Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Snipe-IT: Bulk editing users allowed `ldap_import` and `activated_in` bulk editing users
User Messages widget leaked issuer messages on shared dashboards
Keycloak: keycloak: privilege escalation via partialimport fgap permission bypass
IRIS Alerts Can be Falsely Attributed to Customers
Froxlor has an authorization bypass in FTP shell assignment via missing server-side `available_shells` enforcement
In OpenStack Neutron before 28
LakshayD02 Hostel-Management-System-PHP Admin Dashboard index.php authorization
MISP CRUDComponent delete validation bypass via operator precedence error
OpenStack Mistral through 22
Communication analysis between the Card Reader and TP2CardReaderService daemon
alf.io has an Authenticated RCE via Extension Script Sandbox Escape
LibreChat: Shared-agent editor can globally delete owner's file records — breaks owner's other private agents
nextlevelbuilder GoClaw Team Task Completion team_tasks_lifecycle.go TeamTasksTool.executeComplete authorization
Authentication Bypass in prefecthq/prefect
Slider Revolution 7.0.0 - 7.0.14 - Incorrect Authorization to Authenticated (Contributor+) Sensitive Information Exposure
Capsule TenantResource RawItems Cluster-Scoped Resource Creation Vulnerability
Apache Airflow: Log server JWT authorization bypass via Python lstrip() character stripping allows cross-Dag log access
AstrBotDevs AstrBot fs.py _normalize_rw_path authorization
In JetBrains TeamCity before 2026
In JetBrains YouTrack before 2026
Showing 1 - 20 of 1,000+ results