Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Fickling has Static Analysis Bypass via Incomplete Dangerous Module Blocklist
Fickling vulnerable to use of ctypes and pydoc gadget chain to bypass detection
Fickling Blocklist Bypass: cProfile.run()
Fickling has a bypass via runpy.run_path() and runpy.run_module()
libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mish...
Fickling has Code Injection vulnerability via pty.spawn()
Fickling has missing detection for marshal.loads and types.FunctionType in unsafe modules list
Auth0 Next.js SDK has Improper Validation of Query Parameters
PrestaShop Checkout Target PayPal merchant account hijacking from backoffice
Promptcraft Forge Studio's incomplete URL check is vulnerable to XSS via SVG
Promptcraft Forge Studio: Complete Sanitizer Bypass Enables XSS via Overlapping Patterns
An incomplete blacklist exists in the
Unsafe handling of AJAX calls
A vulnerability exists in the media upload component of the Asset Suite versions listed below
The unsafe globals in Picklescan before 0
Microsoft OneNote Security Feature Bypass Vulnerability
picklescan - Security scanning bypass via 'pip main'
Winter CMS Modules allows a sandbox bypass in Twig templates leading to data modification and deletion
HTML Cleaner allows crafted scripts in special contexts like svg or math to pass through
Wasmtime doesn't fully sandbox all the Windows device filenames
Showing 1 - 20 of 1,000+ results