31 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the handleTokenExchange function. An attacker can gain unauthorized access to restricted resources by exploiting the lack of enforcement of allowed connectors when exchanging tokens. This is only exploitable i...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the pgcreatesubscriber process. An attacker can execute arbitrary SQL commands with superuser privileges by supplying a crafted subscription name. Remediation A fix was pushed into the master branch but not yet...
Arbitrary Code Injection
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Arbitrary Code Injection through the autoEvalCodeOnHTML process. An attacker can execute arbitrary JavaScript code in the browser context of any logged-in user by...
Interpretation Conflict
Overview org.webjars.npm:fast-uri is a Dependency-free RFC 3986 URI toolbox Affected versions of this package are vulnerable to Interpretation Conflict during the decoding of URL host component. An attacker can manipulate the authority component of a URI by supplying percent-encoded delimiters,...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the JP2 encoder when an invalid sampling index is specified. An attacker can cause a denial of service by providing a specially crafted input file. Remediation A fix was pushed into the master branch but not yet...
Incomplete List of Disallowed Inputs
Overview org.webjars.npm:unhead is a Full-stack manager built for any framework. Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs in the hasDangerousProtocol function though the usage of HtmlEntityHex and HtmlEntityDec RegExp. An attacker can inject malicio...
Improper Validation of Specified Type of Input
Overview Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input in the client monitoring message handler due to insufficient validation of the queue name supplied by the client. An attacker can execute arbitrary code on the server by sending a crafted...
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes through the doCertificateUpdate handler in certificates.go. An attacker can change the type of an existing certificate by sending a certificate update reques...
CVE-2026-22711
Improper neutralization of alternate XSS syntax vulnerability in The Wikimedia Foundation Mediawiki - Wikilove Extension allows Cross-Site Scripting XSS.The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45...
Information Exposure
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Information Exposure via the install/test.php script when the command-line interface guard is disabled. An attacker can access sensitive information such as viewer...
Improperly Implemented Security Check for Standard
Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard in the mbedtlssslconfsigalgs function. An attacker can reduce the security strength of cryptographic operations by forcing the use of weaker algorithms, which may result in information...
Replay Attack
Overview @openclaw/voice-call is an OpenClaw voice-call plugin Affected versions of this package are vulnerable to Replay Attack in the webhook-security.ts process. An attacker can bypass replay protection by capturing a valid signed webhook and resending it with reordered query parameters, there...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write while decoding header names. An attacker can achieve memory corruption and potentially execute arbitrary code by sending specially crafted event-stream messages to a client application. Remediation A fix was pushed...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the wolfSSLd2iSSLSESSION function when deserializing session data with the SESSIONCERTS option enabled. An attacker can corrupt heap memory and potentially execute arbitrary code or cause a crash by supplyi...
Server-side Request Forgery (SSRF)
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the proxy.php endpoint when handling HTTP redirects without re-validating the redirect target. An attacker can access internal...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop through the DWARF parsing process. An attacker can cause the application to enter an infinite output loop by providing a specially crafted binary with malformed DWARF loclists data, resulting in excessive CPU and I/O...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the PUT request handler in the UDM component when processing an unexpected ueId value. An attacker can cause the service to crash and disrupt availability by sending a specially crafted request. Remediation...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to improper handling of memory allocation in the libvpx. An attacker can execute arbitrary code or cause a crash by supplying specially crafted media files. Remediation A fix was pushed into the master...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the GenImageFontAtlas function. An attacker can execute arbitrary code or cause a denial of service by providing specially crafted input that triggers a heap-based buffer overflow during local execution...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the HeifPixelImage::overlay function. An attacker can cause a crash by supplying a crafted HEIF file with a malicious iovl overlay box that triggers a negative row length calculation, leading to a large...