Incorrect Authorization

Overview @openclaw/discord is an OpenClaw Discord channel plugin Affected versions of this package are vulnerable to Incorrect Authorization in the process that handles Discord component interactions, which incorrectly classifies Group Direct Messages as standard Direct Messages. An attacker can...

CVE-2025-62711

A Denial of Service vulnerability has been identified in the Wasmtime WebAssembly runtime, affecting versions 38.0.0 through 38.0.2. An attacker can exploit this flaw by providing a carefully crafted WebAssembly component and invoking it in a specific manner. This malicious action causes the host...

Open-AudIT Professional Cross-Site Scripting Vulnerability

Open-AudIT Professional is a network discovery and auditing program. The program intelligently scans networks and network devices and provides status reports. A cross-site scripting vulnerability exists in Open-AudIT Professional version 2.1.1. A remote attacker can exploit this vulnerability to...

PYSEC-2016-36

The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...

CVE-2015-8747

The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...