@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-31901 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-31901 Source advisory: OSV:GHSA-W54V-HF9P-8856...

EUVD-2009-0851

Malware in sbrugna...

EUVD-2022-0586

Malicious code in bioql PyPI...

CVE-2022-45182

Pi-StarDVDash for Pi-Star DV before 5aa194d mishandles the module parameter...

CVE-2025-22340 WordPress Data Dash plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Think201 Data Dash allows Stored XSS. This issue affects Data Dash: from n/a through 1.2.3...

arbitragelab (>=0.9.1 <=1.0.0), buzzword (>=1.2.1 <=1.2.3) +104 more potentially affected by CVE-2024-21485 via dash (>=0.21.1 <=2.14.2)

dash PYPI version =0.21.1, =0.9.1, =1.2.1, =0.0.2a0, =0.0.1, =2020.5.21, =0.0.2, =0.0.2, =0.1.0, =0.0.8, =0.1.3, =0.13.2, =3.0.0, =3.0.4 and more Source cves: CVE-2024-21485 Source advisory: OSV:GHSA-547X-748V-VP6P...

Dash Cross-Site Scripting Vulnerability

plotly Dash is a data application and dashboard for Python by plotly. Dash suffers from a cross-site scripting vulnerability. An attacker exploiting this vulnerability could steal data...

arbitragelab (>=0.9.1 <=1.0.0), covigator (=2.2.3) +42 more potentially affected by CVE-2024-21485 via dash (>=2.0.0 <=2.14.2)

dash PYPI version =2.0.0, =0.9.1, =0.0.8, =0.13.2, =1.2.1, =0.0.107, =0.5.3, =0.2.0, =1.0.0, =0.1.0, =0.7.3, =0.8.4 and more Source cves: CVE-2024-21485 Source advisory: SNYK:PYTHON-DASH-6226335...

@hbtgmbh/dmn-eval-js (>=1.4.0 <=1.5.0), @hbtgmbh/dmn-server (>=1.0.0 <=1.0.2) +33 more potentially affected by CVE-2021-23460 via min-dash (>=1.1.0 <=3.5.2)

min-dash NPM version =1.1.0, =1.4.0, =1.0.0, =0.16.0, =1.0.105, =1.0.0, =1.0.33, =1.0.1, =0.28.0, =0.1.0, =3.0.0, =1.0.0, =0.2.0, =0.11.0, =3.0.0, =4.0.0 and more Source cves: CVE-2021-23460 Source advisory: OSV:GHSA-2M53-83F3-562J...

entfrm-bpmn (>=8.6.2 <=8.6.6), entfrm-flowable-designer (>=1.0.0 <=1.2.6) +4 more potentially affected by CVE-2021-23460 via min-dash (=3.5.2)

min-dash NPM version =3.5.2 is affected by a known vulnerability. The following packages have a transitive dependency on min-dash and may be impacted: - entfrm-bpmn =8.6.2, =1.0.0, =2.2.0, =1.0.0, =1.1.3 Source cves: CVE-2021-23460 Source advisory: SNYK:JS-MINDASH-2340605...

Command injection

Linux Dash up to version v2 is vulnerable to multiple command injection vulnerabilities in the way module names are parsed and then executed resulting in code execution on the server, potentially as root...

CVE-2017-1000473

Linux Dash up to version v2 is vulnerable to multiple command injection vulnerabilities in the way module names are parsed and then executed resulting in code execution on the server, potentially as root...

CVE-2017-1000473

Linux Dash up to version v2 is vulnerable to multiple command injection vulnerabilities in the way module names are parsed and then executed resulting in code execution on the server, potentially as root...

CVE-2009-0854

Untrusted search path vulnerability in dash 0.5.4, when used as a login shell, allows local users to execute arbitrary code via a Trojan horse .profile file in the current working directory...