.1 are vulnerable to Denial of Service (DoS). The package put unwanted blocks in the blockstore, which could be used... | Medium | CWE-400 |
URIjs Hostname spoofing via backslashes in URLIf using affected versions to determine a URL’s hostname, the hostname can be spoofed by using a backslash (\) character as part of the scheme... | High | CWE-20 |
SSRF & Credentials Leaknuxt-api-party allows developers to proxy requests to an API without exposing credentials to the client. A previous vulnerability allowed an attacker to change the baseURL... | High | CWE-918 |
DOS by abusing `fetchOptions.retry`.nuxt-api-party allows developers to proxy requests to an API without exposing credentials to the client. ofetch is used to send the requests. | High | CWE-787 |
Buttercup allows attackers to obtain the hash of the master passwordButtercup allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/. | Medium | CWE-916 |
fast-xml-parser vulnerable to Prototype Pollution through tag or attribute nameAs a part of this vulnerability, user was able to se code using __proto__ as a tag or attribute name. | Medium | CWE-1321 |
Unauthenticated Denial of Service in the octokit/webhooks library (GHSA-pwfr-8pq7-x9qv) 2Versions v9.26.0, v10.9.x), v11.1.x, v12.0.x all contained the code that would throw the error. | High | CWE-755 |
Unauthenticated Denial of Service in the octokit/webhooks library (GHSA-pwfr-8pq7-x9qv)Versions v9.26.0, v10.9.x), v11.1.x, v12.0.x all contained the code that would throw the error. | High | CWE-755 |
Unauthenticated Denial of Service in the octokit/webhooks libraryVersions v9.26.0, v10.9.x), v11.1.x, v12.0.x all contained the code that would throw the error. | High | CWE-755 |
mockjs vulnerable to Prototype Pollution via the Util.extend functionAll versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the... | High | CWE-1321 |
Cube API denial of service attackIt is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. | Medium | CWE-20 |
Cross-site Scripting in cesiumA cross-site scripting (XSS) vulnerability in CesiumJS v1.111 allows attackers to execute arbitrary code in the context of the victim’s browser via sending a crafted... | Medium | CWE-79 |
Pedroetb TTS-API OS Command InjectionA vulnerability has been found in pedroetb tts-api up to 2.1.4 and classified as critical. This vulnerability affects the function onSpeechDone of the file app.js.... | High | CWE-78 |
Sentry's Astro SDK vulnerable to ReDoSA ReDoS (Regular expression Denial of Service) vulnerability has been identified in Sentry’s Astro SDK 7.78.0-7.86.0. Under certain conditions, this vulnerability allows an attacker to... | High | CWE-400 |
Layui cross-site scripting (XSS) vulnerabilitylayui up to v2.74 was discovered to contain a cross-site scripting (XSS) vulnerability via the data-content parameter. | Medium | CWE-79 |
@fastify/reply-from JSON Content-Type parsing confusionThe main repo of fastify use fast-content-type-parse to parse request Content-Type, which will trim after split. | Medium | CWE-444 |
plotly.js prototype pollution vulnerabilityIn Plotly plotly.js before 2.25.2, plot API calls have a risk of proto being polluted in expandObjectPaths or nestedProperty. | High | CWE-1321 |
CouchAuth host header injection vulnerability leaks the password reset tokenA host header injection vulnerability exists in the NPM package @perfood/couch-auth versions <= 0.20.0. By sending a specially crafted host header in the forgot password... | High | CWE-74 |
msgpackr's conversion of property names to strings can trigger infinite recursionWhen decoding user supplied MessagePack messages, users can trigger stuck threads by crafting messages that keep the decoder stuck in a loop. | High | CWE-674 |
botframework-connector vulnerable to Improper AuthenticationA maliciously crafted claim may be incorrectly authenticated by the bot. Impacts bots that are not configured to be used as a Skill. This vulnerability... | Medium | CWE-287 |
react-native-mmkv Insertion of Sensitive Information into Log File vulnerabilityBefore version v2.11.0, the react-native-mmkv logged the optional encryption key for the MMKV database into the Android system log. The key can be obtained by... | Medium | CWE-532 |
QooxDoo XSS in Callback ParameterCross-site scripting (XSS) vulnerability in framework/source/resource/qx/test/jsonp_primitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows... | Medium | CWE-79 |
Vite dev server option `server.fs.deny` can be bypassed when hosted on case-insensitive filesystemVite dev server option server.fs.deny can be bypassed on case-insensitive file systems using case-augmented versions of filenames. Notably this affects servers hosted on Windows. | High | CWE-284 |
@hono/node-server cannot handle "double dots" in URLSince v1.3.0, we use our own Request object. This is great, but the url behavior is unexpected. | Medium | CWE-22 |
Incorrect Default Permissions in log4jsDefault file permissions for log files created by the file, fileSync and dateFile appenders are world-readable (in unix). This could cause problems if log files... | Medium | CWE-276 |
Sending a GET or HEAD request with a body crashes SvelteKit (GHSA-g5m6-hxpp-fc49)In SvelteKit 2 sending a GET request with a body eg {} to a SvelteKit app in preview or with adapter-node throws Request with GET/HEAD... | High | CWE-20 |
Sending a GET or HEAD request with a body crashes SvelteKitIn SvelteKit 2 sending a GET request with a body eg {} to a SvelteKit app in preview or with adapter-node throws Request with GET/HEAD... | High | CWE-20 |
fast-xml-parser vulnerable to Regex Injection via Doctype Entities“fast-xml-parser” allows special characters in entity names, which are not escaped or sanitized. Since the entity name is used for creating a regex for searching... | High | CWE-1333 |
npm package rfc6902 vulnerable to Prototype PollutionA vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly... | High | CWE-74 |
@urql/next Cross-site Scripting vulnerabilityThe @urql/next package is vulnerable to XSS. To exploit this an attacker would need to ensure that the response returns html tags and that the... | High | CWE-79 |
MathJax Regular expression Denial of Service (ReDoS)Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service (ReDoS) vulnerabilities in MathJax.js via the components pattern and markdownPattern. NOTE:... | High | CWE-1333 |
Follow Redirects improperly handles URLs in the url.parse() functionVersions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse() function. When... | Medium | CWE-601 |
@lobehub/chat vulnerable to unauthorized access to pluginsWhen the application is password-protected (deployed with the ACCESS_CODE option), it is possible to access plugins without proper authorization (without password). | Medium | CWE-284 |
crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standardNo description available. | High | CWE-916 |
shvl vulnerable to prototype pollutionPrototype pollution vulnerability in ‘shvl’ versions 1.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.... | High | CWE-1321 |
DeviceFarmer stf uses DES-ECBDeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptographic Algorithm. | High | CWE-327 |
Denial of Service in uap-coreSome regexes are vulnerable to regular expression denial of service (REDoS) due to overlapping capture groups. This allows remote attackers to overload a server by... | High | CWE-400 |
Denial of Service in uap-core when processing crafted User-Agent stringsSome regexes are vulnerable to regular expression denial of service (REDoS) due to overlapping capture groups. This allows remote attackers to overload a server by... | Medium | CWE-20 |
Regular Expression Denial of Service in markedVersions 0.3.3 and earlier of marked are affected by a regular expression denial of service ( ReDoS ) vulnerability when passed inputs that reach the... | High | CWE-1333 |
Stimulsoft Dashboard.JS directory traversal vulnerabilityDirectory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.3 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName... | High | CWE-22 |
Stimulsoft Dashboard.JS Cross Site Scripting vulnerabilityCross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the... | Medium | CWE-79 |
Default swagger-ui configuration exposes all files in the moduleThe default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module’s directory being exposed via http routes served by the... | Medium | CWE-1188 |
Undici's cookie header not cleared on cross-origin redirect in fetchUndici clears Authorization headers on cross-origin redirects, but does not clear Cookie headers. By design, cookie headers are forbidden request headers, disallowing them to be... | Low | CWE-200 |
Cross-site Scripting in electron-pdfelectron-pdf version 20.0.0 allows an external attacker to remotely obtain | High | CWE-79 |
Prototype Pollution in JSON5 via Parse MethodThe parse method of the JSON5 library before and including version 2.2.1 does not restrict parsing of keys named __proto__, allowing specially crafted strings to... | High | CWE-1321 |
es5-ext vulnerable to Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`Passing functions with very long names or complex default argument names into function#copy orfunction#toStringTokens may put script to stall | Low | CWE-1333 |
Marvin Attack of RSA and RSAOAEP decryption in jsrsasignRSA PKCS#1.5 or RSAOAEP ciphertexts may be decrypted by this Marvin attack vulnerability. | High | CWE-203 |
Starcounter-Jack JSON-Patch Prototype Pollution vulnerabilityA vulnerability has been found in Starcounter-Jack JSON-Patch up to 3.1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improperly... | High | CWE-1321 |
Potential leakage of Sentry auth tokens by React Native SDK with Expo pluginSDK versions between and including 5.16.0 and 5.19.0 allowed Sentry auth tokens to be set in the optional authToken configuration parameter, for debugging purposes. | Low | CWE-200 |
ZDI-CAN-19105: Parse Server literalizeRegexPart SQL InjectionThis vulnerability allows SQL injection when Parse Server is configured to use the PostgreSQL database. | High | CWE-89 |
Budibase affected by VM2 Constructor Escape VulnerabilityPreviously, budibase used a library called vm2 for code execution inside the Budibase builder and apps, such as the UI below for configuring bindings in... | High | CWE-94 |
Stimulsoft Dashboard.JS Cross Site Scripting vulnerability (GHSA-9cgf-pxwq-2cpw)Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the... | Medium | CWE-79 |
JSONata expression can pollute the "Object" prototypeIn JSONata versions >= 1.4.0, < 1.8.7 and >= 2.0.0, < 2.0.4, a malicious expression can use the transform operator to override properties on the... | High | CWE-1321 |
TurboBoost Commands vulnerable to arbitrary method invocationTurboBoost Commands has existing protections in place to guarantee that only public methods on Command classes can be invoked; however, the existing checks aren’t as... | High | CWE-74 |
Server crashes on invalid Cloud Function or Cloud Job nameCalling an invalid Parse Server Cloud Function name or Cloud Job name crashes server and may allow for code injection. | High | CWE-74 |
Strapi 4.1.12 Cross-site Scripting via crafted fileAn unrestricted file upload vulnerability in the Add New Assets function of Strapi v4.1.12 allows attackers to execute arbitrary code via a crafted file. After... | Medium | CWE-79 |
Server-Side Request Forgery in RequestThe request package through 2.88.2 for Node.js and the @cypress/request package prior to 3.0.0 allow a bypass of SSRF mitigations via an attacker-controller server that... | Medium | CWE-918 |
RSSHub Cross-site Scripting vulnerability caused by internal media proxyWhen the specially crafted image is supplied to the internal media proxy, it proxies the image without handling XSS vulnerabilities, allowing for the execution of... | Medium | CWE-79 |
RSSHub vulnerable to Server-Side Request ForgeryServeral Server-Side Request Forgery (SSRF) vulnerabilities in RSSHub allow remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary... | Medium | CWE-918 |
SQL injection in typeORMThe findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOptions object. When input to the function is a... | High | CWE-89 |
Cross-site scripting in Survey CreatorCross Site Scripting (XSS) vulnerability in SurveyJS Survey Creator v.1.9.132 and before, allows attackers to execute arbitrary code and obtain sensitive information via the title... | Medium | CWE-79 |
Path traversal in webpack-dev-middlewareNo description available. | High | CWE-22 |
Cache Poisoning VulnerabilityAn attacker controlling the second variable of the translate function is able to perform a cache poisoning attack. They can change the outcome of translation... | Medium | CWE-20 |
Regular Expression Denial of Service in debugAffected versions of debug are vulnerable to regular expression denial of service when untrusted user input is passed into the o formatter. | Low | CWE-400 |
KaTeX's maxExpand bypassed by `\edef`KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops.... | Medium | CWE-674 |
KaTeX's maxExpand bypassed by Unicode sub/superscriptsKaTeX users who render untrusted mathematical expressions could encounter malicious input using \def or \newcommand that causes a near-infinite loop, despite setting maxExpand to avoid... | Medium | CWE-674 |
KaTeX's `\includegraphics` does not escape filenameKaTeX users who render untrusted mathematical expressions could encounter malicious input using \includegraphics that runs arbitrary JavaScript, or generate invalid HTML. | Medium | CWE-116 |
KaTeX missing normalization of the protocol in URLs allows bypassing forbidden protocolsCode that uses KaTeX’s trust option, specifically that provides a function to block-list certain URL protocols, can be fooled by URLs in malicious inputs that... | Medium | CWE-184 |
@workos-inc/authkit-nextjs session replay vulnerabilityA user can reuse an expired session by controlling the x-workos-session header. | Medium | CWE-294 |
jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintext (GHSA-hhhv-q57g-882q) 2A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for decompressing plaintext after its decryption. This... | Medium | CWE-400 |
jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintext (GHSA-hhhv-q57g-882q)A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for decompressing plaintext after its decryption. This... | Medium | CWE-400 |
jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintextA vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for decompressing plaintext after its decryption. This... | Medium | CWE-400 |
MooTools Regular Expression Denial of ServiceMooTools is a collection of JavaScript utilities for JavaScript developers. All known versions include a CSS selector parser that is vulnerable to Regular Expression Denial... | High | CWE-400 |
jplayer Cross Site Scripting vulnerabilityMultiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3. | Medium | CWE-79 |
follow-redirects' Proxy-Authorization header kept across hostsWhen using axios, its dependency follow-redirects only clears authorization header during cross-domain redirect, but allows the proxy-authentication header which contains credentials too. | Medium | CWE-200 |
Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious codeUsing Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that rely... | High | CWE-697 |
Vite's `server.fs.deny` did not deny requests for patterns with directories.Vite dev server option server.fs.deny did not deny requests for patterns with directories. An example of such a pattern is /foo/**/*. | Medium | CWE-284 |
dectalk-tts Uses Unencrypted HTTP RequestIn [email protected], network requests to the third-party API are sent over HTTP, which is unencrypted. Unencrypted traffic can be easily intercepted and modified by attackers.... | High | CWE-598 |
PsiTransfer: Violation of the integrity of file distributionSummaryThe absence of restrictions on the endpoint, which allows you to create a path for uploading a file in a file distribution, allows an attacker... | Medium | CWE-434 |
PsiTransfer: File integrity violationThe absence of restrictions on the endpoint, which is designed for uploading files, allows an attacker who received the id of a file distribution to... | Medium | CWE-434 |
Summernote vulnerable to cross-site scriptingCross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter.... | Medium | CWE-79 |
Matrix IRC Bridge truncated content of messages can be leakedThe matrix-appservice-irc before version 2.0.0 can be exploited to leak the truncated body of a message if a malicious user sends a Matrix reply to... | Medium | CWE-280 |
Handling untrusted input can result in a crash, leading to loss of availability / denial of serviceUsing particular inputs with @solana/web3.js will result in memory exhaustion (OOM). | High | CWE-119 |
Prototype pollution in emit functionA prototype pollution in derby can crash the application, if the application author has atypical HTML templates that feed user input into an object key.... | Low | CWE-1321 |
Stored Cross-site Scripting (XSS) in excalidraw's web embed componentA stored XSS vulnerability in Excalidraw’s web embeddable component. This allows arbitrary JavaScript to be run in the context of the domain where the editor... | Medium | CWE-79 |
@hono/node-server has Denial of Service risk when receiving Host header that cannot be parsedThe application hangs when receiving a Host header with a value that @hono/node-server can’t handle well. Invalid values are those that cannot be parsed by... | High | CWE-755 |
zcap has incomplete expiration checks in capability chains.When invoking a capability with a chain depth of 2, i.e., it is delegated directly from the root capability, the expires property is not properly... | Medium | CWE-613 |
Regular Expression Denial Of Service in uri-jsAffected versions of uri-js is susceptible to a regular expression denial of service vulnerability when user input is sent to the .parse() method. | Medium | CWE-400 |
jqueryFileTree vulnerable to Directory TraversaljqueryFileTree 2.1.5 and older is vulnerable to Directory Traversal | High | CWE-22 |
Sanitize-html Vulnerable To REDoS AttacksThe package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment... | High | CWE-1333 |
thlorenz browserify-shim vulnerable to prototype pollution (GHSA-cfgr-75jx-h88g)Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the shimPath variable in resolve-shims.js. | High | CWE-1321 |
thlorenz browserify-shim vulnerable to prototype pollution (GHSA-r737-347m-wqc7)Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the fullPath variable in resolve-shims.js. | High | CWE-1321 |
thlorenz browserify-shim vulnerable to prototype pollutionPrototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the k variable in resolve-shims.js. | High | CWE-1321 |
Joplin vulnerable to Cross-site Scripting in notesJoplin before 2.0.9 allows Cross-site Scripting via button and form in the note body. | Medium | CWE-79 |
Joplin Vulnerable to Code InjectionJoplin prior to version 2.7.1 allows remote attackers to execute system commands through malicious code in user search results. | High | CWE-94 |
Joplin Vulnerable to Cross-site Scripting in Note ContentJoplin version prior to 1.0.90 contains a Cross-site Scripting (XSS) evolving into code execution due to enabled nodeIntegration for that particular BrowserWindow instance where XSS... | Medium | CWE-79 |
Joplin Cross Site Scripting Vulnerability via NOSCRIPT tagsCross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html. | Medium | CWE-79 |
Joplin Remote Code ExecutionJoplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via... | High | CWE-20 |
MediaElement Vulnerable to Reflected XSSCross-site scripting (XSS) vulnerability in flash/FlashMediaElement.swf in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or... | Medium | CWE-79 |
Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrectIf an attacker can alter the integrity option passed to fetch(), they can let fetch() accept requests as valid even if they have been tampered.... | Low | CWE-284 |
Undici proxy-authorization header not cleared on cross-origin redirect in fetchUndici already cleared Authorization headers on cross-origin redirects, but did not clear Proxy-Authorization headers. | Low | CWE-200 |
Server-Side Template Injection in formioA Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL. NOTE:... | High | CWE-74 |
Vditor allows Cross-site Scripting via an attribute of an `A` elementVditor 3.10.3 allows XSS via an attribute of an A element. | Medium | CWE-79 |
Apache 2.4.49 Path Traversal and RCEA vulnerability was discovered in Apache HTTP Server 2.4.49 related to changes made to path normalization. This flaw enables attackers to perform path traversal attacks,... | High | CWE-78 |
Apache Expect Header Cross Site ScriptingCross-Site Scripting (XSS) attacks occur when malicious scripts are injected into trusted websites, often through user inputs, and executed in the browsers of other users.... | High | CWE-79 |
Apache mod_jk Access Control BypassThe Apache Web Server (httpd) with Apache Tomcat JK (mod_jk) Connector versions 1.2.0 to 1.2.44 contains a flaw in path normalization, allowing specially crafted requests... | High | |
Apache mod_proxy 2.4.48 SSRFA vulnerability exists in Apache HTTP Server 2.4.48 and earlier versions, specifically within the mod_proxy module. An attacker can exploit this flaw by crafting a... | Medium | CWE-918 |
Apache server-info enabledExposing the Apache server-info page allows attackers to gather detailed information about the server configuration, installed modules, and other system-related details, aiding potential attacks. | Medium | CWE-200 |
Apache server-status enabledExposing the Apache server-status page allows attackers to gather detailed information about the server’s current state, facilitating potential attacks by revealing active connections, server uptime,... | Medium | CWE-200 |
Apache Struts 2 Forced double OGNL evaluation S2-059The Apache Struts framework, when forced, performs double evaluation of attributes’ values assigned to certain tags attributes such as id. This allows attackers to pass... | High | CWE-78 |
Apache Struts 2 RCE S2-045Apache Struts 2 suffers from a Remote Code Execution (RCE) vulnerability, designated as S2-045. This vulnerability allows attackers to execute arbitrary commands on the server... | High | CWE-78 |
Apache Struts 2 REST plugin XStream RCE S2-052Apache Struts 2, specifically the REST Plugin, is susceptible to a Remote Code Execution (RCE) vulnerability identified as S2-052. This vulnerability arises due to the... | High | CWE-78 |
Apache Struts OGNL expression RCE S2-057A Remote Code Execution (RCE) attack is possible in Apache Struts when alwaysSelectFullNamespace is set to true (either by the user or by a plugin... | High | CWE-78 |
Apache Tomcat JSP Upload RCEApache Tomcat is susceptible to a Remote Code Execution (RCE) vulnerability when running on Windows with HTTP PUTs enabled. By sending a specially crafted request,... | High | CWE-78 |
Apache Tomcat Manager Login FoundBy default, the Tomcat Manager application should only be accessible from a browser running on the same machine as Tomcat. However, if the Manager login... | Medium | |
Apache Version DisclosureA misconfigured web server may expose the Apache version number either in the Server HTTP header or in the body of error pages. Attackers leverage... | Informational | CWE-200 |
Application and Database ErrorAn application and database error occurs when the application encounters issues related to both its functionality and interaction with the database backend. Unhandled exceptions in... | Medium | CWE-209 |
Application ErrorUnhandled exceptions pose two primary risks. Firstly, they can lead to denial of service by causing memory leaks or excessive resource consumption. Secondly, they may... | Medium | CWE-209 |
Arbitrary Source Code DisclosureArbitrary Source Code Disclosure is a vulnerability that occurs when it’s possible to access the source code of any file on a web application, potentially... | High | CWE-540 |
ASP.NET Version DisclosureThe presence of the X-AspNet-Version and X-AspNetMvc-Version headers exposes the version of ASP.NET used by the web server, providing valuable information to attackers. This disclosure... | Informational | CWE-200 |
Auto Complete Enabled Password InputEnabling autocomplete for password input fields allows browsers to save and autofill sensitive information, such as passwords. This poses a security risk, particularly on shared... | Low | CWE-16 |
Basic Authentication Over HTTPUsing Basic Authentication over HTTP exposes user credentials to potential interception by attackers who can sniff and capture HTTP traffic. This authentication method sends credentials... | Medium | CWE-319 |
Blind OS Command ExecutionBlind OS Command Execution, also known as Command Injection, is a severe vulnerability that allows attackers to execute arbitrary commands on the host operating system... | High | CWE-78 |
Blind SQL InjectionBlind SQL Injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database without directly... | High | CWE-89 |
BREACH attackBREACH is a variant of the CRIME attack that targets HTTP compression, specifically gzip or DEFLATE algorithms used via the content-encoding option within HTTP. Attackers... | Low | CWE-310 |
Broken LinkBroken hyperlinks in web pages can create a bad experience for the users. It can also affect the web page ranking in web search results.... | Informational | |
Brute Force Prevention BypassedBrute Force Prevention Bypassed occurs when software lacks adequate measures to counter multiple failed authentication attempts within a short time frame, rendering it vulnerable to... | Medium | CWE-307 |
Buffer OverflowBuffer overflow occurs when an application accepts more data than it can handle, leading to data overflowing the designated memory space. This vulnerability can be... | Medium | CWE-119 |
Content Character Encoding is not DefinedWhen the character encoding is not explicitly defined in web content, browsers may resort to guessing or using a default encoding. This can lead to... | Informational | CWE-16 |
Content-Security-Policy Header is MissingThe absence of the Content-Security-Policy (CSP) response header leaves a website vulnerable to various types of attacks, including Cross-Site Scripting (XSS) and data injection attacks.... | Low | CWE-16 |
Cookie Accessible for SubdomainsThe presence of the Domain attribute in the Set-Cookie header instructs browsers to send the cookie to any subdomains of the specified domain. This can... | Informational | CWE-16 |
Cookie without HttpOnly FlagThe absence of the HttpOnly flag in cookies allows JavaScript running on the client-side to access them through the Document.cookie API. This presents a security... | Low | CWE-16 |
Cookie without SameSite FlagThe absence of the SameSite flag in cookies leaves them vulnerable to cross-site request forgery (CSRF) attacks, where unauthorized actions are performed on behalf of... | Low | CWE-16 |
Cookie without Secure FlagThe absence of the Secure flag in cookies allows them to be transmitted over unencrypted connections, making them vulnerable to interception by attackers conducting man-in-the-middle... | Low | CWE-614 |
CRIME (SPDY) attackThe CRIME (Compression Ratio Info-leak Made Easy) attack targets the SPDY protocol versions 3 and earlier, used in browsers like Mozilla Firefox and Google Chrome.... | Low | CWE-310 |
CRIME (SSL/TLS) attackCRIME (Compression Ratio Info-leak Made Easy) is a security exploit targeting secret web cookies transmitted over HTTPS and SPDY connections utilizing data compression. By analyzing... | Low | CWE-310 |
CRLF Injection in URLCRLF injection involves injecting Carriage Return (ASCII 13, \r) and Line Feed (ASCII 10, \n) characters into web requests or responses. These characters are used... | High | CWE-93 |
Cross-Origin Resource Sharing AllowedCross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to allow a web application running at one origin to access selected resources... | Informational | CWE-942 |
Cross Site ScriptingCross-Site Scripting (XSS) attacks occur when malicious scripts are injected into trusted websites, often through user inputs, and executed in the browsers of other users.... | High | CWE-79 |
Database ErrorA database error occurs when the application encounters an issue while interacting with the database backend. Such errors can arise due to various factors, including... | Medium | CWE-209 |
Detailed Application and Database ErrorDetailed application and database errors occur when the application encounters issues related to both its functionality and interaction with the database backend. These errors expose... | Medium | CWE-209 |
Detailed Application ErrorDetailed application errors, caused by unhandled exceptions, pose two primary risks. Firstly, they can lead to denial of service by causing memory leaks or excessive... | Medium | CWE-209 |
Directory Listing of Sensitive FilesDirectory listing of sensitive files occurs when directory listing, if enabled, exposes the complete index of resources within a directory to potential attackers. This can... | Low | CWE-548 |
Directory ListingDirectory listing, when enabled, exposes the complete index of resources within a directory to potential attackers. This can lead to unauthorized access to sensitive files... | Low | CWE-548 |
Drupal 4.1/4.2 XSSCross-Site Scripting (XSS) attacks occur when malicious scripts are injected into trusted websites, often through user inputs, and executed in the browsers of other users.... | High | CWE-79 |
Drupal 'Drupalgeddon2' Remote Code ExecutionA vulnerability in multiple subsystems of Drupal allows remote attackers to execute arbitrary operating system commands on the server, leading to potential compromise of the... | High | CWE-78 |
Drupal Module Cumulus Cross Site ScriptingCross-Site Scripting (XSS) attacks occur when malicious scripts are injected into trusted websites, often through user inputs, and executed in the browsers of other users.... | High | CWE-79 |
Drupal7 Pre Auth SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Email Address DisclosureThe disclosure of email addresses on webpages can make them vulnerable to harvesting by spambots, leading to an influx of unsolicited spam emails. | Informational | CWE-200 |
Expression Language InjectionExpression Language Injection (EL Injection) is a critical vulnerability that occurs when user inputs are used to construct dynamic expressions in web applications without proper... | High | CWE-917 |
File Upload FunctionalityThe <input> element with type="file" enables users to select and upload files from their device storage to a remote server. However, unrestricted file upload functionality... | Informational | |
Hidden Resource in Robots.txtHidden resources in robots.txt refer to sensitive paths or directories that are inadvertently exposed in the robots.txt file. The robots.txt file is used to instruct... | Medium | CWE-200 |
Host Header InjectionDuring the processing of an incoming HTTP request, the web server relies on the Host HTTP header to determine which component or virtual host should... | Medium | |
HTTP Protocol Stack Remote Code Execution Vulnerability (DOS)A vulnerability in the Microsoft Windows HTTP Protocol Stack (HTTP.sys) allows remote attackers to execute arbitrary code or cause a system crash on the host... | High | |
HTTP Response SplittingHTTP response splitting is the result of the failure of a web application to properly sanitize CR (ASCII 0x0D) and LF (ASCII 0x0A) character in... | High | CWE-20 |
Insecure Deserialization Remote Code ExecutionInsecure deserialization remote code execution is a critical security vulnerability that occurs when an application deserializes a user-supplied object string without properly verifying its integrity.... | High | CWE-502 |
Insecure DeserializationInsecure deserialization occurs when an application deserializes a user-supplied object string without properly verifying its integrity. This vulnerability enables attackers to manipulate the system state... | High | CWE-502 |
Insecure Inline FrameWhen an inline frame tag (<iframe>) on a webpage references an external resource without the sandbox attribute set, it allows the external URL to manipulate... | Medium | CWE-829 |
Internal Server ErrorAn internal server error occurs when the server encounters an unexpected condition that prevents it from fulfilling the request. This error can result from various... | Medium | CWE-755 |
Joomla! 1.5 < 3.4.5 RCEOS Command Execution, also known as Command Injection, is a severe vulnerability that allows attackers to execute arbitrary commands on the host operating system. Attackers... | High | CWE-78 |
Joomla! < 1.7.0 XSSCross-Site Scripting (XSS) attacks occur when malicious scripts are injected into trusted websites, often through user inputs, and executed in the browsers of other users.... | High | CWE-79 |
Joomla! 3.2.1 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Advertisement Board 3.1.0 'catname' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Aist 2.0 'id' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component AllVideos Reloaded 1.2.x 'divid' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component CcNewsletter 2.x.x 'id' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Com_cbcontact 'contact_id' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Com_contenthistory SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Com_fields 3.7 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component com_hdwplayer 4.2 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Com_newsfeeds 1.0 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Com_rsgallery2 2.0 'catid' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Com_shop 'editid' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Com_shop 'id' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component DT Register 3.2.7 'id' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Fastball 2.5 'season' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component File Download Tracker 3.0 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Form Maker 3.6.12 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Google Map Landkarten 4.2.3 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component InviteX 3.0.5 'invite_type' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component JB Bus 2.3 'order_number' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component JCK Editor 6.4.4 'parent' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component JCK Editor 6.4.4 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component JEXTN Video Gallery 3.0.5 'id' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component JGive 2.0.9 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Jobs Factory 2.0.4 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component JomEstate PRO 3.7 'id' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component JquickContact 1.3.2.2.1 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Music Collection 3.0.3 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component NextGen Editor 2.1.0 'plname' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Odudeprofile 2.8 'profession' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Reverse Auction Factory 4.3.8 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! Component Timetable Responsive Schedule For Joomla! 1.5 'alias' SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Joomla! 'J2Store < 3.3.7' SQL InjectionA vulnerability in the J2Store component for Joomla! allows attackers to inject and execute SQL commands on the website’s database, potentially leading to data theft,... | High | |
Joomla! Pinterest Clone Social Pinboard 2.0 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
Local File InclusionLocal File Inclusion (LFI) is a vulnerability that allows attackers to include local files, exploiting dynamic file inclusion mechanisms in the target application. This occurs... | High | CWE-98 |
Microsoft IIS Tilde Directory EnumerationIn some versions of Microsoft IIS, it is possible to detect the existence of files using an 8.3 short filename (SFN). This vulnerability allows attackers... | Medium | CWE-200 |
Missing or Insecure Cache-Control HeaderWeb cache or HTTP cache is a system used to optimize web performance. Browsers cache the contents of a resource to reuse it on subsequent... | Informational | CWE-525 |
Nginx Code Execution due to MisconfigurationMisconfigurations in Nginx, particularly with PHP FPM (FastCGI Process Manager), can lead to a critical security vulnerability. Attackers can exploit this misconfiguration by appending /.php... | High | CWE-16 |
Nginx Integer OverflowNginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to an integer overflow vulnerability in the nginx range filter module. This vulnerability can... | High | CWE-200 |
Nginx Null Byte Code ExecutionAllowing null byte character (ASCII 0x00) in the URL can lead to a severe security risk. If the user can manipulate file contents on the... | High | CWE-158 |
Nginx Restriction Bypass via Space Character in URIA vulnerability in Nginx allows attackers to bypass security restrictions in specific configurations by exploiting a flaw in request URI processing. When an unescaped space... | High | CWE-20 |
Nginx Version DisclosureThe Server header reveals detailed information about the server application handling the request, including the Nginx version. Exposing this information can aid attackers in identifying... | Informational | CWE-200 |
No HTTPSIn HTTP communications, traffic is not encrypted and can be captured by an attacker who has access to a network interface. This exposes sensitive information... | Medium | CWE-319 |
No Redirection from HTTP to HTTPSIn scenarios where HTTPS is enabled but HTTP requests are not automatically redirected to HTTPS, users must explicitly use the HTTPS URL to ensure encrypted... | Medium | CWE-311 |
Old/Backup Resource FoundOld or backup files left accessible on a web server can inadvertently expose sensitive information such as source code, administrative interfaces, or credentials. These files... | Low | CWE-530 |
Open Redirection In URLUnvalidated redirects and forwards occur when a web application accepts untrusted input that could redirect the user to a URL provided within the input. Attackers... | High | CWE-601 |
OS Command ExecutionOS Command Execution, also known as Command Injection, is a severe vulnerability that allows attackers to execute arbitrary commands on the host operating system. Attackers... | High | CWE-78 |
Passive Mixed ContentWhen a user visits a page served over HTTPS, their connection with the web server is encrypted with TLS, protecting it from most sniffers and... | Low | CWE-319 |
Password Input on HTTPWhen passwords are sent over unencrypted HTTP traffic, attackers can intercept and capture them easily, leading to unauthorized access to user accounts, sensitive data exposure,... | Medium | CWE-319 |
Password Sent in HTTP QueryWhen passwords are included in URLs and sent as part of HTTP queries, they may be logged in various places, including server logs, and disclosed... | Medium | CWE-319 |
Password Sent in QueryWhen passwords are included in URLs and sent as part of HTTP queries, they may be logged in various places, including server logs, and disclosed... | Low | CWE-598 |
Password Sent Over HTTPWhen passwords are sent over unencrypted HTTP traffic, attackers can intercept and capture them easily, leading to unauthorized access to user accounts, sensitive data exposure,... | Medium | CWE-319 |
Path Disclosure in Robots.txtPath disclosure in robots.txt occurs when sensitive paths or directories are inadvertently exposed in the robots.txt file. The robots.txt file is used to instruct web... | Informational | CWE-200 |
PHP Version DisclosureExposing the PHP version used by the server facilitates attackers in identifying vulnerabilities more easily. This information exposes the server to potential risks. | Informational | CWE-200 |
phpinfo() FoundThe phpinfo() method in PHP reveals extensive details about the PHP environment, including configuration settings, server information, and installed extensions. While useful for debugging and... | Medium | CWE-200 |
Possible SQL InjectionPossible SQL Injection refers to a potential vulnerability where input data may be susceptible to SQL injection attacks. SQL injection is a type of attack... | High | CWE-89 |
Private IPv4 Address DisclosurePrivate IPv4 addresses are reserved for use within private networks such as local area networks (LANs). Revealing private IP addresses can provide insights into the... | Informational | CWE-200 |
Private IPv6 Address DisclosurePrivate IPv6 addresses are reserved for use within private networks and are not routable on the public Internet. Disclosing private IPv6 addresses can provide attackers... | Informational | CWE-200 |
ProfanityThe presence of profanity in web pages can create a negative user experience and may lead to decreased user engagement. Additionally, profanity can impact the... | Informational | |
Public-Key-Pins Header is SetThe HTTP Public-Key-Pins response header was used to associate a specific cryptographic public key with a web server to mitigate the risk of MITM attacks... | Informational | CWE-16 |
Redirection with BodyAn HTTP redirection (3XX status code) typically does not include a body. However, if a body is present in the redirection response, it indicates that... | Low | CWE-698 |
Referrer-Policy Header is MissingThe Referrer-Policy HTTP header controls the amount of referrer information (sent via the Referer header) included with requests. The Referer header contains the address of... | Informational | CWE-16 |
Remote File DisclosureRemote File Disclosure (RFD) is a vulnerability that allows an attacker to disclose files located on remote servers, exploiting dynamic file inclusion mechanisms implemented in... | High | CWE-98 |
Remote File InclusionRemote File Inclusion (RFI) is a vulnerability that allows attackers to include remote files, exploiting dynamic file inclusion mechanisms in the target application. This occurs... | High | CWE-98 |
Remote URL InclusionRemote URL Inclusion (RUI) is a vulnerability that allows an attacker to include a remote URL, exploiting dynamic URL inclusion mechanisms implemented in the target... | High | CWE-98 |
Robots.txt FoundThe robots.txt file is used to instruct web robots on which parts of a website to avoid crawling or indexing. While intended for cooperation with... | Informational | CWE-200 |
Secure Renegotiation is not supportedWhen a server does not support secure renegotiation in SSL/TLS connections, it becomes vulnerable to content injection at the start of sessions. This vulnerability requires... | Low | CWE-310 |
Sensitive Old/Backup Resource FoundSensitive Old/Backup Resource Found refers to old or backup files left accessible on a web server, which can inadvertently expose sensitive information such as source... | Medium | CWE-530 |
Sensitive Unreferenced Resource FoundSensitive Unreferenced Resource Found refers to the discovery of sensitive resources within a web application that are not directly linked or referenced within the application... | Low | CWE-552 |
Serialized Object FoundObject serialization allows transferring complex data structures over channels like HTTP. However, the presence of a serialized object within the application indicates potential vulnerabilities related... | High | CWE-502 |
Server Version DisclosureThe Server header describes the server application that handled the request. Detailed information in this header can expose the server to attackers. Using the information... | Low | CWE-200 |
Session Cookie Accessible for SubdomainsWhen the Domain attribute is present in the Set-Cookie header, browsers send the cookie to any subdomains of the specified domain. This can result in... | Low | CWE-16 |
Session Cookie without HttpOnly FlagThe absence of the HttpOnly flag in session cookies allows client-side JavaScript to access them, which poses a security risk. Without the HttpOnly flag, session... | Medium | CWE-16 |
Session Cookie without SameSite FlagThe absence of the SameSite flag in session cookies leaves them vulnerable to cross-site request forgery (CSRF) attacks, where unauthorized actions are performed on behalf... | Medium | CWE-16 |
Session Cookie without Secure FlagThe absence of the Secure flag in session cookies allows them to be transmitted over unencrypted connections, making them vulnerable to interception by attackers conducting... | Medium | CWE-614 |
Source Code DisclosureSource code disclosure occurs when the source code of a web application is inadvertently exposed to users, potentially revealing sensitive information such as credentials, API... | Medium | CWE-540 |
SQL Command DisclosureSQL commands reveal information about the structure of the underlying database. This information does not create any direct impact on the target, though it provides... | Informational | CWE-89 |
SQL InjectionSQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
SSL 2 enabledSSL version 2 is known to have numerous security vulnerabilities, rendering it highly insecure and susceptible to attacks. | High | CWE-326 |
SSL 3 enabledSSL version 3 is vulnerable to padding oracle attacks and other cryptographic weaknesses, making it insecure for use in secure communication. | Medium | CWE-326 |
Strict-Transport-Security Header is MissingThe absence of the HTTP Strict-Transport-Security (HSTS) response header leaves a website vulnerable to protocol downgrade attacks and session hijacking. Without this header, attackers can... | Low | CWE-16 |
Subresource Integrity is MissingSubresource Integrity (SRI) is a security feature that allows browsers to verify that resources fetched, such as from a content delivery network (CDN), are delivered... | Low | CWE-353 |
The Heartbleed BugHeartbleed is a critical security vulnerability found in the OpenSSL cryptography library, used for implementing the Transport Layer Security (TLS) protocol. Attackers can exploit this... | High | CWE-200 |
The POODLE attackThe POODLE attack (Padding Oracle On Downgraded Legacy Encryption) is a vulnerability that exploits SSL 3.0 fallback mechanisms in internet and security software clients. Attackers... | Medium | CWE-327 |
The ShellShock BugShellshock, also known as Bashdoor, is a critical vulnerability in the Unix Bash shell that allows attackers to execute arbitrary commands and gain unauthorized access.... | High | CWE-78 |
Time Based SQL InjectionTime Based SQL Injection is a type of SQL injection attack where the attacker manipulates the timing of SQL query execution to infer information about... | High | CWE-89 |
TLS 1.0 enabledTLS version 1.0 is known to have several security vulnerabilities and weaknesses, making it susceptible to attacks. | Medium | CWE-326 |
TLS 1.1 enabledTLS version 1.1 is known to have several security vulnerabilities and weaknesses, rendering it insecure for use. | Low | CWE-326 |
Tomcat Version DisclosureExposing detailed information such as the Tomcat version number facilitates attackers in identifying vulnerabilities and planning their attacks more effectively. | Informational | CWE-200 |
TRACE Method AllowedThe HTTP TRACE method allows clients to view the entire request received by the web server, primarily for testing and diagnostic purposes. However, enabling this... | Low | CWE-16 |
TRACK Method AllowedThe HTTP TRACK and TRACE methods allow the client to see the entire request that the web server has received. Although primarily intended for testing... | Low | CWE-16 |
Unicode Transformation IssueThe Unicode Standard provides a unified encoding scheme for characters worldwide, enhancing program globalization and security. However, improper usage of Unicode can introduce security vulnerabilities,... | High | CWE-176 |
Unix Path DisclosureFile and directory paths reveal information about the structure of the file system of the underlying OS. While this information does not directly impact the... | Informational | CWE-200 |
Unreferenced Repository FoundUnreferenced repositories, such as those from version control systems like Git, SVN, CVS, and Mercurial, contain valuable information such as source code, historical changes, and... | High | CWE-552 |
Unreferenced Resource FoundUnreferenced resources in web applications may reveal sensitive information and provide attackers with insights into potential attack vectors. These resources, although not directly linked or... | Informational | CWE-552 |
Unreferenced Source Code DisclosureUnreferenced Source Code Disclosure is a vulnerability that occurs when a backup file or source code file of an application is accessible to users, potentially... | High | CWE-540 |
Unvalidated RedirectionUnvalidated redirects and forwards occur when a web application accepts untrusted input that could redirect the user to a URL provided within the input. Attackers... | High | CWE-601 |
User Controllable URLUser-controllable URLs refer to HTML attributes with a value type of URI, such as href in the a tag or src in the img tag.... | Medium | CWE-20 |
User EnumerationUser Enumeration occurs when web applications inadvertently reveal whether a username exists on the system, either due to misconfiguration or design decisions. Attackers exploit this... | Medium | CWE-209 |
ViewState is not EncryptedThe ViewState, a hidden form input in ASP.NET pages, automatically persists information and application data specific to a page. If the ViewState is not encrypted,... | Informational | CWE-200 |
Vulnerable IIS VersionThe Internet Information Services (IIS) version used is outdated and has security flaws. Vulnerabilities in older versions could be exploited by attackers to compromise the... | Medium | |
Weak PasswordWeak Password vulnerabilities arise when applications fail to enforce strong password policies, making it easier for attackers to guess or crack users’ passwords, leading to... | High | CWE-521 |
Web Server Path TraversalWhen a web server fails to properly normalize and validate the ../ sequence in URL paths, it enables attackers to access files outside the intended... | High | CWE-22 |
Werkzeug Interactive Debugging is ActiveWerkzeug is a comprehensive WSGI web application library for the Python language. Werkzeug provides a WSGI middleware that renders nice tracebacks, optionally with an interactive... | Medium | CWE-209 |
Windows Path DisclosureFile and directory paths reveal information about the structure of the file system of the underlying OS. This information does not create any direct impact... | Informational | CWE-200 |
WordPress 4.6 Blind OS Command ExecutionPHPMailer before 5.2.18 allows remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code. It is possible to execute remote... | High | CWE-78 |
WordPress Plugin AdRotate 3.6.5 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin AdRotate 3.6.6 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin AdRotate 3.9.4 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin All Video Gallery 1.1 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Bannerize 2.8.6 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Bannerize 2.8.7 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Business Intelligence SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Chained Quiz 1.0.8 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Community Events 1.2.1 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin CP Multi View Event Calendar 1.01 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin CP Multi View Event Calendar 1.1.4 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin CP Multi View Event Calendar 1.1.7 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin DS FAQ 1.3.2 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Easy Contact Form Lite 1.0.7 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Event Registration 5.4.3 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Eventify Simple Events 1.7.f SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Facebook Promotions 1.3.3 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin File Groups 1.1.2 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin FireStorm Professional Real Estate 2.06.01 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Forum Server 1.7 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Glossary SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Google Document Embedder 2.5.14 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Google Document Embedder 2.5.16 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Hitasoft_player Ripe HD FLV Player 1.1 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Jetpack SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin JTRT Responsive Tables 4.1 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin KNR Author List Widget 2.0.0 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin LeagueManager 3.8 SQLIAn SQL Injection vulnerability exists in the league_id parameter of a function call made by the leaguemanager_export page. | High | |
WordPress Plugin Link Library 5.2.1 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin NEX Forms 3.0 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Olimometer 2.56 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin OQey Headers 0.3 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Paid Downloads 2.01 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Post Highlights 2.2 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin SCORM Cloud 1.0.6.6 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin SH Slideshow 3.1.4 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Smart Google Code Inserter 3.5 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Tune Library 2.17 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Users Ultra 1.5.50 Blind SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin VideoWhisper Video Presentation 1.1 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin WP Fastest Cache 0.8.4.8 Blind SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin WP Statistics 13.0.7 Time Based SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Wpfilemanager 6.8 RCEOS Command Execution, also known as Command Injection, is a severe vulnerability that allows attackers to execute arbitrary commands on the host operating system. Attackers... | High | CWE-78 |
WordPress Plugin Yolink Search 1.1.4 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Plugin Zotpress 4.4 SQLISQL injection is a type of attack where malicious SQL queries are inserted into input data, allowing attackers to manipulate the database. Successful exploitation can... | High | CWE-89 |
WordPress Theme Akal XSSCross-Site Scripting (XSS) attacks occur when malicious scripts are injected into trusted websites, often through user inputs, and executed in the browsers of other users.... | High | CWE-79 |
WordPress User EnumerationUser Enumeration occurs when web applications inadvertently reveal whether a username exists on the system, either due to misconfiguration or design decisions. Attackers exploit this... | Medium | CWE-209 |
X-Content-Type-Options Header is MissingThe absence of the X-Content-Type-Options response HTTP header may expose a website to MIME sniffing attacks. MIME sniffing, performed by browsers when the MIME type... | Informational | CWE-16 |
X-Frame-Options Header is MissingThe absence of the X-Frame-Options HTTP response header leaves a website vulnerable to click-jacking attacks. Without this header, attackers can embed the site’s content into... | Low | CWE-16 |
X-Powered-By Header FoundThe presence of the X-Powered-By header reveals the technologies used by the web server, providing valuable information to attackers. This disclosure can aid attackers in... | Informational | CWE-200 |
X-XSS-Protection Header is SetThe HTTP X-XSS-Protection response header, originally designed for Internet Explorer, Chrome, and Safari, aimed to mitigate reflected cross-site scripting (XSS) attacks. However, its effectiveness has... | Informational | CWE-16 |
@cyclonedx/cyclonedx-library Improper Restriction of XML External Entity Reference vulnerabilityXML External entity injections could be possible, when running the provided XML Validator on arbitrary input. | High | CWE-611 |
lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerabilityThe latest version of lobe-chat(by now v0.141.2) has an unauthorized ssrf vulnerability. An attacker can construct malicious requests to cause SSRF without logging in, attack... | High | CWE-918 |
json-schema-ref-parser Prototype Pollution issueA Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle(), parse(), resolve(),... | High | CWE-1321 |
vxe-table Cross-site Scripting vulnerabilityA vulnerability, which was classified as problematic, has been found in xuliangzhan vxe-table up to 3.7.9. This issue affects the function export of the file... | Low | CWE-79 |
Malicious PDF can inject JavaScript into PDF ViewerThe PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then... | High | CWE-94 |
Trix Editor Arbitrary Code Execution VulnerabilityThe Trix editor, versions prior to 2.1.1, is vulnerable to arbitrary code execution when copying and pasting content from the web or other documents with... | Medium | CWE-79 |
ghtml Cross-Site Scripting (XSS) vulnerabilityIt is possible to introduce user-controlled JavaScript code and trigger a Cross-Site Scripting (XSS) vulnerability in some cases. | High | CWE-80 |
SummerNote Cross Site Scripting VulnerabilitySummerNote 0.8.18 is vulnerable to Cross Site Scripting (XSS) via the Code View Function. | Medium | CWE-79 |
@strapi/plugin-content-manager leaks data via relations via the Admin PanelIf a super admin creates a collection where an item in the collection has an association to another collection, a user with the Author Role... | Low | CWE-639 |
Lobe Chat API Key LeakIf an attacker can successfully authenticate through SSO/Access Code, they can obtain the real backend API Key by modifying the base URL to their own... | Medium | CWE-918 |
matrix-appservice-irc IRC command injection via admin commands containing newlinesIt is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands... | Medium | CWE-20 |
Prototype Pollution in AjvAn issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution... | Medium | CWE-915 |
tough-cookie Prototype Pollution vulnerabilityVersions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This... | Medium | CWE-1321 |
Axios Cross-Site Request Forgery VulnerabilityAn issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for... | Medium | CWE-352 |
Prototype Pollution in asyncA vulnerability exists in Async through 3.2.1 for 3.x and through 2.6.3 for 2.x (fixed in 3.2.2 and 2.6.4), which could let a malicious user... | High | CWE-1321 |
Cross-site Scripting in ZenUMLMarkdown-based comments in the ZenUML diagram syntax are susceptible to Cross-site Scripting (XSS). | Medium | CWE-80 |
protobufjs Prototype Pollution vulnerabilityprotobuf.js (aka protobufjs) 6.10.0 until 6.11.4 and 7.0.0 until 7.2.4 allows Prototype Pollution, a different vulnerability than CVE-2022-25878. A user-controlled protobuf message can be used... | High | CWE-1321 |
ZDI-CAN-23894: Parse Server literalizeRegexPart SQL Injection Authentication Bypass VulnerabilityThis vulnerability allows SQL injection when Parse Server is configured to use the PostgreSQL database. | High | CWE-288 |
Blackprint @blackprint/engine Prototype Pollution issueA Prototype Pollution issue in Blackprint @blackprint/engine 0.8.12 through 0.9.1 allows an attacker to execute arbitrary code via the _utils.setDeepProperty function of engine.min.js. | High | CWE-94 |
Malicious Matrix homeserver can leak truncated message content of messages it shouldn't have access toThe fix for GHSA-wm4w-7h2q-3pf7 / CVE-2024-32000 included in matrix-appservice-irc 2.0.0 relied on the Matrix homeserver-provided timestamp to determine whether a user has access to the... | Medium | CWE-755 |
jsonic was discovered to contain a prototype pollution via the function empty.rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a... | High | CWE-94 |
The `size` option isn't honored after following a redirect in node-fetchNode Fetch did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError... | Low | CWE-770 |
Command Injection Vulnerabilitycommand injection vulnerability | High | CWE-78 |
Regular Expression Denial of Service in msVersions of ms prior to 0.7.1 are affected by a regular expression denial of service vulnerability when extremely long version strings are parsed. | High | CWE-400 |
Bootstrap Vulnerable to Cross-Site Scripting (GHSA-9v3m-8fp8-mj99)Versions of bootstrap prior to 3.4.1 for 3.x and 4.3.1 for 4.x are vulnerable to Cross-Site Scripting (XSS). The data-template attribute of the tooltip and... | Medium | CWE-79 |
Bootstrap Vulnerable to Cross-Site ScriptingVersions of bootstrap prior to 3.4.1 for 3.x and 4.3.1 for 4.x are vulnerable to Cross-Site Scripting (XSS). The data-template attribute of the tooltip and... | Medium | CWE-79 |
Bootstrap Cross-site Scripting vulnerability (GHSA-pj7m-g53m-7638)In Bootstrap 4.x before 4.1.2, XSS is possible in the data-target property of scrollspy. This is similar to CVE-2018-14042. | Medium | CWE-79 |
VvvebJs Arbitrary File Upload vulnerabilityArbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter... | Medium | CWE-434 |
ejs lacks certain pollution protectionThe ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection. | Medium | CWE-693 |
@thi.ng/paths Prototype Pollution vulnerabilityAn issue in @thi.ng/paths v.5.1.62 and before allows a remote attacker to execute arbitrary code via the mutIn and mutInManyUnsafe components. | High | CWE-1321 |
jrburke requirejs vulnerable to prototype pollutionjrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a... | High | CWE-1321 |
ws affected by a DoS when handling a request with many HTTP headersA request with a number of headers exceeding the[server.maxHeadersCount][] threshold could be used to crash a ws server. | High | CWE-476 |
XSS vulnerability that affects bootstrap (GHSA-3mgp-fx93-9xv5)In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute. | Medium | CWE-79 |
XSS vulnerability that affects bootstrapIn Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute. | Medium | CWE-79 |
Bootstrap Cross-site Scripting vulnerability (GHSA-4p24-vmcr-4gqj)In Bootstrap 2.x from 2.0.4, 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute. Note that this is a different... | Medium | CWE-79 |
Bootstrap Cross-site Scripting vulnerabilityIn Bootstrap 2.x from 2.0.4, 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute. Note that this is a different... | Medium | CWE-79 |
Bootstrap Cross-site Scripting vulnerability (GHSA-7mvr-5x2g-wfc8) 2In Bootstrap starting in version 2.3.0 and prior to versions 3.4.0 and 4.1.2, XSS is possible in the data-container property of tooltip. This is similar... | Medium | CWE-79 |
Bootstrap Cross-site Scripting vulnerability (GHSA-7mvr-5x2g-wfc8)In Bootstrap starting in version 2.3.0 and prior to versions 3.4.0 and 4.1.2, XSS is possible in the data-container property of tooltip. This is similar... | Medium | CWE-79 |
bootstrap Cross-site Scripting vulnerability (GHSA-ph58-4vrj-w6hr) 2In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property. | Medium | CWE-79 |
bootstrap Cross-site Scripting vulnerability (GHSA-ph58-4vrj-w6hr)In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property. | Medium | CWE-79 |
Bootstrap vulnerable to Cross-Site Scripting (XSS)In Bootstrap starting in version 2.3.0 and prior to 3.4.0, as well as 4.x before 4.1.2, XSS is possible in the collapse data-parent attribute. | Medium | CWE-79 |
Nuxt Devtools has a Path Traversal: '../filedirNuxt Devtools is missing authentication on the getTextAssetContent RPC function which is vulnerable to path traversal. Combined with a lack of Origin checks on the... | High | CWE-24 |
Nuxt Icon affected by a Server-Side Request Forgery (SSRF)nuxt/icon provides an API to allow client side icon lookup. This endpoint is at /api/_nuxt_icon/[name]. | High | CWE-918 |
@75lb/deep-merge Prototype Pollution vulnerabilityPrototype Pollution in 75lb deep-merge 1.1.1 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via merge... | High | CWE-1321 |
Undici vulnerable to data leak when using response.arrayBuffer()Depending on network and process conditions of a fetch() request, response.arrayBuffer() might include portion of memory from the Node.js process. | Low | CWE-201 |
Cross-site Scripting in quillA vulnerability in the HTML editor of Slab Quill allows an attacker to execute arbitrary JavaScript by storing an XSS payload (a crafted onloadstart attribute... | Medium | CWE-79 |
Vite Server Options (server.fs.deny) can be bypassed using double forward-slash (//)The issue involves a security vulnerability in Vite where the server options can be bypassed using a double forward slash (//). This vulnerability poses a... | High | CWE-706 |
Server-Side Request Forgery in axiosaxios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs. | High | CWE-918 |
Trix has a cross-site Scripting vulnerability on copy & pasteThe Trix editor, versions prior to 2.1.4, is vulnerable to XSS when pasting malicious code. This vulnerability is a bypass of the fix put in... | Medium | CWE-79 |
Elliptic allows BER-encoded signaturesIn the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed. | Low | CWE-347 |
Elliptic's ECDSA missing check for whether leading bit of r and s is zeroIn the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and... | Low | CWE-130 |
Elliptic's EDDSA missing signature length checkIn the Elliptic package 6.5.6 for Node.js, EDDSA signature malleability occurs because there is a missing signature length check, and thus zero-valued bytes can be... | Low | CWE-347 |
matrix-js-sdk will freeze when a user sets a room with itself as a its predecessorA malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk’s getRoomUpgradeHistory function will infinitely recurse in... | Medium | CWE-674 |
squirrelly Code Injection vulnerabilitysquirrellyjs squirrelly v9.0.0 was discovered to contain a code injection vulnerability via the component options.varName. The issue was fixed in version 9.1.0. | High | CWE-94 |
ag-grid packages vulnerable to Prototype Pollution (GHSA-328p-362g-r48j) 2ag-grid-enterprise v31.3.2 was discovered to contain a prototype pollution via the component _ModuleSupport.jsonApply. This vulnerability allows attackers to execute arbitrary code or cause a Denial... | Medium | CWE-1321 |
ag-grid packages vulnerable to Prototype Pollution (GHSA-328p-362g-r48j)ag-grid-enterprise v31.3.2 was discovered to contain a prototype pollution via the component _ModuleSupport.jsonApply. This vulnerability allows attackers to execute arbitrary code or cause a Denial... | Medium | CWE-1321 |
ag-grid packages vulnerable to Prototype Pollutionag-grid-enterprise v31.3.2 was discovered to contain a prototype pollution via the component _ModuleSupport.jsonApply. This vulnerability allows attackers to execute arbitrary code or cause a Denial... | Medium | CWE-1321 |
Cross-site scripting in Swagger-UIA Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based... | High | CWE-79 |
sanitize-html Information Exposure vulnerabilityVersions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration... | Medium | CWE-538 |
VvvebJs Reflected Cross-Site Scripting (XSS) vulnerabilityA reflected Cross-Site Scripting (XSS) vulnerability in VvvebJs before version 1.7.5 allows remote attackers to execute arbitrary code and obtain sensitive information via the action... | Medium | CWE-79 |
vue-template-compiler vulnerable to client-side Cross-Site Scripting (XSS)A vulnerability has been discovered in vue-template-compiler, that allows an attacker to perform XSS via prototype pollution. The attacker could change the prototype chain of... | Medium | CWE-79 |
Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSSWe discovered a DOM Clobbering vulnerability in Webpack’s AutoPublicPathRuntimeModule. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages... | Medium | CWE-79 |
Prototype pollution in ag-grid-community via the _.mergeDeep function (GHSA-876p-c77m-x2hc)ag-grid-community v31.3.2 and ag-grid-enterprise v31.3.2 were discovered to contain a prototype pollution via the _.mergeDeep function. This vulnerability allows attackers to execute arbitrary code or... | High | CWE-1321 |
Prototype pollution in ag-grid-community via the _.mergeDeep functionag-grid-community v31.3.2 and ag-grid-enterprise v31.3.2 were discovered to contain a prototype pollution via the _.mergeDeep function. This vulnerability allows attackers to execute arbitrary code or... | High | CWE-1321 |
Unreferenced Login Page FoundUnreferenced Login Page Found refers to the discovery of login pages within a web application that are not directly linked or referenced within the application... | Medium | CWE-656 |
WordPress Login Page FoundWordPress wp-login.php serves as the primary login page for both users and administrators. Attackers commonly exploit this page through password guessing and brute force attacks... | Medium | |
DOMPurify allows tampering by prototype pollutionIt has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also... | High | CWE-1333 |
DOM Clobbering Gadget found in Rspack's AutoPublicPathRuntimeModule that leads to XSSHi, Rspack|Webpack developer team! | Medium | CWE-79 |
Vite DOM Clobbering gadget found in vite bundled scripts that leads to XSSWe discovered a DOM Clobbering vulnerability in Vite when building scripts to cjs/iife/umd output format. The DOM Clobbering gadget in the module can lead to... | Medium | CWE-79 |
Vite's `server.fs.deny` is bypassed when using `?import&raw`The contents of arbitrary files can be returned to the browser. | Medium | CWE-284 |
Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's serviceVite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim’s service. | High | CWE-22 |
json-logic-js Command Injection vulnerabilityA vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js.... | High | CWE-77 |
PHP CGI Argument Injection RCEIn PHP, when configured as a CGI script (php-cgi), improper handling of certain query strings can allow remote attackers to execute arbitrary code. Specifically, query... | High | CWE-78 |
FUXA vulnerable to Local File InclusionFUXA <= 1.1.12 has a Local File Inclusion vulnerability via file=fuxa.log | High | CWE-98 |
FUXA local file inclusion vulnerabilityFUXA <= 1.1.12 is vulnerable to Local File Inclusion via /api/download. | High | CWE-98 |
Strapi's field level permissions not being respected in relationship titleField level permissions not being respected in relationship title.If I have a relationship title and the relationship shows a field I don’t have permission to... | Medium | CWE-400 |
Layui has DOM Clobbering gadgets that leads to Cross-site ScriptingA DOM Clobbering vulnerability has been discovered in layui that can lead to Cross-site Scripting (XSS) on web pages where attacker-controlled HTML elements (e.g., img... | Medium | CWE-79 |
DOM Clobbering Gadget found in rollup bundled scripts that leads to XSSWe discovered a DOM Clobbering vulnerability in rollup when bundling scripts that use import.meta.url or with plugins that emit and reference asset files from code... | High | CWE-79 |
lobe-chat implemented an insufficient fix for GHSA-mxhq-xw3g-rphc (CVE-2024-32964)SSRF protection implemented in https://github.com/lobehub/lobe-chat/blob/main/src/app/api/proxy/route.ts does not consider redirect and could be bypassed when attacker provides external malicious url which redirects to internal resources like... | Medium | CWE-918 |
uPlot Prototype Pollution vulnerabilityVersions of the package uplot before 1.6.31 are vulnerable to Prototype Pollution via the uplot.assign function due to missing check if the attribute resolves to... | High | CWE-1321 |
Stored XSS in Jupyter nbdime (GHSA-p6rw-44q7-3fw4)Improper handling of user controlled input caused a stored cross-site scripting (XSS) vulnerability. All previous versions of nbdime are affected. | Medium | CWE-79 |
Stored XSS in Jupyter nbdimeImproper handling of user controlled input caused a stored cross-site scripting (XSS) vulnerability. All previous versions of nbdime are affected. | Medium | CWE-79 |
Sentry SDK Prototype Pollution gadget in JavaScript SDKsIn case a Prototype Pollution vulnerability is present in a user’s application or bundled libraries, the Sentry SDK could potentially serve as a gadget to... | Medium | CWE-913 |
@saltcorn/plugins-loader unsanitized plugin name leads to a remote code execution (RCE) vulnerability when creating plugWhen creating a new plugin using the git source, the user-controlled value req.body.name is used to build the plugin directory where the location will be... | High | CWE-78 |
@saltcorn/server Remote Code Execution (RCE) / SQL injection via prototype pollution by manipulating `lang` and `defstThe endpoint /site-structure/localizer/save-string/:lang/:defstring accepts two parameter values: lang and defstring. These values are used in an unsafe way to set the keys and value of... | High | CWE-1321 |
@saltcorn/server arbitrary file and directory listing when accessing build mobile app resultsA user with admin permission can read arbitrary file and directory names on the filesystem by calling the admin/build-mobile-app/result?build_dir_name= endpoint. The build_dir_name parameter is not... | Medium | CWE-548 |
@saltcorn/server arbitrary file zip read and download when downloading auto backupsA user with admin permission can read and download arbitrary zip files when downloading auto backups. The file name used to identify the zip file... | Medium | CWE-22 |
Strapi Server-Side Request Forgery (SSRF)Strapi v4.24.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /strapi.io/_next/image. This vulnerability allows attackers to scan for open ports or... | High | CWE-918 |
Saltcorn Server Stored Cross-Site Scripting (XSS) in event logs pageEvent log data is not properly sanitized leading to stored Cross-Site Scripting (XSS) vulnerability. | Medium | CWE-79 |
Saltcorn Server allows logged-in users to delete arbitrary files because of a path traversal vulnerabilityA logged-in user with any role can delete arbitrary files on the filesystem by calling the sync/clean_sync_dir endpoint. The dir_name POST parameter is not validated/sanitized... | High | CWE-22 |
Cross-Site Scripting in jqueryVersions of jquery prior to 1.9.0 are vulnerable to Cross-Site Scripting. The load method fails to recognize and remove <script> HTML tags that contain a... | Medium | CWE-79 |
fast-xml-parser vulnerable to ReDOS at currency parsingA ReDOS that exists on currency.js was discovered by Gauss Security Labs R&D team. | High | CWE-400 |
DOMpurify has a nesting-based mXSSDOMpurify was vulnerable to nesting-based mXSS | High | CWE-79 |
angular-base64-upload vulnerable to unauthenticated remote code executionangular-base64-upload versions prior to v0.1.21 are vulnerable to unauthenticated remote code execution via the angular-base64-upload/demo/server.php endpoint. Exploitation of this vulnerability involves uploading arbitrary file content... | High | CWE-434 |
DOM Clobbering Gadget found in astro's client-side router that leads to XSSA DOM Clobbering gadget has been discoverd in Astro’s client-side router. It can lead to cross-site scripting (XSS) in websites enables Astro’s client-side routing and... | Medium | CWE-79 |
Cross-site scripting (XSS) in the clipboard packageDuring a recent internal audit, we identified a Cross-Site Scripting (XSS) vulnerability in the CKEditor 5 clipboard package. | Medium | CWE-79 |
Cross site scripting in markdown-to-jsxVersions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can... | Medium | CWE-79 |
Matrix JavaScript SDK's key history sharing could share keys to malicious devicesIn matrix-js-sdk versions 9.11.0 through 34.7.0, the method MatrixClient.sendSharedHistoryKeys is vulnerable to interception by malicious homeservers. The method implements functionality proposed in MSC3061 and can... | High | CWE-287 |
Signature Malleabillity in ellipticThe Elliptic package before version 6.5.3 for Node.js allows ECDSA signature malleability via variations in encoding, leading ‘\0’ bytes, or integer overflows. This could conceivably... | High | CWE-190 |
Slim Select has potential Cross-site Scripting issueSlim Select 2.0 versions through 2.9.0 are affected by a potential cross-site scripting vulnerability. In select.ts:createOption(), the text variable from the user-provided Options object is... | Medium | CWE-79 |
secp256k1-node allows private key extraction over ECDHIn elliptic-based version, loadUncompressedPublicKey has a check that the public key is on the curve: https://github.com/cryptocoinjs/secp256k1-node/blob/6d3474b81d073cc9c8cc8cfadb580c84f8df5248/lib/elliptic.js#L37-L39 | High | CWE-354 |
Denial of service in http-proxy-middlewareVersions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are vulnerable to Denial of Service (DoS) due to an UnhandledPromiseRejection error thrown... | High | CWE-400 |
Prototype pollution vulnerability found in Mermaid's bundled version of DOMPurifyThe following bundled files within the Mermaid NPM package contain a bundled version of DOMPurify that is vulnerable to https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674, potentially resulting in an XSS... | High | CWE-1395 |
ReDoS vulnerability in vue package that is exploitable through inefficient regex evaluation in the parseHTML functionThe ReDoS can be exploited through the parseHTML function in the html-parser.ts file. This flaw allows attackers to slow down the application by providing specially... | Low | CWE-1333 |
Knwl.js Regular Expression Denial of Service vulnerabilityKnwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and prior contain one or... | Medium | CWE-1333 |
DOMPurify vulnerable to tampering by prototype polutiondompurify was vulnerable to prototype pollution | High | CWE-1321 |
@langchain/community SQL Injection vulnerabilityA vulnerability in the GraphCypherQAChain class of langchain-ai/langchainjs versions 0.2.5 and all versions with this class allows for prompt injection, leading to SQL injection. | Low | CWE-89 |
Langchain Path Traversal vulnerabilityA path traversal vulnerability exists in the getFullPath method of langchain-ai/langchainjs version 0.2.5. This vulnerability allows attackers to save files anywhere in the filesystem, overwrite... | Medium | CWE-29 |
mapshaper Path Traversal vulnerabilityPath Traversal in GitHub repository mbloch/mapshaper prior to 0.6.44. | Medium | CWE-400 |
XSS in jQuery as used in Drupal, Backdrop CMS, and other productsjQuery from 1.1.4 until 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized... | Medium | CWE-79 |
@workos-inc/authkit-remix refresh tokens are logged when the debug flag is enabledRefresh tokens are logged to the console when the disabled by default debug flag, is enabled. | Low | CWE-532 |
@workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabledRefresh tokens are logged to the console when the disabled by default debug flag, is enabled. | Low | CWE-532 |
happy-dom allows for server side code to be executed by a <script> tagConsumers of the NPM package happy-dom | High | CWE-79 |
Regular expression denial of service in jquery-validation (GHSA-j9m2-h2pv-wvph)An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input... | Low | CWE-1333 |
matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversalmatrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to... | Medium | CWE-22 |
CommonRegexJS Regular Expression Denial of Service vulnerabilityCommonRegexJS is a CommonRegex port for JavaScript. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service... | Medium | CWE-1333 |
Foundation Regular Expression Denial of Service vulnerabilityFoundation is a front-end framework. Versions 6.3.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS).... | Medium | CWE-1333 |
Parse Server's custom object ID allows to acquire role privilegesIf the Parse Server option allowCustomObjectId: true is set, an attacker that is allowed to create a new user can set a custom object ID... | High | CWE-863 |
nuxt Code Injection vulnerabilityhe Nuxt dev server between versions 3.4.0 and 3.4.3 is vulnerable to code injection when it is exposed publicly. | High | CWE-94 |
njwt Prototype Pollution vulnerabilitynjwt up to v0.4.0 was discovered to contain a prototype pollution in the Parser.prototype.parse method. | High | CWE-1321 |
rejetto HFS vulnerable to OS Command Execution by remote authenticated usersrejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have... | High | CWE-78 |
Nuxt vulnerable to remote code execution via the browser when running the test locallyDue to the insufficient validation of the path parameter in the NuxtTestComponentWrapper, an attacker can execute arbitrary JavaScript on the server side, which allows them... | High | CWE-94 |
webcrack has an Arbitrary File Write Vulnerability on Windows when Parsing and Saving a Malicious BundleAn arbitrary file write vulnerability exists in the webcrack module when processing specifically crafted malicious code on Windows systems. This vulnerability is triggered when using... | Medium | CWE-22 |
node-gettext vulnerable to Prototype PollutionAll versions of the package node-gettext are vulnerable to Prototype Pollution via the addTranslations() function in gettext.js due to improper user input sanitization. | High | CWE-1321 |
Firebase JavaScript SDK allows attackers to manipulate the "_authTokenSyncURL" to point to their own serverFirebase JavaScript SDK utilizes a “FIREBASE_DEFAULTS” cookie to store configuration data, including an “_authTokenSyncURL” field used for session synchronization. | Medium | CWE-79 |
@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypassBy combining two vulnerabilities (an Open Redirect and session token sent as URL query parameter) in Strapi framework is its possible of an unauthenticated attacker... | High | CWE-601 |
Open Chinese Convert subject to Denial of Service via Out-of-bounds ReadOpen Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial of service (segmentation fault) because BinaryDict::NewFromFile in BinaryDict.cpp may have out-of-bounds keyOffset and valueOffset... | Medium | CWE-125 |
Cross-site scripting in bootstrap-selectbootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS). It does not escape title values in OPTION elements. This may allow attackers to execute arbitrary JavaScript in... | Medium | CWE-79 |
@sveltejs/kit has unescaped error message included on error pageThe static error.html template for errors contains placeholders that are replaced without escaping the content first. | Low | CWE-79 |
Nunjucks autoescape bypass leads to cross site scriptingIn Nunjucks versions prior to version 3.2.4, it was possible to bypass the restrictions which are provided by the autoescape functionality. If there are two... | Medium | CWE-79 |
@lobehub/chat Server Side Request Forgery vulnerabilitylobe-chat before 1.19.13 has an unauthorized ssrf vulnerability. An attacker can construct malicious requests to cause SSRF without logging in, attack intranet services, and leak... | High | CWE-918 |
vue-i18n has cross-site scripting vulnerability with prototype pollution (GHSA-9r9m-ffp6-9x4v) 2XSS | Medium | CWE-79 |
vue-i18n has cross-site scripting vulnerability with prototype pollution (GHSA-9r9m-ffp6-9x4v) 3XSS | Medium | CWE-79 |
vue-i18n has cross-site scripting vulnerability with prototype pollution (GHSA-9r9m-ffp6-9x4v) 4XSS | Medium | CWE-79 |
vue-i18n has cross-site scripting vulnerability with prototype pollution (GHSA-9r9m-ffp6-9x4v)XSS | Medium | CWE-79 |
vue-i18n has cross-site scripting vulnerability with prototype pollutionXSS | Medium | CWE-79 |
@intlify/shared Prototype Pollution vulnerability (GHSA-hjwq-mjwj-4x6c) 2Vulnerability type: Prototype Pollution | Medium | CWE-1321 |
@intlify/shared Prototype Pollution vulnerability (GHSA-hjwq-mjwj-4x6c) 3Vulnerability type: Prototype Pollution | Medium | CWE-1321 |
@intlify/shared Prototype Pollution vulnerability (GHSA-hjwq-mjwj-4x6c)Vulnerability type: Prototype Pollution | Medium | CWE-1321 |
@intlify/shared Prototype Pollution vulnerabilityVulnerability type: Prototype Pollution | Medium | CWE-1321 |
Modified package published to npm, containing malware that exfiltrates private key materialEarlier today, a publish-access account was compromised for @solana/web3.js, a JavaScript library that is commonly used by Solana dapps. This allowed an attacker to publish... | High | CWE-200 |
Firepad allows insecure document accessFirepad through 1.5.11 allows remote attackers, who have knowledge of a pad ID, to retrieve both the current text of a document and all content... | Low | CWE-200 |
Trix editor subject to XSS vulnerabilities on copy & pasteThe Trix editor, in versions prior to 2.1.9 and 1.3.3, is vulnerable to XSS + mutation XSS attacks when pasting malicious code. | Medium | CWE-79 |
Angular Expressions - Remote Code Execution when using localsAn attacker can write a malicious expression that escapes the sandbox to execute arbitrary code on the system. | High | CWE-94 |
Predictable results in nanoid generation when given non-integer valuesWhen nanoid is called with a fractional value, there were a number of undesirable effects: | Medium | CWE-835 |
fetch(url) leads to a memory leak in undiciCalling fetch(url) and not consuming the incoming body ((or consuming it very slowing) will lead to a memory leak. | Medium | CWE-401 |
Atro CSRF Middleware Bypass (security.checkOrigin)A bug in Astro’s CSRF-protection middleware allows requests to bypass CSRF checks. | Medium | CWE-352 |
Astro's server source code is exposed to the public if sourcemaps are enabledA bug in the build process allows any unauthenticated user to read parts of the server source code. | High | CWE-219 |
Systeminformation has command injection vulnerability in getWindowsIEEE8021x (SSID)The SSID is not sanitized when before it is passed as a parameter to cmd.exe in the getWindowsIEEE8021x function. This means that malicious content in... | High | CWE-94 |
Marp Core allows XSS by improper neutralization of HTML sanitizationMarp Core (@marp-team/marp-core) from v3.0.2 to v3.9.0 and v4.0.0, are vulnerable to cross-site scripting (XSS) due to improper neutralization of HTML sanitization. | Medium | CWE-79 |
Elliptic's verify function omits uniqueness validationThe Elliptic package 6.5.5 for Node.js for EDDSA implementation does not perform the required check if the signature proof(s) is within the bounds of the... | Low | CWE-347 |
Trix allows Cross-site Scripting via `javascript:` url in a linkThe Trix editor, versions prior to 2.1.11, is vulnerable to XSS when pasting malicious code in the link field. | Medium | CWE-79 |
crypto-js uses insecure random numbersThe crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string “0.” with an integer, which makes the output more predictable than... | Medium | CWE-331 |
Double spend in snarkjsiden3 snarkjs through 0.6.11 allows double spending because there is no validation that the publicSignals length is less than the field modulus. | High | CWE-862 |
Use of Insufficiently Random Values in undiciUndici fetch() uses Math.random() to choose the boundary for a multipart/form-data request. It is known that the output of Math.random() can be predicted if several... | Medium | CWE-330 |
@sveltejs/kit vulnerable to XSS on dev mode 404 page“Unsanitized input from the request URL flows into end, where it is used to render an HTML page returned to the user. This may result... | Low | CWE-79 |
Cross Site Scripting vulnerability in store2Cross Site Scripting vulnerability in nbubna store v.2.14.2 and before allows a remote attacker to execute arbitrary code via the store.deep.js component | Medium | CWE-79 |
Opening a malicious website while running a Nuxt dev server could allow read-only access to code (GHSA-2452-6xj8-jh47)Nuxt allows any websites to send any requests to the development server and read the response due to default CORS settings. | Medium | CWE-200 |
Opening a malicious website while running a Nuxt dev server could allow read-only access to code (GHSA-4gf7-ff8x-hq99)Source code may be stolen during dev when using webpack / rspack builder and you open a malicious web site. | Medium | CWE-749 |
Opening a malicious website while running a Nuxt dev server could allow read-only access to codeSource code may be stolen during dev when using webpack / rspack builder and you open a malicious web site. | Medium | CWE-749 |
Potential DoS when using ContextLines integration (GHSA-r5w7-f542-q2j4) 10The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing... | Low | CWE-774 |
Potential DoS when using ContextLines integration (GHSA-r5w7-f542-q2j4) 2The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing... | Low | CWE-774 |
Potential DoS when using ContextLines integration (GHSA-r5w7-f542-q2j4) 3The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing... | Low | CWE-774 |
Potential DoS when using ContextLines integration (GHSA-r5w7-f542-q2j4) 4The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing... | Low | CWE-774 |
Potential DoS when using ContextLines integration (GHSA-r5w7-f542-q2j4) 5The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing... | Low | CWE-774 |
Potential DoS when using ContextLines integration (GHSA-r5w7-f542-q2j4) 6The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing... | Low | CWE-774 |
Potential DoS when using ContextLines integration (GHSA-r5w7-f542-q2j4) 7The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing... | Low | CWE-774 |
Potential DoS when using ContextLines integration (GHSA-r5w7-f542-q2j4) 8The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing... | Low | CWE-774 |
Potential DoS when using ContextLines integration (GHSA-r5w7-f542-q2j4) 9The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing... | Low | CWE-774 |
Potential DoS when using ContextLines integration (GHSA-r5w7-f542-q2j4)The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing... | Low | CWE-774 |
Potential DoS when using ContextLines integrationThe ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing... | Low | CWE-774 |
snowflake-sdk may incorrectly validate temporary credential cache file permissionsSnowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker... | Medium | CWE-281 |
Remote Code Execution on click of <a> Link in markdown previewThere is a vulnerability in Joplin-desktop that leads to remote code execution (RCE) when a user clicks on an <a> link within untrusted notes. The... | High | CWE-94 |
Potential XSS vulnerability in jQuery (GHSA-gxr4-xjj5-5px2)Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery’s DOM manipulation methods (i.e. .html(), .append(), and others) may execute... | Medium | CWE-79 |
Potential XSS vulnerability in jQueryPassing HTML containing <option> elements from untrusted sources - even after sanitizing them - to one of jQuery’s DOM manipulation methods (i.e. .html(), .append(), and... | Medium | CWE-79 |
files.photo.gallery command injectionA command injection vulnerability in the video thumbnail rendering component of files.photo.gallery v0.3.0 through 0.11.0 allows remote attackers to execute arbitrary code via a crafted... | Medium | CWE-77 |
JSONPath Plus Remote Code Execution (RCE) VulnerabilityVersions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code... | High | CWE-94 |
Parsed HTML anchor links in Markdown provided to parseMarkdown can result in XSS in @nuxtjs/mdcAn unsafe parsing logic of the URL from markdown can lead to arbitrary JavaScript code due to a bypass to the existing guards around the... | High | CWE-79 |
vxe-table prototype pollutionA prototype pollution in the lib.install function of vxe-table v4.8.10 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. | High | CWE-1321 |
Websites were able to send any requests to the development server and read the response in viteVite allowed any websites to send any requests to the development server and read the response due to default CORS settings and lack of validation... | Medium | CWE-350 |
Unknown vulnerability in Coinbase Wallet SDKThere is a security vulnerability in outdated versions of Coinbase Wallet SDK. This does not directly affect users’ keys, smart contracts, or funds. | High | |
Regular Expression Denial of Service (ReDoS)A vulnerability was found in diff before v3.5.0, the affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks. | High | CWE-400 |
axios Inefficient Regular Expression Complexity vulnerabilityaxios before v0.21.2 is vulnerable to Inefficient Regular Expression Complexity. | High | CWE-400 |
Exposure of sensitive information in follow-redirectsfollow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor | High | CWE-359 |
Improper Verification of Cryptographic Signature in node-forge (GHSA-cfm4-qjh2-4765)RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and... | High | CWE-347 |
Regular Expression Denial of Service in jsoneditorJSON Editor is a web-based tool to view, edit, format, and validate JSON. It has various modes such as a tree editor, a code editor,... | Medium | CWE-697 |
Improper Verification of Cryptographic Signature in node-forgeRSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a DigestInfo ASN.1 structure. This can allow padding bytes to... | High | CWE-347 |
Deserialization of Untrusted Data in bsonAll versions of bson before 1.1.4 are vulnerable to Deserialization of Untrusted Data. The package will ignore an unknown value for an object’s _bsontype, leading... | High | CWE-502 |
Prototype Pollution in node-forgeThe package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: version 0.10.0 is a breaking change removing the vulnerable functions.... | High | CWE-915 |
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipelineUndici cleared Authorization and Proxy-Authorization headers for fetch(), but did not clear them for undici.request(). | Low | CWE-863 |
Vega allows Cross-site Scripting via the vlSelectionTuples function (GHSA-mp7w-mhcv-673j)The vlSelectionTuples function can be used to call JavaScript functions, leading to XSS. | Medium | CWE-79 |
Vega allows Cross-site Scripting via the vlSelectionTuples functionThe vlSelectionTuples function can be used to call JavaScript functions, leading to XSS. | Medium | CWE-79 |
@octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic BacktrackingBy crafting specific options parameters, the endpoint.parse(options) call can be triggered, leading to a regular expression denial-of-service (ReDoS) attack. This causes the program to hang... | Medium | CWE-1333 |
@octokit/request-error has a Regular Expression in index that Leads to ReDoS Vulnerability Due to Catastrophic BacktrackA Regular Expression Denial of Service (ReDoS) vulnerability exists in the processing of HTTP request headers. By sending an authorization header containing an excessively long... | Medium | CWE-1333 |
Insecure Direct Object Reference (IDOR)IDOR occurs when an application provides direct access to objects based on user input without proper authorization checks. This vulnerability allows attackers to manipulate object... | High | CWE-639 |
smartbanner.js rel noopener vulnerabilityNo description available. | Low | CWE-79 |
@octokit/plugin-paginate-rest has a Regular Expression in iterator Leads to ReDoS Vulnerability Due to Catastrophic BackFor the npm package @octokit/plugin-paginate-rest, when calling octokit.paginate.iterator(), a specially crafted octokit instance—particularly with a malicious link parameter in the headers section of the request—can... | Medium | CWE-1333 |
@octokit/request has a Regular Expression in fetchWrapper that Leads to ReDoS Vulnerability Due to Catastrophic BacktracThe regular expression /<([^>]+)>; rel="deprecation"/ used to match the link header in HTTP responses is vulnerable to a ReDoS (Regular Expression Denial of Service) attack.... | Medium | CWE-1333 |
JSONPath Plus allows Remote Code ExecutionVersions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code... | High | CWE-94 |
DocsGPT Allows Remote Code ExecutionA vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an... | High | CWE-77 |
@rpldy/uploader prototype pollutionA prototype pollution in the lib.createUploader function of @rpldy/uploader v1.8.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. | High | CWE-1321 |
Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string)Private key can be extracted from ECDSA signature upon signing a malformed input (e.g. a string or a number), which could e.g. come from JSON... | High | CWE-200 |
tarteaucitron Cross-site Scripting (XSS)Versions of the package tarteaucitronjs before 1.17.0 are vulnerable to Cross-site Scripting (XSS) via the getElemWidth() and getElemHeight(). This is related to SNYK-JS-TARTEAUCITRONJS-8366541 | Low | CWE-79 |
Solid Lacks Escaping of HTML in JSX Fragments allows for Cross-Site Scripting (XSS)Inserts/JSX expressions inside illegal inlined JSX fragments lacked escaping, allowing user input to be rendered as HTML when put directly inside JSX fragments. | High | CWE-79 |
Matrix IRC Bridge allows IRC command injection to own puppeted userThe matrix-appservice-irc bridge up to version 3.0.3 contains a vulnerability which can lead to arbitrary IRC command execution as the puppeted user. The attacker can... | Low | CWE-88 |
MongoDB Shell may be susceptible to Control Character Injection via autocompleteThe MongoDB Shell may be susceptible to control character injection where an attacker with control of the mongosh autocomplete feature, can use the autocompletion feature... | High | CWE-74 |
MongoDB Shell may be susceptible to control character injection via pastingThe MongoDB Shell may be susceptible to control character injection where an attacker with control of the user’s clipboard could manipulate them to paste text... | Medium | CWE-150 |
MongoDB Shell may be susceptible to control character Injection via shell outputThe MongoDB Shell may be susceptible to control character injection where an attacker with control over the database cluster contents can inject control characters into... | Low | CWE-150 |
mongosh vulnerable to local privilege escalationmongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user’s system with elevated privilege, when a crafted... | High | CWE-426 |
ejson shell parser in MongoDB Compass maybe bypassedMongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass’ connection handling.... | High | CWE-94 |
mavo DOM Clobbering vulnerabilityA DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element. | Medium | CWE-79 |
seajs Cross-site Scripting vulnerabilityCross Site Scripting vulnerability in seajs v.2.2.3 allows a remote attacker to execute arbitrary code via the seajs package | Low | CWE-79 |
Manifest Uses a One-Way Hash without a SaltManifest employs a weak password hashing implementation that uses SHA3 without a salt. This exposes user passwords to a higher risk of being cracked if... | Medium | CWE-759 |
Vue I18n Allows Prototype Pollution in `handleFlatJson` (GHSA-p2ph-7g93-hw3m) 2Vulnerability type:Prototype Pollution | High | CWE-1321 |
Vue I18n Allows Prototype Pollution in `handleFlatJson` (GHSA-p2ph-7g93-hw3m) 3Vulnerability type:Prototype Pollution | High | CWE-1321 |
Vue I18n Allows Prototype Pollution in `handleFlatJson` (GHSA-p2ph-7g93-hw3m) 4Vulnerability type:Prototype Pollution | High | CWE-1321 |
Vue I18n Allows Prototype Pollution in `handleFlatJson` (GHSA-p2ph-7g93-hw3m) 5Vulnerability type:Prototype Pollution | High | CWE-1321 |
Vue I18n Allows Prototype Pollution in `handleFlatJson` (GHSA-p2ph-7g93-hw3m)Vulnerability type:Prototype Pollution | High | CWE-1321 |
Vue I18n Allows Prototype Pollution in `handleFlatJson`Vulnerability type:Prototype Pollution | High | CWE-1321 |
Froala Editor Cross-site Scripting vulnerabilityFroala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability. | Medium | CWE-79 |
Froala WYSIWYG editor allows cross-site scripting (XSS)Inconsistent tag parsing allows for XSS in Froala WYSIWYG editor 4.3.0 and earlier. | Medium | CWE-79 |
MailDev Remote Code ExecutionMailDev 2 through 2.1.0 allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the... | High | CWE-352 |
JS Html Sanitizer allows XSS when used with contentEditableXSS vulnerability when the sanitizer is used with a contentEditable element to set the elements innerHTML to a sanitized string produced by the package. If... | Medium | CWE-79 |
jsPDF Bypass Regular Expression Denial of Service (ReDoS)User control of the first argument of the addImage method results in CPU utilization and denial of service. | High | CWE-770 |
Nuxt allows DOS via cache poisoning with payload rendering responseBy sending a crafted HTTP request to a server behind an CDN, it is possible in some circumstances to poison the CDN cache and highly... | High | CWE-349 |
Parse Server has an OAuth login vulnerabilityThe 3rd party authentication handling of Parse Server allows the authentication credentials of some specific authentication providers to be used across multiple Parse Server apps.... | Medium | CWE-287 |
GetmeUK ContentTools Cross-Site Scripting (XSS)A vulnerability was found in GetmeUK ContentTools up to 1.6.16. It has been rated as problematic. Affected by this issue is some unknown functionality of... | Medium | CWE-79 |
Vite bypasses server.fs.deny when using ?raw??The contents of arbitrary files can be returned to the browser. | Medium | CWE-284 |
create-choo-app3 is vulnerable to Command Injection via the devInstall functionAll versions of the package create-choo-app3 are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization. | High | CWE-78 |
@mozilla/readability Denial of Service through RegexSpecially crafted titles may have caused a regular expression to excessively backtrack and cause a local denial of service. | Low | CWE-1333 |
Vega vulnerable to Cross-site Scripting via RegExp.prototype[@@replace] (GHSA-963h-3v39-3pqf)Users running Vega/Vega-lite JSON definitions could run unexpected JavaScript code when drawing graphs, unless the library is used with the vega-interpreter. | Medium | CWE-87 |
Vega vulnerable to Cross-site Scripting via RegExp.prototype[@@replace]Users running Vega/Vega-lite JSON definitions could run unexpected JavaScript code when drawing graphs, unless the library is used with the vega-interpreter. | Medium | CWE-87 |
axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URLA previously reported issue in axios demonstrated that using protocol-relative URLs could lead to SSRF (Server-Side Request Forgery).Reference: axios/axios#6463 | High | CWE-918 |
Redoc Prototype Pollution via `Module.mergeObjects` ComponentA prototype pollution in the component Module.mergeObjects (redoc/bundles/redoc.lib.js:2) of redoc <= 2.2.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted... | High | CWE-1321 |
gifplayer XSS vulnerabilityXSS vulnerability. All versions under 0.3.7 are impacted | Medium | CWE-79 |
Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` queryThe contents of arbitrary files can be returned to the browser. | Medium | CWE-284 |
Remix and React Router allow URL manipulation via Host / X-Forwarded-Host headersWe received a report about a vulnerability in Remix/React Router that affects all Remix 2 and React Router 7 consumers using the Express adapter. | High | CWE-444 |
Command Injection in create-choo-electronAll versions of the package create-choo-electron are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization. | High | CWE-78 |
MathLive's Lack of Escaping of HTML allows for XSSDespite normal text rendering as LaTeX expressions, preventing XSS, the library also provides users with commands which may modify HTML, such as the \htmlData command,... | Medium | CWE-79 |
bigint-buffer Vulnerable to Buffer Overflow via toBigIntLE() FunctionVersions of the package bigint-buffer from 0.0.0 to 1.1.5 are vulnerable to Buffer Overflow in the toBigIntLE() function. Attackers can exploit this to crash the... | High | CWE-120 |
tarteaucitron.js allows UI manipulation via unrestricted CSS injectionA vulnerability was identified in tarteaucitron.js, where user-controlled inputs for element dimensions (width and height) were not properly validated. | Medium | CWE-1021 |
tarteaucitron.js allows prototype pollution via custom text injectionA vulnerability was identified in tarteaucitron.js, where the addOrUpdate function, used for applying custom texts, did not properly validate input. | Medium | CWE-1321 |
tarteaucitron.js allows url scheme injection via unfiltered inputsA vulnerability was identified in tarteaucitron.js, allowing a user with high privileges (access to the site’s source code or a CMS plugin) to enter a... | Medium | CWE-79 |
node-opcua-alarm-condition prototype pollution vulnerabilityA prototype pollution in the function fieldsToJson of node-opcua-alarm-condition v2.134.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. | High | CWE-1321 |
Vite has an `server.fs.deny` bypass with an invalid `request-target`The contents of arbitrary files can be returned to the browser if the dev server is running on Node or Bun. | Medium | CWE-200 |
Vega Cross-Site Scripting (XSS) via event filter when not using CSP mode expressionInterpeter (GHSA-rcw3-wmx7-cphr)In vega 5.30.0 and lower, vega-functions 5.15.0 and lower , it was possible to call JavaScript functions from the Vega expression language that were not... | Medium | CWE-79 |
Vega Cross-Site Scripting (XSS) via event filter when not using CSP mode expressionInterpeterIn vega 5.30.0 and lower, vega-functions 5.15.0 and lower , it was possible to call JavaScript functions from the Vega expression language that were not... | Medium | CWE-79 |
Server-Side Request ForgeryServer-Side Request Forgery (SSRF) is a vulnerability where an attacker manipulates a server to make unintended requests to internal or external resources. SSRF can be... | High | CWE-918 |
Cross-site Scripting in jquery-uiCross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML... | Medium | CWE-79 |
Bootstrap Cross-Site Scripting (XSS) vulnerabilityA vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the... | Medium | CWE-79 |
cookie accepts cookie name, path, and domain with out of bounds charactersThe cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. For example, serialize("userName=<script>alert('XSS3')</script>; Max-Age=2592000; a", value)... | Low | CWE-74 |
jquery-validation vulnerable to Cross-site ScriptingVersions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting (XSS) in the showLabel() function, which may take input from a user-controlled placeholder... | Medium | CWE-79 |
@sveltejs/kit vulnerable to Cross-site Scripting via tracked search_paramsUnsanitized search param names cause XSS vulnerability. You are affected if you iterate over all entries of event.url.searchParams inside a server load function. Attackers can... | Medium | CWE-79 |
Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups (GHSA-968p-4wvh-cqc8) 2When using Babel to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some... | Medium | CWE-1333 |
Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups (GHSA-968p-4wvh-cqc8) 3When using Babel to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some... | Medium | CWE-1333 |
Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups (GHSA-968p-4wvh-cqc8)When using Babel to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some... | Medium | CWE-1333 |
Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groupsWhen using Babel to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some... | Medium | CWE-1333 |
lite-server vulnerable to Denial of ServiceAll versions of package lite-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the... | High | CWE-400 |
QMarkdown Cross-Site Scripting (XSS) vulnerabilityQMarkdown (aka quasar-ui-qmarkdown) before 2.0.5 allows XSS via headers even when when no-html is set. | Medium | CWE-79 |
Compromised xrpl.js versions 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2Versions 4.2.1, 4.2.2, 4.2.3, and 4.2.4 of xrpl.js were compromised and contained malicious code designed to exfiltrate private keys. If you are using one of... | High | CWE-506 |
tRPC 11 WebSocket DoS VulnerabilityAn unhandled error is thrown when validating invalid connectionParams which crashes a tRPC WebSocket server. This allows any unauthenticated user to crash a tRPC 11... | High | CWE-460 |
PDF.js vulnerable to arbitrary JavaScript execution upon opening a malicious PDFIf pdf.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true (which is the default value), unrestricted attacker-controlled... | High | CWE-754 |
Pug allows JavaScript code execution if an application accepts untrusted inputPug through 3.0.2 allows JavaScript code execution if an application accepts untrusted input for the name option of the compileClient, compileFileClient, or compileClientWithDependenciesTracked function. NOTE:... | Medium | CWE-94 |
http-proxy-middleware can call writeBody twice because "else if" is not usedIn http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because “else if” is not used. | Medium | CWE-670 |
http-proxy-middleware allows fixRequestBody to proceed even if bodyParser has failedIn http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed. | Medium | CWE-754 |
NodeJS Driver for Snowflake has race condition when checking access to Easy Logging configuration fileSnowflake discovered and remediated a vulnerability in the NodeJS Driver for Snowflake (“Driver”). | Low | CWE-367 |
qs vulnerable to Prototype Pollutionqs before 6.10.3 allows attackers to cause a Node process hang because an __ proto__ key can be used. In many typical web framework use... | High | CWE-1321 |
Auth0 NextJS SDK v4 Missing Session InvalidationAuth0 NextJS v4.0.1 to v4.5.0 does not invoke .setExpirationTime when generating a JWE token for the session. As a result, the JWE does not contain... | Medium | CWE-613 |
Vite allows server.fs.deny to be bypassed with .svg or relative pathsThe contents of arbitrary files can be returned to the browser. | Medium | CWE-284 |
Prototype pollution in 101Prototype pollution vulnerability in ‘101’ versions 1.0.0 through 1.6.3 allows an attacker to cause a denial of service and may lead to remote code execution.... | High | CWE-1321 |
Vite's server.fs.deny bypassed with /. for files under project rootThe contents of files in the project root that are denied by a file matching pattern can be returned to the browser. | Medium | CWE-22 |
Trix vulnerable to Cross-site Scripting on copy & pasteThe Trix editor, in versions prior to 2.1.15, is vulnerable to XSS attacks when pasting malicious code. | Low | CWE-79 |
nuxt vulnerable to Cross-site Scripting in navigateTo if used after SSRThe navigateTo function attempts to blockthe javascript: protocol, but does not correctly use API’s provided by unjs/ufo. This library also contains parsing discrepancies. | Medium | CWE-83 |
undici Denial of Service attack via bad certificate dataApplications that use undici to implement a webhook-like system are vulnerable. If the attacker set up a server with an invalid certificate, and they can... | Low | CWE-401 |
Vulnerable WordPress VersionThe WordPress version used is outdated and has security flaws. Vulnerabilities in older versions could be exploited by attackers to compromise the website, leading to... | High | |
OpenPGP.js's message signature verification can be spoofedA maliciously modified message can be passed to either openpgp.verify or openpgp.decrypt, causing these functions to return a valid signature verification result while returning data... | High | CWE-347 |
Marked allows Regular Expression Denial of Service (ReDoS) attacksMarked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to catastrophic backtracking in several regular expressions used... | Medium | CWE-1333 |
Remote code execution via the `pretty` option.If a remote attacker was able to control the pretty option of the pug compiler, e.g. if you spread a user provided object such as... | Medium | CWE-94 |
Strapi allows Server-Side Request Forgery in Webhook functionIn Strapi latest version, at function Settings -> Webhooks, the application allows us to input a URL in order to create a Webook connection. However,... | Medium | CWE-918 |
webpack-dev-server users' source code may be stolen when they access a malicious web siteSource code may be stolen when you access a malicious web site. | Medium | CWE-749 |
webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browseSource code may be stolen when you access a malicious web site with non-Chromium based browser. | Medium | CWE-346 |
NextJS-Auth0 SDK Vulnerable to CDN Caching of Session CookiesOverviewIn Auth0 Next.js SDK versions 4.0.1 to 4.6.0, __session cookies set by auth0.middleware may be cached by CDNs due to missing Cache-Control headers. | High | CWE-525 |
Cross-site Scripting (XSS) in serialize-javascriptA flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript... | Medium | CWE-79 |
Regular Expression Denial of Service in papaparseVersions of papaparse prior to 5.2.0 are vulnerable to Regular Expression Denial of Service (ReDos). The parse function contains a malformed regular expression that takes... | High | CWE-185 |
pg-promise SQL Injection vulnerabilitypg-promise before 11.5.5 is vulnerable to SQL Injection due to improper handling of negative numbers. | Medium | CWE-89 |
Passbolt Browser Extension leaks password informationAn issue was discovered in Passbolt Browser Extension before 4.6.2. It can send multiple requests to HaveIBeenPwned while a password is being typed, which results... | Medium | CWE-200 |
OpenList (frontend) allows XSS Attacks in the built-in Markdown ViewerXSS via .py file containing script tag interpreted as HTML | Medium | CWE-79 |
Valid ECDSA signatures erroneously rejected in EllipticThe Elliptic prior to 6.6.0 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four... | Low | CWE-347 |
PrismJS DOM Clobbering vulnerabilityPrism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript... | Medium | CWE-94 |
DOMPurify allows Cross-site Scripting (XSS)DOMPurify before 3.2.4 has an incorrect template literal regular expression when SAFE_FOR_TEMPLATES is set to true, sometimes leading to mutation cross-site scripting (mXSS). | Medium | CWE-79 |
tiny-secp256k1 vulnerable to private key extraction when signing a malicious JSON-stringifyable message in bundled envirPrivate key can be extracted on signing a malicious JSON-stringifiable object, when global Buffer is buffer package | High | CWE-522 |
tiny-secp256k1 allows for verify() bypass when running in bundled environmentA malicious JSON-stringifyable message can be made passing on verify(), when global Buffer is buffer package | High | CWE-347 |
react-native-keys insecurely stores encryption cipher and Base64 chunksreact-native-keys 0.7.11 is vulnerable to sensitive information disclosure (remote) as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers... | High | CWE-312 |
tarteaucitron.js vulnerable to DOM Clobbering via document.currentScriptA vulnerability was identified in tarteaucitron.js where document.currentScript was accessed without verifying that it referenced an actual <script> element. If an attacker injected an HTML... | Medium | CWE-138 |
Parse Server exposes the data schema via GraphQL APIThe Parse Server GraphQL API previously allowed public access to the GraphQL schema without requiring a session token or the master key. While schema introspection... | Medium | CWE-497 |
@pdfme/common vulnerable to to XSS and Prototype Pollution through its expression evaluationThe expression evaluation feature in pdfme 5.2.0 to 5.4.0 contains critical vulnerabilities allowing sandbox escape leading to XSS and prototype pollution attacks. | Medium | CWE-79 |
chromedriver Downloads Resources over HTTPAffected versions of chromedriver insecurely download resources over HTTP. | High | CWE-311 |
Better Call routing bug can lead to Cache DeceptionUsing a CDN that caches (/**/*.png, /**/*.json, /**/*.css, etc…) requests, a cache deception can emerge. This could lead to unauthorized access to user sessions and... | Medium | CWE-525 |
vue-i18n's escapeParameterHtml does not prevent DOM-based XSS through its tag attributes (GHSA-x8qp-wqqm-57ph) 2The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, this setting fails to prevent execution... | Medium | CWE-79 |
vue-i18n's escapeParameterHtml does not prevent DOM-based XSS through its tag attributes (GHSA-x8qp-wqqm-57ph) 3The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, this setting fails to prevent execution... | Medium | CWE-79 |
vue-i18n's escapeParameterHtml does not prevent DOM-based XSS through its tag attributes (GHSA-x8qp-wqqm-57ph) 4The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, this setting fails to prevent execution... | Medium | CWE-79 |
vue-i18n's escapeParameterHtml does not prevent DOM-based XSS through its tag attributes (GHSA-x8qp-wqqm-57ph)The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, this setting fails to prevent execution... | Medium | CWE-79 |
vue-i18n's escapeParameterHtml does not prevent DOM-based XSS through its tag attributesThe escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, this setting fails to prevent execution... | Medium | CWE-79 |
Nuxt MDC has an XSS vulnerability in markdown rendering that bypasses HTML filteringA remote script-inclusion / stored XSS vulnerability in @nuxtjs/mdc lets a Markdown author inject a <base href="https://attacker.tld"> element. | High | CWE-79 |
jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text labelInitializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. If you call .checkboxradio(... | Medium | CWE-79 |
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability (GHSA-m5vv-6r4h-3vj9)Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability. | Medium | CWE-362 |
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege VulnerabilityAzure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability. | Medium | CWE-362 |
Firebase vulnerable to CRSF attackThis vulnerability was a potential CSRF attack. When running the Firebase emulator suite, there is an export endpoint that is used normally to export data from... | Low | CWE-352 |
Bun has an Application-level Prototype Pollution vulnerability in the runtime native API for GloVersions of the package bun before 1.1.30 are vulnerable to Prototype Pollution due to improper input sanitization. An attacker can exploit this vulnerability through Bun’s... | Medium | CWE-1321 |
Linkify Allows Prototype Pollution & HTML Attribute Injection (XSS)Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’) vulnerability in Linkify (linkifyjs) allows XSS Targeting HTML Attributes and Manipulating User-Controlled Variables.This issue affects Linkify:... | High | CWE-1321 |
billboard.js allows prototype pollution via the function generatebillboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a... | High | CWE-1321 |
Sensitive Data DisclosureSensitive data disclosure occurs when confidential information such as API tokens, access keys, secrets, or credentials are exposed in publicly accessible content. This can happen... | Medium | CWE-798 |
Vulnerable Apache VersionThe Apache HTTP Server version used is outdated and has security flaws. Vulnerabilities in older versions could be exploited by attackers to compromise the server,... | Medium | |
Vulnerable OpenSSL VersionThe OpenSSL version used is outdated and has security flaws. Vulnerabilities in older versions could be exploited by attackers to compromise the server, leading to... | Medium | |
Vulnerable PHP VersionThe PHP version used is outdated and has security flaws. Vulnerabilities in older versions could be exploited by attackers to compromise the server, leading to... | Medium | |
webfinger.js Blind SSRF VulnerabilityThe lookup function takes a user address for checking accounts as a feature, however, as perthe ActivityPub spec (https://www.w3.org/TR/activitypub/#security-considerations), on thesecurity considerations section at B.3,... | Medium | CWE-918 |
IPX Allows Path Traversal via Prefix Matching BypassThe approach used to check whether a path is within allowed directories is vulnerable to path prefix bypass when the allowed directories do not end... | Medium | CWE-22 |
js-toml Prototype Pollution VulnerabilityA prototype pollution vulnerability in js-toml allows a remote attacker to add or modify properties of the global Object.prototype by parsing a maliciously crafted TOML... | High | CWE-1321 |
The Thinbus Javascript Secure Remote Password (SRP) Client Generates Fewer Bits of Entropy Than IntendedA protocol compliance bug in thinbus-srp-npm versions prior to 2.0.1 causes the client to generate a fixed 252 bits of entropy instead of the intended... | Medium | CWE-331 |
Astros's duplicate trailing slash feature leads to an open redirection security issueThere is an Open Redirection vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users... | Medium | CWE-601 |
The AuthKit React Router Library rendered sensitive auth data in HTMLIn versions before 0.7.0, @workos-inc/authkit-react-router exposed sensitive authentication artifacts — specifically sealedSession and accessToken by returning them from the authkitLoader. This caused them to be... | High | CWE-200 |
HFS user adding a "web link" in HFS is vulnerable to "target=_blank" exploitWhen adding a “web link” to the HFS virtual filesystem, the frontend opens it with target="_blank" but without the rel="noopener noreferrer" attribute. This allows the... | Low | CWE-1022 |
Prototype Pollution in lodash (GHSA-4xc9-xhrj-v574)Versions of lodash before 4.17.11 are vulnerable to prototype pollution. | High | CWE-400 |
Prototype Pollution in lodashVersions of lodash before 4.17.5 are vulnerable to prototype pollution. | Medium | CWE-471 |
Prototype Pollution in lodash (GHSA-jf85-cpcp-j695) 2Versions of lodash before 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep allows a malicious user to modify the prototype of Object via {constructor:... | High | CWE-20 |
Prototype Pollution in lodash (GHSA-jf85-cpcp-j695) 3Versions of lodash before 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep allows a malicious user to modify the prototype of Object via {constructor:... | High | CWE-20 |
Prototype Pollution in lodash (GHSA-jf85-cpcp-j695) 4Versions of lodash before 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep allows a malicious user to modify the prototype of Object via {constructor:... | High | CWE-20 |
Prototype Pollution in lodash (GHSA-jf85-cpcp-j695)Versions of lodash before 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep allows a malicious user to modify the prototype of Object via {constructor:... | High | CWE-20 |
Prototype Pollution in lodash (GHSA-p6mc-m468-83gw) 2Versions of lodash prior to 4.17.19 are vulnerable to Prototype Pollution. The functions pick, set, setWith, update, updateWith, and zipObjectDeep allow a malicious user to... | High | CWE-770 |
Prototype Pollution in lodash (GHSA-p6mc-m468-83gw) 3Versions of lodash prior to 4.17.19 are vulnerable to Prototype Pollution. The functions pick, set, setWith, update, updateWith, and zipObjectDeep allow a malicious user to... | High | CWE-770 |
Prototype Pollution in lodash (GHSA-p6mc-m468-83gw) 4Versions of lodash prior to 4.17.19 are vulnerable to Prototype Pollution. The functions pick, set, setWith, update, updateWith, and zipObjectDeep allow a malicious user to... | High | CWE-770 |
Prototype Pollution in lodash (GHSA-p6mc-m468-83gw) 5Versions of lodash prior to 4.17.19 are vulnerable to Prototype Pollution. The functions pick, set, setWith, update, updateWith, and zipObjectDeep allow a malicious user to... | High | CWE-770 |
Prototype Pollution in lodash (GHSA-p6mc-m468-83gw)Versions of lodash prior to 4.17.19 are vulnerable to Prototype Pollution. The functions pick, set, setWith, update, updateWith, and zipObjectDeep allow a malicious user to... | High | CWE-770 |
Command Injection in lodash (GHSA-35jh-r3h4-6jhm)lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. | High | CWE-94 |
Command Injection in lodashlodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. | High | CWE-94 |
Prototype Pollution in jquery-deparamImproperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’) in jquery-deparam allows a malicious user to inject properties into Object.prototype. | High | CWE-1321 |
@astrojs/node's trailing slash handling causes open redirect issueFollowing https://github.com/withastro/astro/security/advisories/GHSA-cq8c-xv66-36gw, there’s still an Open Redirect vulnerability in a subset of Astro deployment scenarios. | Medium | CWE-601 |
Astro allows unauthorized third-party images in _image endpoint (GHSA-xf8x-j4p2-f749)In affected versions of astro, the image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized third-party domains to be served. | Medium | CWE-79 |
Astro allows unauthorized third-party images in _image endpointIn affected versions of astro, the image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized third-party domains to be served. | Medium | CWE-79 |
Mermaid does not properly sanitize architecture diagram iconText leading to XSSIn the default configuration of mermaid 11.9.0, user supplied input for architecture diagram icons is passed to the d3 html() method, creating a sink for... | Medium | CWE-79 |
x402 SDK vulnerable in outdated versions in resource servers for builders (GHSA-3j63-5h8p-gf7c) 2There is a security vulnerability in outdated versions of the x402 SDK. This does not directly affect users’ keys, smart contracts, or funds. | High | |
x402 SDK vulnerable in outdated versions in resource servers for builders (GHSA-3j63-5h8p-gf7c) 3There is a security vulnerability in outdated versions of the x402 SDK. This does not directly affect users’ keys, smart contracts, or funds. | High | |
x402 SDK vulnerable in outdated versions in resource servers for builders (GHSA-3j63-5h8p-gf7c)There is a security vulnerability in outdated versions of the x402 SDK. This does not directly affect users’ keys, smart contracts, or funds. | High | |
x402 SDK vulnerable in outdated versions in resource servers for buildersThere is a security vulnerability in outdated versions of the x402 SDK. This does not directly affect users’ keys, smart contracts, or funds. | High | |
devalue prototype pollution vulnerabilityA string passed to devalue.parse could represent an object with a __proto__ property, which would assign a prototype to an object while allowing properties to... | High | CWE-1321 |
Volto affected by possible DoS by invoking specific URL by anonymous userWhen visiting a specific URL, an anonymous user could cause the NodeJS server part of Volto to quit with an error. | High | CWE-755 |
Payload does not invalidate JWTs after log out (GHSA-5v66-m237-hwf7) 2Payload uses JSON Web Tokens (JWT) for authentication. After log out JWT is not invalidated, which allows an attacker who has stolen or intercepted token... | Medium | CWE-613 |
Payload does not invalidate JWTs after log out (GHSA-5v66-m237-hwf7)Payload uses JSON Web Tokens (JWT) for authentication. After log out JWT is not invalidated, which allows an attacker who has stolen or intercepted token... | Medium | CWE-613 |
Payload does not invalidate JWTs after log outPayload uses JSON Web Tokens (JWT) for authentication. After log out JWT is not invalidated, which allows an attacker who has stolen or intercepted token... | Medium | CWE-613 |
Payload's SQLite adapter Session Fixation vulnerability (GHSA-26rv-h2hf-3fw4) 2A Session Fixation vulnerability existed in Payload’s SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save... | Medium | CWE-384 |
Payload's SQLite adapter Session Fixation vulnerability (GHSA-26rv-h2hf-3fw4)A Session Fixation vulnerability existed in Payload’s SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save... | Medium | CWE-384 |
Payload's SQLite adapter Session Fixation vulnerabilityA Session Fixation vulnerability existed in Payload’s SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save... | Medium | CWE-384 |
Spoofing attack in swagger-uiSwagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could... | Medium | CWE-922 |
Denial of Service in jqueryAffected versions of jquery use a lowercasing logic on attribute names. When given a boolean attribute with a name that contains uppercase characters, jquery enters... | High | CWE-674 |
parse-uri Regular expression Denial of Service (ReDoS)An issue in parse-uri v1.0.9 allows attackers to cause a Regular expression Denial of Service (ReDoS) via a crafted URL. ## PoC | Medium | CWE-185 |
useragent Regular Expression Denial of Service vulnerabilityUseragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to... | Medium | CWE-1333 |
Mermaid improperly sanitizes sequence diagram labels leading to XSSIn the default configuration of mermaid 11.9.0, user supplied input for sequence diagram labels is passed to innerHTML during calculation of element size, causing XSS.... | Medium | CWE-79 |
CKEditor 5 cross-site scripting (XSS) vulnerability in the clipboard packageA Cross-Site Scripting (XSS) vulnerability has been discovered in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading... | Low | CWE-79 |
Server-Side Request Forgery via /_image endpoint in Astro Cloudflare adapterWhen using Astro’s Cloudflare adapter (@astrojs/cloudflare) configured with output: 'server' while using the default imageService: 'compile', the generated image optimization endpoint doesn’t check the URLs... | High | CWE-918 |
Vite's `server.fs` settings were not applied to HTML filesAny HTML files on the machine were served regardless of the server.fs settings. | Low | CWE-284 |
Vite middleware may serve files starting with the same name with the public directoryFiles starting with the same name with the public directory were served bypassing the server.fs settings. | Low | CWE-284 |
Webrecorder packages are vulnerable to XSS through 404 error handling logic (GHSA-w765-jm6w-4hhj)A Reflected Cross-Site Scripting (XSS) vulnerability exists in the 404 error handling logic of wabac.js v2.23.10 and below. The parameter requestURL (derived from the original... | High | CWE-79 |
Webrecorder packages are vulnerable to XSS through 404 error handling logicA Reflected Cross-Site Scripting (XSS) vulnerability exists in the 404 error handling logic of wabac.js v2.23.10 and below. The parameter requestURL (derived from the original... | High | CWE-79 |
KaTeX \htmlData does not validate attribute namesKaTeX users who render untrusted mathematical expressions with renderToString could encounter malicious input using \htmlData that runs arbitrary JavaScript, or generate invalid HTML. | Medium | CWE-79 |
jsPDF Denial of Service (DoS)User control of the first argument of the addImage method results in CPU utilization and denial of service. | High | CWE-835 |
DuckDB NPM packages 1.3.3 and 1.29.2 briefly compromised with malwareThe DuckDB distribution for Node.js on npm was compromised with malware (along with several other packages). An attacker published new versions of four of duckdb’s... | High | CWE-506 |
Prebid.js NPM package briefly compromisedNPM users of prebid 10.9.2. The malicious code attempts to redirect crypto transactions on the site to the attackers’ wallet. | High | CWE-506 |
Prebid-universal-creative latest on npm briefly compromisedNpm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware detailed in the blog post below. This includes the extremely popular... | High | CWE-506 |
sanitize-html is vulnerable to XSS through incomprehensive sanitizationsanitize-html prior to version 2.0.0-beta is vulnerable to Cross-site Scripting (XSS). The sanitizeHtml() function in index.js does not sanitize content when using the custom transformTags... | Medium | CWE-79 |
MetaMask SDK indirectly exposed via malicious [email protected] dependencyThis advisory only applies to developers who use MetaMask SDK in the browser and who, on Sept 8th 2025 between 13:00–15:30 UTC, performed one of... | Medium | CWE-506 |
HackMD MCP Server has Server-Side Request Forgery (SSRF) vulnerabilityA Server-Side Request Forgery (SSRF) vulnerability that affects all users running the HackMD MCP server in HTTP mode. Attackers could exploit this vulnerability by passing... | Medium | CWE-918 |
[email protected] contains malware after npm account takeoverOn 8 September 2025, the npm publishing account for debug was taken over after a phishing attack. Version 4.4.2 was published, functionally identical to the... | High | CWE-506 |
Nuxt has Client-Side Path Traversal in Nuxt Island Payload RevivalA client-side path traversal vulnerability in Nuxt’s Island payload revival mechanism allowed attackers to manipulate client-side requests to different endpoints within the same application domain... | Low | CWE-22 |
Bootstrap Vulnerable to Cross-Site Scripting in its Popover and Tooltip ComponentsImproper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Bootstrap allows Cross-Site Scripting (XSS). This issue affects Bootstrap version 3.4.1.... | Medium | CWE-79 |
jsondiffpatch is vulnerable to Cross-site Scripting (XSS) via HtmlFormatter::nodeBeginVersions of jsondiffpatch prior to 0.7.2 are vulnerable to Cross-site Scripting (XSS) in the HtmlFormatter (HtmlFormatter::nodeBegin). When diffs are rendered to HTML using the built-in... | Medium | CWE-79 |
@digitalocean/do-markdownit has Type Confusion vulnerabilityA type confusion issue exists in the @digitalocean/do-markdownit package. In the callout and fence_environment plugins, the allowedClasses and allowedEnvironments options are expected to be arrays... | Medium | CWE-843 |
matrix-js-sdk has insufficient validation when considering a room to be upgraded by anothermatrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an... | Medium | CWE-862 |
CodeceptJS's incomprehensive sanitation can lead to Command InjectionCodeceptJS versions 3.5.0 through 3.7.5-beta.18 contain a command injection vulnerability in the emptyFolder function (lib/utils.js). The execSync command directly concatenates the user-controlled directoryPath parameter without... | High | CWE-77 |
node-cube vulnerable to prototype pollutionThe node-cube package (prior to version 5.0.0) contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties... | Low | CWE-1321 |
mpregular vulnerable to prototype pollutionmpregular is a package that provides a small program development framework based on RegularJS. A Prototype Pollution vulnerability in the mp.addEventHandler function of mpregular version... | High | CWE-1321 |
Bootstrap Cross-Site Scripting (XSS) vulnerability for data-* attributesA security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting (XSS) attacks. The vulnerability is associated with the data-loading-text attribute within the... | Medium | CWE-79 |
Cattown is Vulnerable to Uncontrolled Resource Consumption through Inefficient Regular Expression ComplexityA security review of the Cattown identified multiple weaknesses that could potentially impact its stability and security. | High | CWE-400 |
The AuthKit Remix Library renders sensitive auth data in HTMLBefore 0.15.0, @workos-inc/authkit-remix returned sensitive authentication artifacts from the authkitLoader, specifically sealedSession and accessToken. Because these values were returned from the loader, they were embedded... | High | CWE-200 |
csvjson vulnerable to prototype injectionA Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload,... | High | CWE-1321 |
parse is vulnerable to prototype pollutionparse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers... | Medium | CWE-1321 |
lobe-chat has an Open Redirect | Medium | CWE-601 |
Lobe Chat Desktop vulnerable to Remote Code Execution via XSS in Chat MessagesWe identified a cross-site scripting (XSS) vulnerability when handling chat message in lobe-chat that can be escalated to remote code execution on the user’s machine.... | Medium | CWE-79 |
cors-anywhere vulnerable to server-side request forgeryRob – W / cors-anywhere instances configured as an open proxy allow unauthenticated external users to induce the server to make HTTP requests to arbitrary... | High | CWE-918 |
counterpart vulnerable to prototype pollutionA vulnerability exists in the counterpart library for Node.js and the browser due to insufficient sanitization of user-controlled input in translation key processing. The affected... | Medium | CWE-1321 |
rollbar vulnerable to prototype pollutionrollbar is a package designed to effortlessly track and debug errors in JavaScript applications. This package includes advanced error tracking features and an intuitive interface... | Low | CWE-1321 |
static-server Path Traversal vulnerabilityAll versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js. | High | CWE-22 |
min-document vulnerable to prototype pollutionA vulnerability exists in the ‘min-document’ package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS method. | Low | CWE-1321 |
Axios is vulnerable to DoS attack through lack of data size checkWhen Axios runs on Node.js and is given a URL with the data: scheme, it does not perform HTTP. Instead, its Node http adapter decodes... | High | CWE-770 |
Regular Expression Denial of Service (ReDoS) in lodash (GHSA-x5rq-j2xg-h7qm) 2lodash prior to 4.7.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector... | Medium | CWE-400 |
Regular Expression Denial of Service (ReDoS) in lodash (GHSA-x5rq-j2xg-h7qm) 3lodash prior to 4.7.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector... | Medium | CWE-400 |
Regular Expression Denial of Service (ReDoS) in lodash (GHSA-x5rq-j2xg-h7qm)lodash prior to 4.7.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector... | Medium | CWE-400 |
Regular Expression Denial of Service (ReDoS) in lodash (GHSA-29mw-wpgm-hmr9) 2All versions of package lodash prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. | Medium | CWE-400 |
Regular Expression Denial of Service (ReDoS) in lodash (GHSA-29mw-wpgm-hmr9) 3All versions of package lodash prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. | Medium | CWE-400 |
Regular Expression Denial of Service (ReDoS) in lodash (GHSA-29mw-wpgm-hmr9)All versions of package lodash prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. | Medium | CWE-400 |
Regular Expression Denial of Service (ReDoS) in lodashAll versions of package lodash prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. | Medium | CWE-400 |
Finance.js vulnerable to DoS via the seekZero() parameterAn issue in finance.js v.4.1.0 allows a remote attacker to cause a denial of service via the seekZero() parameter. | High | CWE-770 |
Finance.js vulnerable to DoS via the IRR function’s depth parameterFinance.js v4.1.0 contains a Denial of Service (DoS) vulnerability via the IRR function’s depth parameter. Improper handling of the recursion/iteration limit can lead to excessive... | High | CWE-770 |
@plone/volto vulnerable to potential DoS by invoking specific URL by anonymous userWhen visiting a specific URL, an anonymous user could cause the NodeJS server part of Volto to quit with an error. | High | CWE-754 |
Vulnerable Nginx VersionThe Nginx version used is outdated and has security flaws. Vulnerabilities in older versions could be exploited by attackers to compromise the server, leading to... | Medium | |
Vulnerable Tomcat VersionThe Apache Tomcat version used is outdated and has security flaws. Vulnerabilities in older versions could be exploited by attackers to compromise the server, leading... | Medium | |