Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
OPNsense: Command Injection via Attacker-Controlled DHCP Config
OPNsense: RCE on user managment
OPNsense: RCE via XMLRPC endpoint using `opnsense.restore_config_section` method
ERPNext: Unauthorised Document modification due to missing validation
MISP: SQL injection via unvalidated ordering parameters in event and shadow attribute listings
CubeCart: Server-Side Template Injection (SSTI) in Smarty Templates leading to RCE
CubeCart: Authenticated Arbitrary File Upload to RCE in REST Files API
CubeCart: Server-Side Template Injection (SSTI) in Smarty Templates leading to RCE
misp-modules website - Missing CSRF protection in the website home blueprint
fast-jwt: Empty HMAC secret accepted via async key resolver - JWT auth bypass
vm2: Sandbox escape
vm2: Sandbox Breakout Using Async Generator
vm2: Sandbox Breakout Through Null Proto Exception
vm2: Snabox breakout via `neutralizeArraySpeciesBatch`
vm2: nesting: true bypasses require: false, allowing sandbox escape to arbitrary OS command execution
vm2: Sandbox Escape
vm2: NodeVM builtin allowlist bypass via `module` builtin's `Module._load` allows sandbox escape
vm2: Sandbox Escape
Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.8.6
Ecommerce Systempay 1.0 Production Key Brute Force
Showing 1 - 20 of 1,000+ results