175 matches found
Improper Access Control
Vite is vulnerable to Improper Access Control. The vulnerability is due to the dev and preview servers serving any HTML files on the machine regardless of the server.fs settings, which allows an attacker to access unintended files when the Vite server is exposed to the network, potentially leadin...
EUVD-2025-32619
Malicious code in webpack-dev-serve-middleware npm...
EUVD-2018-0277
Malware in sbrugna...
EUVD-2025-10686
Malicious code in bioql PyPI...
EUVD-2025-5060
Malicious code in bioql PyPI...
EUVD-2025-29441
Malicious code in bioql PyPI...
EUVD-2021-7603
Malicious code in bioql PyPI...
EUVD-2022-15503
Malicious code in bioql PyPI...
EUVD-2025-23413
Malicious code in bioql PyPI...
EUVD-2023-1771
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-56648
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - npm parcel 2.0.0-alpha and before has an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development...
CVE-2025-59427
The Cloudflare Vite plugin enables a full-featured integration between Vite and the Workers runtime. When utilising the Cloudflare Vite plugin in its default configuration, all files are exposed by the local dev server, including files in the root directory that contain secret information such as...
CVE-2025-59427
The Cloudflare Vite plugin enables a full-featured integration between Vite and the Workers runtime. When utilising the Cloudflare Vite plugin in its default configuration, all files are exposed by the local dev server, including files in the root directory that contain secret information such as...
CVE-2025-59427 Cloudflare vite plugin exposes secrets over the built-in dev server
The Cloudflare Vite plugin enables a full-featured integration between Vite and the Workers runtime. When utilising the Cloudflare Vite plugin in its default configuration, all files are exposed by the local dev server, including files in the root directory that contain secret information such as...
Cloudflare Workers SDK 信息泄露漏洞
Cloudflare Workers SDK is an open source developer toolkit for Cloudflare. An information disclosure vulnerability exists in Cloudflare Workers SDK versions prior to 1.6.0, which stems from a default configuration where the local development server exposes all files, potentially leading to the...
Parcel has an Origin Validation Error vulnerability
parcel versions 1.6.1 and above have an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development server and read the response to steal source code when developers visit them. Version 2.16.4 supports a --no-cors option which disables CORS...
GHSA-QM9P-F9J5-W83W Parcel has an Origin Validation Error vulnerability
parcel versions 1.6.1 and above have an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development server and read the response to steal source code when developers visit them. Version 2.16.4 supports a --no-cors option which disables CORS...
CVE-2025-56648
npm parcel 2.0.0-alpha and before has an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development server and read the response to steal source code when developers visit them...
CVE-2025-56648
npm parcel 2.0.0-alpha and before has an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development server and read the response to steal source code when developers visit them...
CVE-2025-56648
npm parcel 2.0.0-alpha and before has an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development server and read the response to steal source code when developers visit them...