Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Traefik doesn't Prevent Path Normalization Bypass in Router + Middleware Rules
Nodemailer: nodemailer: email to an unintended domain can occur due to interpretation conflict
uv is vulnerable to ZIP payload obfuscation through parsing differentials
Git allows arbitrary code execution through broken config quoting
Ruby SAML vulnerable to SAML authentication bypass due to namespace handling (parser differential)
ruby-saml vulnerable to SAML authentication bypass due to DOCTYPE handling (parser differential)
CodeIgniter validation of header name and value
A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat De...
Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability
PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended
CarrierWave's Content-Type allowlist bypass vulnerability which possibly leads to XSS remained
Bref Body Parsing Inconsistency in Event-Driven Functions
Bref Multiple Value Headers Not Supported in ApiGatewayFormatV2
Command substitution output can trigger shell expansion in fish shell
A interpretation conflict in Fortinet IPS Engine versions 7
Authentik lacks Proxy IP headers validation
TransparentUpgradeableProxy clashing selector calls may not be delegated in @openzeppelin/contracts
Insecure header validation in slim/psr7
Improper header name validation in guzzlehttp/psr7
User uploads proxied from S3 lack `Content-Security-Policy` headers, may be served with `Content-Disposition: inline` in zulip
Showing 1 - 20 of 1,000+ results