Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection
Command injection via USB
fraillt bitsery std_smart_ptr.h loadFromSharedState improper validation of specified type of input
Insufficient input validation in GitHub plugin API causes denial of service
For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status
An ACAP configuration file lacked sufficient input validation, which could allow command injection and potentially lead to privilege escalation
fastify vulnerable to Body Schema Validation Bypass via Leading Space in Content-Type Header
SpotAuditor 5.2.6 Name Field Denial of Service
Keycloak-services: keycloak: unauthorized access via improper validation of encrypted saml assertions
DoS in Calls plugin via malformed msgpack in websocket request.
Denial of service via malformed User-Agent header in getBrowserVersion
Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability
SQL Server Elevation of Privilege Vulnerability
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
TSPortal: Anyone can forge self-deletion requests of any user
PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code
PostgreSQL oidvector discloses a few bytes of memory
Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability
M365 Copilot Information Disclosure Vulnerability
Meshtastic firmware allows forged DMs with no PKC to show up as encrypted
Showing 1 - 20 of 1,000+ results