Incorrect Behavior Order: Validate Before Canonicalize

Overview @fedify/fedify is an An ActivityPub server framework Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize through manipulation of JSON-LD document structure using keywords such as @graph, @included, and @reverse. An attacker can alter...

Incorrect Behavior Order

Overview @github/copilot is a GitHub Copilot CLI brings the power of Copilot coding agent directly to your terminal. Affected versions of this package are vulnerable to Incorrect Behavior Order that enables code execution via the core.fsmonitor configuration key in a nested bare git repository. A...

Incorrect Behavior Order: Validate Before Canonicalize

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize in the parsing of Git objects with malformed or ambiguous commit or tag objects. An attacker can cause inconsistent interpretation of object metadata or signature validation by...

Incorrect Behavior Order: Validate Before Canonicalize

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize in the parsing of Git objects with malformed or ambiguous commit or tag objects. An attacker can cause inconsistent interpretation of object metadata or signature validation by...

Incorrect Behavior Order: Early Validation

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Early Validation via incomplete validation of paths in the process. An attacker can gain unauthorized access to internal system directories and potentially read or modify sensitive data by supplying specially...

Incorrect Behavior Order: Early Validation

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Early Validation via incomplete validation of paths in the process. An attacker can gain unauthorized access to internal system directories and potentially read or modify sensitive data by supplying specially...

Incorrect Behavior Order

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order in the Delegate process when the User parameter is unset and the unit is running. An attacker can cause a system service to terminate unexpectedly by creating or manipulating a unit with these settings. This is...

Incorrect Behavior Order: Validate Before Canonicalize

Overview vite-plus is a The Unified Toolchain for the Web Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize through the server.fs.deny component. An attacker can access sensitive files by appending specific query parameters such as ?raw,...

Incorrect Behavior Order

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order via injection of shell metacharacters into the username parameter. An attacker can execute arbitrary commands by supplying specially crafted input. This is only exploitable if the username is untrusted and the '...

Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Incorrect Behavior Order: Authorization Before Parsing and Canonicalization via the UMA Policy Resource user...

Incorrect Behavior Order: Validate Before Canonicalize

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize via the splitPos function. An attacker can cause unintended execution of files by crafting URLs with specific Unicode characters that manipulate the path splitting logic, potentiall...

Incorrect Behavior Order: Validate Before Canonicalize

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize via the splitPos function. An attacker can cause unintended execution of files by crafting URLs with specific Unicode characters that manipulate the path splitting logic, potentiall...

Incorrect Behavior Order: Validate Before Canonicalize

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize via the splitPos function. An attacker can cause unintended script execution by crafting a request path containing specific multi-byte Unicode characters, which manipulates the...

Incorrect Behavior Order: Validate Before Canonicalize

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize via the splitPos function. An attacker can cause unintended script execution by crafting a request path containing specific multi-byte Unicode characters, which manipulates the...

Incorrect Behavior Order

Overview ai is an AI SDK by Vercel - The AI Toolkit for TypeScript and JavaScript Affected versions of this package are vulnerable to Incorrect Behavior Order via the downloadAssets function. An attacker can upload files with disallowed types by substituting arbitrary downloaded bytes for differe...

EUVD-2023-37394

Malicious code in bioql PyPI...

EUVD-2025-15407

Malicious code in bioql PyPI...

microcode_ctl: From CVEorg collector

Incorrect behavior order for some IntelR Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access...

microcode_ctl: From CVEorg collector

Incorrect behavior order for some IntelR Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access...

CVE-2023-23576

Incorrect behavior order in the Command Centre Server could allow privileged users to gain physical access to the site for longer than intended after a network outage when competencies are used in the access decision. This issue affects: Gallagher Command Centre: 8.90 prior to vEL8.90.1620 MR2,...