EUVD-2022-51759

Malicious code in bioql PyPI...

CVE-2022-4413

Cross-site Scripting XSS - Reflected in GitHub repository nuxt/framework prior to v3.0.0-rc.13...

CVE-2022-4414

Cross-site Scripting XSS - DOM in GitHub repository nuxt/framework prior to v3.0.0-rc.13...

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration through the Session API. An attacker can authenticate on behalf of the user by repeatedly using idp intents to retrieve the id and token from the application's URI. Remediation Upgrade...

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration through the Session API. An attacker can authenticate on behalf of the user by repeatedly using idp intents to retrieve the id and token from the application's URI. Remediation Upgrade...

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration through the Session API. An attacker can authenticate on behalf of the user by repeatedly using idp intents to retrieve the id and token from the application's URI. Remediation Upgrade...

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration through the Session API. An attacker can authenticate on behalf of the user by repeatedly using idp intents to retrieve the id and token from the application's URI. Remediation Upgrade...

0data (=1.0.0), 1.1.1-version (=1.0.0) +5422 more potentially affected by CVE-2024-21509 via mysql2 (>=3.0.0-rc.1 <=3.9.3)

mysql2 NPM version =3.0.0-rc.1, =1.0.0, =0.0.4, =0.0.1, =1.0.0, =0.0.1-alpha.5, =0.0.1-alpha.4, =0.0.1-alpha.1, =0.1.6-alpha.2, =0.0.8, =0.0.165 and more Source cves: CVE-2024-21509 Source advisory: SNYK:JS-MYSQL2-6591084...

CVE-2022-4413 Cross-site Scripting (XSS) - Reflected in nuxt/framework

Cross-site Scripting XSS - Reflected in GitHub repository nuxt/framework prior to v3.0.0-rc.13...

CVE-2022-4414 Cross-site Scripting (XSS) - DOM in nuxt/framework

Cross-site Scripting XSS - DOM in GitHub repository nuxt/framework prior to v3.0.0-rc.13...

PT-2022-27116 · Unknown · Nuxt/Framework

Name of the Vulnerable Software and Affected Versions: nuxt/framework versions prior to 3.0.0-rc.13 Description: The issue is related to Cross-site Scripting XSS - Reflected. This is a type of security vulnerability that occurs when an application includes user input in its responses without...

react-native-reanimated 资源管理错误漏洞

react-native-reanimated is an open source reimplementation of an animation library for React Native by Software Mansion. A resource management error vulnerability exists in versions prior to react-native-reanimated 3.0.0-rc.1, which stems from the incorrect use of regular expressions by the...

jenkins-git-client-plugin: OS command injection via 'git ls-remote'

Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection...

CVE-2019-10392

Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection...

jQuery 3.0.0-rc.1 Denial of Service

According to its self-reported version number, jQuery is 3.0.0-rc.1. Therefore, it may be affected by a denial of service vulnerability due to an infinite recursion on non-lowercase attribute getters. Note that the scanner has not tested for these issues but has instead relied only on the...

CVE-2016-10707

jQuery 3.0.0-rc.1 is vulnerable to Denial of Service DoS due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit...