Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Mattermost allows external websites to open within the app, exposing preload functionality to non-trusted sites.
telnetd in GNU inetutils through 2
OpenLIT Vulnerable to Remote Code Execution and Secret Exposure via Misuse of `pull_request_target` in GitHub Actions Workflows
ADB-Explorer: UNC Path Support in ManualAdbPath Leads to Remote Code Execution (RCE)
Sylde has Improper Control of Generation of Code
ADB Explorer Vulnerable to RCE via Insufficient Input Validation
OpenS100 Portrayal Engine Unrestricted Lua Standard Library Access
Roundcube Webmail before 1
vscode-spell-checker has a workspace-trust bypass Code Execution
In the Eclipse Theia Website repository, the GitHub Actions workflow
Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability
Gradle's failure to disable repositories failing to answer can expose builds to malicious artifacts
Gradle fails to disable repositories which can expose builds to malicious artifacts
In Umbraco UmbracoForms through 8
Fastjson before 1
Sony BRAVIA Digital Signage 1.7.8 Unauthenticated Remote File Inclusion
FIBARO System Home Center 5.021 Remote File Inclusion via Proxy API
theshit vulnerable to unsafe loading of user-owned Python rules when running as root.
The Static Asset API in Mintlify Platform before 2025-11-15 allows remote attackers to inject arbitrary web script or HTML via the subdomain parame...
In JetBrains TeamCity before 2025
Showing 1 - 20 of 1,000+ results