CVE-2025-22151

Strawberry GraphQL is a library for creating GraphQL APIs. Starting in 0.182.0 and prior to version 0.257.0, a type confusion vulnerability exists in Strawberry GraphQL's relay integration that affects multiple ORM integrations Django, SQLAlchemy, Pydantic. The vulnerability occurs when multiple...

CVE-2024-5250

In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations...

CVE-2024-42364

Homepage is a highly customizable homepage with Docker and service API integrations. The default setup of homepage 0.9.1 is vulnerable to DNS rebinding. Homepage is setup without certificate and authentication by default, leaving it to vulnerable to DNS rebinding. In this attack, an attacker will...

CVE-2024-40647

sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's Python SDK 2.8.0 allows the environment variables to be passed to subprocesses despite the env= setting. In Python's subprocess calls, all environment variables are passed to subprocesses by default. However, if you specifical...

CVE-2023-28477

Concrete CMS previously concrete5 versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to stored XSS on API Integrations via the name parameter...

CVE-2023-6682

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. A problem with the processing logic for Discord Integrations Chat Messages can lead to a regular expression DoS...

CVE-2021-3152

Home Assistant before 2021.1.3 does not have a protection layer that can help to prevent directory-traversal attacks against custom integrations. NOTE: the vendor's perspective is that the vulnerability itself is in custom integrations written by third parties, not in Home Assistant; however, Hom...

[Webinar] AI Is Already Inside Your SaaS Stack — Learn How to Prevent the Next Silent Breach

Your employees didn't mean to expose sensitive data. They just wanted to move faster. So they used ChatGPT to summarize a deal. Uploaded a spreadsheet to an AI-enhanced tool. Integrated a chatbot into Salesforce. No big deal—until it is. If this sounds familiar, you're not alone. Most security...

com.atomikos:transactions-spring-boot-integration-tests (>=5.0.9 <=6.0.1), com.atomikos:transactions-spring-boot3-integration-tests (>=6.0.0 <=6.0.1) +158 more potentially affected by CVE-2025-27427 via org.apache.activemq:artemis-server (>=2.0.0 <=2.3.0)

org.apache.activemq:artemis-server MAVEN version =2.0.0, =5.0.9, =6.0.0, =2.2.1, =2.2.1, =2.2.2, =2.2.1, =2018.9.23, =2018.12.15, =2018.9.23, =2018.9.23, =0.0.1, =0.0.2, =1.14.2, =2.0.0, =6u3 and more Source cves: CVE-2025-27427 Source advisory: OSV:GHSA-3W85-5P9G-H334...

CVE-2025-30884

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Bit Apps Bit Integrations bit-integrations allows Phishing.This issue affects Bit Integrations: from n/a through = 2.4.10...

CVE-2025-30884

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Bit Apps Bit Integrations bit-integrations allows Phishing.This issue affects Bit Integrations: from n/a through = 2.4.10...

CVE-2025-30884

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Bit Apps Bit Integrations bit-integrations allows Phishing.This issue affects Bit Integrations: from n/a through = 2.4.10...

WordPress Bit Integrations plugin <= 2.4.10 - Open Redirection vulnerability

Open Redirection vulnerability discovered by Le Ngoc Anh in WordPress Plugin Bit Integrations versions = 2.4.10...

CVE-2025-30884 WordPress Bit Integrations plugin <= 2.4.10 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Bit Apps Bit Integrations bit-integrations allows Phishing.This issue affects Bit Integrations: from n/a through = 2.4.10...

CVE-2025-30884

CVE-2025-30884 concerns Bit Integrations (Bit Form/Bit Integrations) for WordPress. The Wordfence vulnerability entry states an Open Redirect vulnerability affecting Bit Integrations and versions up to 2.4.10, enabling phishing via URL redirection. CVSS v3.1 vector: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:...

CVE-2025-30884 WordPress Bit Integrations plugin <= 2.4.10 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Bit Apps Bit Integrations bit-integrations allows Phishing.This issue affects Bit Integrations: from n/a through = 2.4.10...

WordPress plugin Bit Integrations 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error...

SQL injection vulnerabilities in multiple vector stores

Description Multiple vector store integrations have SQL injection vulnerabilities, which can allow an attacker to read and write data using SQL. Example vulnerable code snippet in the Couchbase vector store integration: def deleteself, refdocid: str, kwargs: Any - None: """ Delete a document by i...

CVE-2024-21815

Insufficiently protected credentials CWE-522 for third party DVR integrations to the Command Centre Server are accessible to authenticated but unprivileged users. This issue affects: Gallagher Command Centre 9.00 prior to vEL9.00.1774 MR2, 8.90 prior to vEL8.90.1751 MR3, 8.80 prior to vEL8.80.152...

Native Sensors vs. Integrations for XDR Platforms?

Native sensors vs. integrations in XDR: Native sensors offer faster deployment, real-time detection, and deeper visibility, while integrations may add complexity and delays. Learn how to optimize your XDR strategy for improved security...