Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
A new API endpoint introduced in pretix 2025 that is supposed to return all check-in events of a specific event in fact returns all check-in even...
API allows deletion of users of other instance
Electron: nodeIntegrationInWorker not correctly scoped in shared renderer processes
Keycloak: keycloak: replay of action tokens via improper handling of single-use entries
Keycloak: keycloak: privilege escalation via forged authorization codes due to singleuseobjectprovider isolation flaw
Llama-stack-k8s-operator: llama stack service exposed across namespaces due to missing networkpolicy
Remote Code Execution in ServiceNow AI Platform
Lack of isolation in mcp-run-python leads to MCP server takeover
Network boundaries not respected in certain Foundry namespaces.
An Improper Isolation or Compartmentalization vulnerability [CWE-653] in Fortinet FortiSandbox 5
Incorrect oauth passthrough in Grafana Databricks Datasource
Incorrect oauth passthrough in Grafana Snowflake Datasource
Insecure configuration in DSPy lead to arbitrary file read when running untrusted code inside the sandbox
Apache Syncope: Remote Code Execution by delegated administrators
Vasion Print (formerly PrinterLogic) Lack of Network Segmentation Between Docker Instances
Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentiall...
High Privilege RCE via LUA Sandbox Escape
Restricted shell evasion in Radiflow iSAP Smart Collector
A vulnerability in the Eclipse Open VSX Registry’s automated publishing system could have allowed unauthorized uploads of extensions
Sony XAV-AX8500 Bluetooth Improper Isolation Authentication Bypass Vulnerability
Showing 1 - 20 of 1,000+ results