Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
HCL iControl was affected by Missing Security Headers vulnerability.
Aider-AI Aider Pre-commit Hook args.py protection mechanism
Formie: Pre-authenticated server-side template injection in Hidden fields
Indian Scout Bobber 2025 WCM CAN bus-off attack silently bypasses anti-theft shutdown
Indian Scout Bobber 2025 WCM voltage-based shutdown
Hono: app.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths
pam_usb: pusb_has_virtual_input_device() silently discards EACCES, disabling remote desktop detection under non-root execution
OneUptime: RCE due to Node.js' vm module escape via error objects and infinite recursion
Lumiverse: TSX component sandbox escape via DOM ref and string-split identifier bypass
FORTIFY_SOURCE disabled
Twig 2.16.x & 3.9.0-3.25.x Sandbox Bypass via SourcePolicyInterface
Strapi Upload Plugin MIME Validation Bypass via Content API
Protection Mechanism Failure in Zoom Workplace for iOS before version 7
vm2: Transformer Fast-Path Bypass Exposes Internal State Variable
vm2: sandbox boundary bypass via host Promise resolution preserving host object identity
Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive i...
Heym < 0.0.21 Sandbox Escape via Python Introspection
OpenLearnX has Critical Remote Code Execution Through Python Sandbox Escape via Code Execution Environment
PromptHub: Authenticated SSRF via IPv6 filter bypass in `POST /api/skills/fetch-remote`
vm2: WASM Sandbox Escape (Node 25 only)
Showing 1 - 20 of 1,000+ results