CVE-2026-30939

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.13 and 9.5.1-alpha.2, an unauthenticated attacker can crash the Parse Server process by calling a Cloud Function endpoint with a prototype property name as the function name. The...

CVE-2026-30939

CVE-2026-30939 is associated with a vulnerability in Parse Server via a prototype chain resolution issue that enables a DoS. An unauthenticated attacker can crash the server by calling a Cloud Function endpoint with a prototype property name as the function name; other prototype property names by...

CVE-2026-30939 Parse Server has Denial of Service (DoS) and Cloud Function Dispatch Bypass via Prototype Chain Resolution

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.13 and 9.5.1-alpha.2, an unauthenticated attacker can crash the Parse Server process by calling a Cloud Function endpoint with a prototype property name as the function name. The...

AZL-65571 CVE-2025-40913 affecting package tcl for versions less than 8.6.13-2

Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow. Net::Dropbear embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328...

VulnCheck KEV: CVE-2025-47558

Missing Authorization vulnerability in RomanCode MapSVG mapsvg allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MapSVG: from n/a through 8.6.13...

CVE-2023-45853 affecting package tcl for versions less than 8.6.13-3

CVE-2023-45853 affecting package tcl for versions less than 8.6.13-3. A patched version of the package is available...

CVE-2023-45853 affecting package tcl for versions less than 8.6.13-3

CVE-2023-45853 affecting package tcl for versions less than 8.6.13-3. A patched version of the package is available...

AZL-28627 CVE-2023-36328 affecting package tcl for versions less than 8.6.13-2

Integer Overflow vulnerability in mpgrow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service DoS...

CVE-2019-6341

In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability...

UBUNTU-CVE-2019-6341

In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability...

Drupal XSS Vulnerability (SA-CORE-2019-004) - Windows

Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...