Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Joomla Extension - rsjoomla.com - Unauthenticated file upload in RSFiles component < 1.17.12
Joomla Extension - phoca.cz - Authenticated file upload in RSFiles component < 6.1.3
OpenPLC v3 External Control of File Name or Path
Hydro-Québec Le Circuit Electrique charging station backend Improper Access Control
Tilt: Missing authentication on the network-exposed Tilt HUD server
OpenReplay: Unauthenticated stored XSS leads to dashboard account takeover
WordPress OAuth Single Sign On - SSO (OAuth Client) plugin <= 38.5.8 - Broken Authentication vulnerability
miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.7.0 - Unauthenticated Authentication Bypass to Administrator Account...
MCP Server Kubernetes < 3.9.0 Argument Injection via kubectl Structured Tools
SQLi in Semtek Informatics' SEM-PMP
Prowler: SAML Domain Claiming Enables Cross-Tenant Account Takeover
SQLi in AdamPOS' MobilMen 20T
grav-plugin-database: SQL Injection in PDO::tableExists() due to Unsanitized Table Name Interpolation
9router: Exposure of Sensitive Information and Unprotected Database Import/Export Allows Complete Credential Theft and Database Takeover
Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:)
In JetBrains IntelliJ IDEA before 2026
PraisonAI before 4.6.78 Code Injection via f-string
Vikunja - Unauthenticated Instance-Wide Data Breach via Link Share Hash Disclosure Chained with Cross-Project Attachment IDOR
Crawl4AI - Server-Side Request Forgery via Webhook URLs
Dell PowerFlex Manager, Version prior to 5
Showing 1 - 20 of 1,000+ results