Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Hydro-Québec Le Circuit Electrique charging station backend Improper Access Control
ZITADEL: Cross-Tenant User Leakage via Recycled Identifiers
Capgo - Channel Configuration Mutation via Write-Scoped API Keys
Apache IoTDB: Authorization bypass in /rest/v2/fastLastQuery exposes last-value data to unauthorized authenticated users
Apache IoTDB: Authenticated users can escalate to full tree-path access by renaming themselves to __internal_auditor
zhayujie CowAgent Browser Tool browser_tool.py BrowserTool._do_navigate information disclosure
Sipeed PicoClaw Launcher access_control.go IPAllowlist access control
Hoppscotch: Insecure Default Configuration Allows Public Exposure of Private Collection Data via Mock Server
manjurulhoque django-job-portal Employee Dashboard Endpoint views.py EditEmployeeProfileAPIView access control
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
Capgo - Encrypted Bundle Policy Bypass via Direct PostgREST Update
Joomla! Core - [20260701] - Incorrect Access Control in com_media webservice endpoints
Joomla! Core - [20260712] - Incorrect Access Control in com_fields webservice endpoints
Joomla! Core - [20260709] - Incorrect Access Control in com_workflow
Joomla! Core - [20260710] - Incorrect Access Control in com_modules
Joomla! Core - [20260711] - Incorrect Access Control in com_privacy webservice endpoints
Joomla! Core - [20260702] - Incorrect Access Control in com_contact vcf download
Traefik: Gateway HTTPRoute backendRef filters can leak backend context across routes sharing a Service:port
Apache IoTDB: Path Traversal in DataNode Internal RPC Trigger JAR Upload Allows Arbitrary File Write
Apache Camel: Camel-MongoDB-GridFS: The gridfs.* control headers used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP...
Showing 1 - 20 of 1,000+ results