Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
CtrlPanel: Authenticated Remote Code Execution via Dynamic Class Instantiation in SettingsController.php
Remote Code Execution via Unsafe Class Loading in Amazon Redshift JDBC Driver
PraisonAI has unsafe tool resolution in `ToolExecutionMixin.execute_tool`: undeclared `__main__` callables execute
Apache OpenNLP: Arbitrary Class Instantiation via Model Manifest in ExtensionLoader
Statamic: Unsafe method invocation via query value resolution allows data destruction
Smart VPN 1.1.3.0 Denial of Service via Search
Unauthenticated arbitrary PHP class instantiation
Craft CMS: Potential authenticated Remote Code Execution via malicious attached Behavior
Craft CMS vulnerable to behavior injection RCE ElementIndexesController and FieldsController
Craft CMS vulnerable to behavior injection RCE via EntryTypesController
Craft has a potential authenticated Remote Code Execution via malicious attached Behavior
Craft CMS vulnerable to potential authenticated Remote Code Execution via malicious attached Behavior
Barracuda RMM < 2025.1.1 Service Center Insecure Reflection RCE
An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role
Astro's `X-Forwarded-Host` is reflected with no validation
HTML Cache Poisoning through Unsafe Reflections
CWE-470 in generator-jhipster-entity-audit when having Javers selected as Entity Audit Framework
Kentico Xperience <= 13.0.180 Unsafe Reflection
Unsafe Reflection in base Component class in yiisoft/yii2
The Addressing GLPI plugin allows data enumeration through uncontrolled object instantiation
Showing 1 - 20 of 1,000+ results